On Sunday, July 25th, 2021 at 6:53 PM, Simon Hobson <linux@???> wrote:
> Andreas Messer andi@??? wrote:
>

> > Once we had a crash in
> > simple limit switch device. As a result the high-rack robot pushed a
> > pallet in 15m height out of the rack. Fortunately, it was just another
> > robot which was destroyed (stood just below) - not a human being. Still
> > a very expensive case for the company. So I'm used implement a lot of
> > checks :-). (Actually we even don't use heap allocation after booting
> > the firmware)
>

> Back in the 90s I had an acquaintance that did a lot of consulting for sites with "management issues" and running "big iron". He got a jolly to see a site that was run by systems from that vendor - the very early days of warehouse automation. High bar warehousing, automated forklifts, with operators riding along to move boxes between pallet on the forks and pallet on the racks - it was a highly seasonal business, and in the run up to Christmas they be getting order in in all sorts of quantities, putting a small box on a pallet is highly inefficient so the need for manual handling to combine multiple shipments onto one pallet on the racks.
> Apparently the average stay before the operators quit from the stress was only 3 months !
> Then one day a forklift went wrong - fortunately with no operator on board. It accelerated in an uncontrolled manner until it crashed through the side of the building and fell over in the field next door - at which point, all the operators walked out !
>

> g4sra via Dng dng@??? wrote:
>

> > There is nothing stopping me for applying for systems programming work in Nuclear Power Stations, Air Traffic Control, Industrial Robotics, etc...
> Yes, but if you look a little deeper, in that sort of industry the programmers don't get to "just get on with it".
It doesn't read like you have been exposed to the same industry working practices I have, because that is exactly what happens until deadlines are not met.
> The higher the risk, the higher the degree of risk management.
And the personnel performing the risk management are of no greater standing that the personnel writing the software.
> By the time the programmer gets to write code, there's been a lot of safety based design - and when they've written the code, there's a lot of testing and assurance before it can go live.
No. There is 'testing and assurance' performed to the level agreed during the planning stage, planned by personnel of no greater standing...
> Of course, if you are Boeing and designing systems for aircraft - then it seems it's a different matter !
>

> Simon
>


Maybe things have changed in the last ten years without my knowledge since I fulfilled the role of Security Auditor without any formal certification, reporting to the Board of an International Telecommunications company, but I doubt it.

Put more simplistically
It does not how many spelling checks are put in place if the spelling checkers cannot spell.
or as I prefer
Monkeys checking the work of Monkeys designed by Monkeys is not going to guarantee quality, it is only going to guarantee the slinging of faeces.