Slashdot Mirror
Software Bug Causes Soyuz To Land Way Off
howhardcanitbetocrea writes "A mysterious software fault in the new guidance computer of the Soyuz TMA-1 spacecraft was the cause of the high-anxiety off-course landing over the weekend, according to NASA sources.' Which is why I will never trust the Strategic Defence Initiative - the star wars project. It only takes one line of mistyped code in what will always be a beta release."
ahhh... it's just too obvious!
Now we have frikken astronauts beating up on poor anonymous software developpers... quoth the article
Yeah... right... if I had a nickle for every time I heard an end user say something similar to that ("I swear I didn't touch anything... it just... crashed..." or "The files just... disappeared! Gone! Disappeared! I didn't do anything!") I'd have...well...a lot of nickles...
/me mumbles bittlerly and goes back into his development hole :P
Talk about your flaming articles
Its fine to discuss a bug in a new Russian guidance system...but to immediately jump into a hot political topic like the SDI star wars system and then vastly overgeneralize it with "It'll never work, because it relies on computers" shouldn't have any place in this story.
"Which is why I will never trust the Strategic Defence Initiative - the star wars project. It only takes one line of mistyped code in what will always be a beta release."
Well, let's hope it stays in beta. Real world testing would be a major bummer!
With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
You'd think that in such operations, where you only ever get one chance, they would have the most error free systems possible.
They do go to great lengths to remove the errors. In fact the Challenger investigation singled out the methods used for validating the shuttle's software as a model for the other parts of the program to follow in improving safety. Also, the article said that the backup system kicked in automatically and led to a safe, albeit off-target, landing. So in fact the overall system worked as expected.
And as for the "big mistakes", it's very easy to point fingers afterward and boil a problem down to a catch phrase. However, engineers aren't idiots; almost all accidents involving spacecraft are a result of a long string of seemingly innocuous miscommunications, coincidences, and bad luck. Consider the story of the Ariane 5, which was destroyed because of an overlooked feature in a piece of code reused from a smaller rocket. No software engineer can say that they haven't made a similar mistake.
Toronto-area transit rider? Rate your ride.
I hate to say this but Military Research has led to some of the biggest break throughs in our life time. Without the V1 and V2 rockets we wouldn't have had Saturn 5, Satelites, Velcro, Microwave ovens, High Strenght Materials, Computers, the Internet all can be traced back to military research.
It's actually a clever piece of work. Basically, software has to make calculations in order to provide a "soft" entry, 5 Gs approximately. If there is an error, the module goes into a ballistic entry mode, and it is more like 7-8 Gs, rougher but survivable.
On (nearly) every manned spacecraft ever flown, every system has a hot-backup that kicks in if the first one fails. The exceptions are systems for which it is basically impractical to have a backup-- can't really have redundant heat shields, as the weight is too much. But for electronics and software, this is standard. This story would have gone practically unnoticed if Soyuz had notified Star City that they were doing a "ballistic" entry, in which case they would have been located much sooner.
This landing showed that the Soyuz has a robust design; if Endeavour enters the atmosphere at the wrong angle, could it recover? What if the flight landing computer failed? NASA has a lot of these things covered; for many problems it is probably more robust than Soyuz, for others it is less robust. Soyuz has the advantage of much more flight experience; I doubt that it's a coincidence that this anomaly happened on a flight with a newly upgraded Soyuz.
Actually, they don't know if it was a software bug. At this point that is pure (though somewhat educated) speculation.
The only thing known for certain, is that the backup guidance system took over and landed the craft safely.
It is possible that pilot error caused the switch to backup, or mechanical failure, or a software design error, or a software bug.
They build them strong - snipped from an entry for soyuz 5 :
"Volynov remained behind for what was undoubtedly the most unbelievable re-entry ever survived. The PAO service module of the Soyuz failed to separate after retrofire. While this had occurred on various Vostok and Voskhod flights, and on one Mercury flight, it was a much more serious problem for Volynov, where the module was much larger than a small retropack. Furthermore, once it started reaching the tendrils of the atmosphere, the combined spacecraft sought the most aerodynamically stable position - nose forward, with the heavy descent module with its light metal entry hatch at the front, the less dense service module with its flared base to the back. Volynov at once appraised the situation and considered all possibilities and realised that there was nothing he could really do.
The spacecraft was re-entering air-lock forward and with every minute the G forces increased. Volynov did his duty with all of his strength but this became increasingly difficult since he was hanging in the straps of his seat with the G forces assailing him in the opposite direction from what planned. Soon a strong smell penetrated the cabin - the rubber gaskets of the hermetic seal of the hatch were burning. The hatch had a light covering of heat protective resins, but at the last moment these could not hold out and the vaporised into fumes that immediately spread throughout the cabin. Volynov could remain conscious for only a few seconds after this.
He remained alive when a miracle occurred - a miracle for which he could thank the designers who had included a strong titanium frame which helped the airlock hold out against the onslaught of the superheated plasma. The PAO service module finally separated from the SA re-entry vehicle. The capsule turned around to an aerodynamically stable position at hypersonic speed and the heat shield finally took the brunt of the heating as designed. The spacecraft continued on a 9 G ballistic trajectory. The damage to the capsule resulted in a failure of the soft-landing rockets. The landing was harder than usual and Volynov broke his teeth. The capsule was recovered 2 km SW of Kustani, far short of its aim point, on January 18, 1969 at 07:58 GMT. It would be seven years until Volynov flew again, on Soyuz 21. "
You are in a twisty maze of processor lines, all alike.
There is a lot of hype here.
Sigh...ok...here's how I know.
I've been a missile launch officer and worked on design of these systems while stationed at an agency that Hollywood seems to think is a bunch of hotshot secret agents performing martial arts moves Bruce Lee couldn't have perfected.
The 6 sigma (or whatever it is) analysis that goes into Space Shuttle stuff doesn't compare to the level of analysis/oversight for these types of systems.
Major weapons systems include, at least in the U.S. military, design elements commonly referred to as positive control and assurance. Well, similar terms depending on the weapons system.
These are to make sure the people/systems issuing a comand are the proper ones and also that what is commanded happens.
There are so many layers of hardware and procedure involving split knowledge, time-sensitive authorization, and configuration compliance that it is nigh impossible for any major system to be activated improperly or on a whim.
A LOT of thought and attention goes into these systems. Real Genius, War Games, Top Gun, Spies Like Us, etc. were fictional movies. Those don't represent the way things really are any more than Alias shows what the CIA and NSA are really like.
Sub-systems are tested for everything, just as they are for other major endeavors like a new car design.
There certainly comes a time of first use for any system. ALL our weapons systems are thoroughly tested before they're actually used. The missiles whose keys I controlled as a laungh officer were the same type that were test-launched from Vandenberg AFB a number of times. Had we ever launched one directly at some Soviet base to see if it would really work? No. Does that mean it wouldn't? No.
The basic premise that because something hasn't been done it is inherently impossible to predict what will happen just doesn't make sense. Every day the overwhelming majority of things you do have never happened before in the histoyr of human existance. (You've never put that pen to that piece of paper in exactly that manner, etc.)
Having said all of that, I agree that ICBMs and, to a lesser extent, SLBMs are not the most likely form of attack. A space-based system DOES, however, provide a focussed developmental environment for a huge number of technologies that would be very helpful for any kind of strategic interception.
Don't forget, the race to put a man on the moon didn't yield any direct economic profit (we're not selling lunar masonry products, for example) nor does basic research.
I think it would be unfair to single out the United States in the way you suggest. If Britain, Russia (USSR), France, Germany or Japan had possed nuclear weapons during the second world war do you think they would have hesitated to use them? We must remember that the human carnage in WWII was imense. Russia alone lost literally millions of people. Given that do you think they really would have cared about killing a few hundred thousand of the enemy's citizens? When Japan or Germany were facing their ultimate demise do you think that they would have hesitated to use a nuclear weapons if they had them?
Debating whether using the bomb was the right thing to do or not is fine. However I don't think that a case can be made that the US is somehow "worse" or "different" than anyone else for using nuclear weapons. Had any other nation possesed the bomb at that time I don't think they would have hesitated to use it.
Never disturb your enemy while he is busy making a mistake.
What you're talking about is component level testing. Unfortunately, all that testing doesn't substitute for a true "shakedown" integration test. Look up the AEGIS cruiser system (actually sort of a mini-SDI for a ship). On it's first full integration test, it failed to shoot down 6 out of 17 targets due to software errors. Now, make the integrated platform 2 orders of magnitude more complicated than that (and at least one order of magnitude more complicated than ANY software project attempted to date) and you can see why I'm skeptical of the chances of SDI working as advertised.
There is no trap so deadly as the trap you set for yourself
-Raymond Chandler, The Long Goodbye