On Friday, 3 October 2014 at 12:16:30 UTC, Jacob Carlborg wrote:
On 03/10/14 13:27, Kagamin wrote:
Do you interpret airplane safety right? As I understand,
airplanes are
safe exactly because they recover from assert failures and
continue
operation. Your suggestion is when seat 2A creaks, shut down
the whole airplane. In reality airplanes continue to operate
until there's zero physical resource to operate.
I have no idea of airplane works but I think Walter usual says
they have at least three backup systems. If one system fails,
shut it down and switch to the backup.
My point, and I think Kagamin's as well, is that the entire plane
is a system and the redundant internals are subsystems. They may
not share memory, but they are wired to the same sensors, servos,
displays, etc. Thus the point about shutting down the entire
plane as a result of a small failure is fair.
