12 Jul
2021
12 Jul
'21
7:42 a.m.
On Sun, Jul 11, 2021 at 03:04:53AM -0600, arnold(a)skeeve.com wrote:
Ralph Corderoy <ralph(a)inputplus.co.uk> wrote:
We should never be depending on a human being able to write "perfect
code". Instead, we need to come up with processes so that imperfect
code doesn't escape into production *despite* the fact that humans are
fallible. Such processes might include requiring unit tests,
integration tests, stress tests, etc., requiring code reivews by a
second pair of eyes, perhaps using formal proofs, having multiple
implementations of critical algorithms, cross-checking the results
from those independent implementations, and so on.
The space shuttle used a number of these techniques. It did *not*
depend on super-human, Über-programmers.
- Ted
Given some devices are present in large numbers
for many years in
hospitals, and there's a lot of hospitals, an unnoticed bug could be
steadily chipping away at its human overlords.
This is why I have purposely stayed away from jobs at companies doing
stuff like this. I know I don't write perfect code; I don't want to
be responsible for devices that can affect human life. This is also
discussed in the new edition of "The Pragmatic Programmer", which I've
just finished reading. (Highly recommended.)