Slashdot Mirror
When Bad Software Can Kill
bhoman writes "A wrist computer that tracks and calculates safe diving times and
limits for SCUBA divers had a dangerous software bug that may have been covered
up by company executives.
This SF Chronicle Article
details the problem, product, company, and some of the lawsuits.
According to the Chron article, company execs tried to cover up and
deny the problem for years, but their
official website
makes it look like they did a voluntary recall."
And it has extensive safety measures built into it to prevent insulin over delivery. Obviously, when you put your life in the hands of a machine, you want to make sure it works, and that when it doesn't, you're notified. If a company is guilty of covering up a problem like this, I hope they get sued out of existence and the people guilty spend some time in jail.
Fortunately, there are still (I hope) some companies out there that are honest and worry about the safety of their users, particularly in life-critical applications.
What a slimy guy though, to prevent any notice of the fault from getting out, and firing managers for trying to get the word out! Man. Makes me angry. *Fumes*
There are two major diving computer companies with "original" systems-- UWATEC and SUUNTO. Uwatec (named in the suit) has been known for less conservative systems; they let a diver stay down longer.
This is attractive to people who do decompression diving, because it means that they don't have to hang out shivering at 5-10m with nothing to see as long at the end of the dive.
Suunto takes a different approach, has a more conservative model, and makes it easier to force your computer to be more conservative still. Most divers don't use that function, because it is contrary to their desire to have maximum bottom time.
Proper diving procedures recommend using two different computers, and always relying on the more conservative unit for your decompression limits. (Assuming that you are doing a computer-only dive and not a table dive.) When your life is at stake, you have to assume that equipment has problems, and act accordingly.
I had a friend in the US who underwent LASIK surgery. He told me that his wife, who was computer-savvy, and was watching him being operated on, saw a Win95 box dedicated to controlling the laser and the mount's stepper motors, and that the operator was repeatedly hitting ENTER to make that recurring message box with a red X disappear. She got worried but the surgery was already under way, so she didn't say anything.
...
Fortunately, his LASIK succeeded. Later on however, he went back to the hospital and asked about the operator's behaviour : the response was "well, we were worried at first, but that error message comes back every five minutes and the machine always works anyway".
Scary
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
I bet these execs thought "dead divers can't sue", so why bother.
On the issue of punishing companies for unsafe practices like this, sometimes it's 50/50. Depends how much sway they have. I'm not anti-capitalist über-left cynical jaded moron, but after reading Fast Food Nation recently, I don't have a whole lot of faith in the government's ability to control this kind of activity on a large scale. The government used to have a lot more power over companies since Theodore Roosevelt's time, but the book seems to point the finger at the Reagon era for the change.
Anyway, it wouldn't have been bad PR to admit a mistake, hell it's only human to make mistakes, even when something is as serious as this. The problem shouldn't have been there at all, but it was caught before anyone was hurt, so they should have just apologised and fixed it. Cover-ups make me sick.
Yup...
This is slashdot... you have to be an anti-capitalist über-left cynical jaded moron to be here.
Everybody who has an university CS degree will agree with me that much time and effort is spend to encourage students to produce nice and correct programs. However this strategy is a failure so far. Again and again bugs, errors and other problems turn up more often these days in spite of the increased educational efforts.
This is because the CS community failed to accept the core of the problem: error in programs are a mathematical problem which must be attacked by mathematical methods. All modern approaches to correct code are indeed management orientated - take programming by contract, extreme programming etc.
But what does it mean that a program fails to execute correctly ?
It means that mapping induced by the program in the trajectory space doesn't agree with mapping induced by the specification. And that is a purely mathematical problem, ladies and gentlemen. The question if two mapping coincide is a basic mathematical question (the equivalence problem) which even dates back to Euclid and Platon.
So instead of throwing more and more management rubbish at poor CS graduates, people should analyze the mathematical structure of the problem and find there the answers they seek.
I think that it's very sad that CS people still ignore this issue and stick to their old established ways. Sometimes I believe this is not motivated by scientific arguments but a rather psychological inferiority complex: as mathematician have the reputation to be smart while CS people only count as code nerds, computer scientists tend to despise most mathematical approaches as "too academic" or "imfeasible".
Owner of a Mensa membership card.
I have dealth with Healthcare Software for Pharmacy and Lab systems where a delay or missed processing of an order can be fatal to a patient. One thing I found before leaving that industry was that there was a massive migration of these systems from reliable-high uptime servers (VMS, Unix, Mainframe) to Windows client server enviroment. If you think that the Klez virus is bad in a regular office, try working in an enviroment where it brings down a server critical to patient care.
Exposure is a good fictional title about a certain floating-point bug in a mainstream CPU by a popular fictional chip maker. Doesn't matter if the software is perfect if the hardware isn't.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
Parent is a GOATSE.CX link. 'nuff said.
I've always wondered why the Engineers had to sit through the ethics lectures, and the Comp Sci people didn't. In this day and age, we are relying on automated systems and programs enough so that the people making them should be aware of the consequences of failure.
Until one of the software packages that controls the new-ish electronic traction, suspension and stabilization systems bugs out killing a family of 6 in their SUV.
The sad part is that for an error like this, multiple people will have to die or risk death before anyone will clue into what the error could be.
tiny little blue screens of death!
Of course they died, because they were missing the single most important piece of dive safety equipment: A hyperintelligent dolphin with miraculous capabilities of interspecies communication.
Flipper: Ennnhhhhhh! Ennnhhhhhh! (backs up)
Diver: What's that Flipper? There's a software bug in my wrist diving computer that could lead to my grisly death?
Flipper: Ennnhhhhhh! Ennnhhhhhh! (backs up)
Diver: Well thank God you told me! Otherwise I never would have known!
Flipper: Ennnhhhhhh! Ennnhhhhhh! (back up)
Diver: What? There's a Russian sub off the coast?
In short, never go diving without your near-omniscient dolphin.
Lawrence Person (lawrencepersonh@gmailh.com (remove all "h"s to mail)
http://www.lawrenceperson.com/
I have not heard of any fatal problems but a S. Korean Official was locked into his car for 3 hours before finaly smashing the window to get out when the computer crashed .
I am the Alpha and the Omega-3
Even a voluntary recall is not good enough. I'm sure not every scuba diver reads the San Francisco Chronicle to get this information. Money should be spent advertising the recall if there is no better way to get the word out.
When I dive, I plan with a conservative dive table. Why risk your life just so you can stay underwater for another few minutes?
Corporations, by their very nature, don't care about their customers. All they care about is profits. Granted, some people within coporations may care about customers, but they have to follow the corporate rules.
Leeman and Ruchti (the founders of the company) ought to be thrown in jail for a long time and the company liquidated. All proceeds should be given to those harmed by their actions. I don't care that the current owners "didn't know" about the problems. It should serve as an incentive for future people/corporations that you will be held responsible for what your company does.
But why is the rum gone?
I would have to say that the above is the best argument I have ever seen for open source software. If your life is on the line, if you may be damaged by software, then that software sourcecode should be forced to be open source. At the very least it would prevent weasly scumbags from thinking they could cover up their misdeeds, at best it might insure that companies would try and get the product right when peoples lives are at stake.
ok, I work at a dive shop in Toronto Canada, I am a certified rescue diver. No diver should _EVER_ rely strictly upon a dive computer, they should always have a backup depth and pressure gauge. Not only that but they should plan their dive using Naui or padi (or similar) dive tables and follow their plan. If at that point their computer thinks they can stay longer.. thats good but follow your plan anyway, better safe than sorry! The point is, get trained properly, and use ur brain not a computer to do the thinking.
Don't forget about these little modules, that *most* of us in society today bet our safety on, putting our very lives in the hands of the developers. So many people just dont even realize they are there, or what they are doing.. zero clue..
Even if you drive an old vehicle that doesn't have these things, the guy next to you, or behind, in that huge SUV you probably does.
Airplanes too, its bad for one to fall out of the sky due to bad code...
---- Booth was a patriot ----
Fuckin' dolphins - think they're it cos they can breathe underwater and go 'Ennnhhhhhh!'
Pfffffft......
I took Lassie diving once - did she help out? Did she hell....
why waste my time... im passin engrish!
If i understand you correctly, I believe there are people, institutions working on this. Do a search for "abstract state machine" Should return a few links like...
http://research.microsoft.com/fse/asml/
http://www.eecs.umich.edu/gasm/
I imagine they teach all CS undergraduates about the THERAC-25, and how simple safety measures like hardware interlocks are much, much more reliable than software...
In this case, couldn't you check dive times against a book or something to make sure you're not completely off the mark?... what about something to measure nitrogen levels? Anything so you're not relying purely on software... (or, as someone has already suggested, you could use two completely different pieces of software).
He's not insightful, he's wrong. Ethics lectures are mandatory in Comp Sci.
I don't dive much, but I still have my padi dive table.
h tm l
"For flying up to 8,000 feet after diving: Less then one hour TBT (Total bottom time) , wait 4 hours; less then 4 hours TBT, wait 12 hours." *PADI tive tables (C) 1983
[where TBT = RNT Residual nitrogen time) + Actual Bottom time ]
I dont have my padi manual onhand to estimate how long the folks were down as my table doesn't cover flight, only covers up to 24hours reccomended desaturation time, and doesn't cover this Nitrox stuff.
http://www.stud.ntnu.no/~playboy/diving/diving.
My old PADI book wouldn't cover Nitrox either, so if I were to use it, I would have no choice but to accept their information as fact, or buy new tables.
There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
Six or seven years ago, I worked with a fellow with the very British
name of Ken Appleby. He had a Spitfire, I had my '74 B, and we used
to motor out to Pickwick's Pub and throw darts after work on occasion.
Ken used to work for Lucas in the UK, specifically for a division
of Lucas that did military electronics. My favorite of his stories
was about the time he had been working on a computer-controlled
torpedo. It used magnetic core memory to store the programs, which
had the advantage of being very non-volatile as well as not susceptible
to EMP discharge.
So Ken got to ride on the boat for the first test of the torpedo that
used the computer with his program in it. Somewhere out in the North
Sea, on an R. N. cutter, Ken and his crew launched the first ever run
of this new weapon, and Ken learned a new respect for debugging...
The program was supposed to make the torpedo shoot off the boat, dive
to a depth at which it couldn't be easily detected, then circle
toward the target, climb to striking depth, and hit the target. There
were on-board sensors to detect sea level, and the torpedo was supposed
to travel at a preset distance below sea level, with constant feedback
keeping it on track.
Somehow, somewhere, Ken had multiplied one of the 3D coordinates by
a negative number, and this error soon propagated through the
transformation matrix (the mathematical construct that models 3D
space), with predictable results.
Within instants of hitting the water, the torpedo -- instead of
sinking out of visible range -- blasted up and out from the water in
a great silver fountain, then continued skipping across the surface of
the blue like some sort of deranged wingless flying fish. Worse yet,
instead of circling toward the target, it circled all right, but began
to return to the ship that launched it. Fortunately it was not armed,
but they still detonated the self-destruct on it rather than let it
slice through their ship at 50 knots or whatever rate it travelled.
Because of the non-volatile core memory, Ken was able to debug the
program from what the Royal Navy frogmen could recover from it, and
he fixed the problem for Rev 2.0.
But I must admit that the image of the torpedo, splashing happily
above the surface of the water like an aroused porpoise, is one that
returns to me in idle moments such this. What else would a Lucas
torpedo do but try to fly?
They also by their own admitance did their deeper dive later. This also is quite contrary to all of the PADI stuff that I have been taught.
For anyone who doesn't know-- taking the deeper dive second tends to help you get the bends faster (it is similar to the reasons you always start off the night drinking the drink with the highest alcohol content).
There is also some recommendation about not doing more than 3 dives in one day without at least a 1 hour surface interval.
I have been using a Suuanto Stinger for about a year (this is the same one that the British Navy divers use). It has never let me down. But, I also never push it to the limits, nor have I ever done more than three dives in one 24-hour period.
-CPM
---You're all I need, When the water runs deep, You're all I need, Now I cry my soul to sleep -- Collective Soul, Needs
At Slashdot you have to be an anti-capitalist über-left cynical jaded moron to be here.
I had a scuba instructor for my first certification, Di Dieter, who had experience diving with Coustou (hope I spelled that right), he also dove the Andrea Doria on several occasions, and basically has been around. I'm sure he's had thousands of dives, perhaps approching or even exceeding the ten thousand mark, under his belt (close to forty years of diving, multiple daily dives, several hundred dives a year, including a grueling dive schedule with Coustou, and he's a dive instructor). He's a no-nonsense guy with a good dose of common sense, and has little patience with screwups.
He did it right. He taught us to dive the navy dive tables, one up, one over, plus a safety margin. This was when the recreational tables had just come out. My friend and I dove for some years after that, and never had a problem. At that time, dive computers were out for a few years, and all the dive shops, through their "train with really expensive gear so you buy it" training programs had all their students diving with computers throughout their training.
Di Dieter did it right. He trained us with the old fashioned, and RELIABLE mechanical guages, waterproof clocks/watches, and tables on waterproof material. No computers.
While computers can extend dive times because you don't spend all your time at maximum depth, you also increase risk in doing so. Whether you decide to use the dive computers or not, you should ALSO have the mechanical pressure and depth guages, and manually calculate your dives.
Solely relying on a computer for diving is sheer stupidity and absolutely reckless. The minimal increase in bottom time is not worth the risk of an embolism, or the bends, which can be a debilitating condition for the rest of your life, or even fatal.
Do it right. Manually calculate your dive, and rely on your brain, not a computer, to stay safe and not risk your life. Bring that fancy computer with you if you want, but don't trust it over basic guages.
And Di, if you're reading this, this is the dude with the 43 lbs of lead on his weight belt! Hope you're still diving. And enjoying life. Peace.
Attacked by mathematical methods?! I've just spent another 4 hours revising Z, a horribly evil formal language designed to almost exactly the system you propose. Unfortunately, it doesn't work, at least not for the vast majority of software programmed.
I don't know about most other CS students, but the reason I despise mathematical formal proofs in computer is because they are infeasible, and, frankly, you're more likely to make a mistake with the math then you are with the code, once the project gets big enough.
Have you ever used formal methods such as Z to prove your software? Believe me, it's not something you'd do willingly. The only possible uses for mathematically proved software is with simple, but important code, like in an ATM, for example. Anything larger and it all falls apart.
My point is that mathematical methods aren't the answer. Even my lecturer on this subject, who co-wrote the language, would use such techniques on a large software project. You'd have to be insane.
If you're interested in the hazards of software in the real world check out the risks forum.
They take submissions from people about faults and errors in software (and related meatware) that put lives at risk.A weekly digest can be found here.
It's a good read, especially browsing through the archives. eg:
"A woman drowned during a flood when the elevator she was riding in incorrectly sensed a fire alarm and went to the ground floor which was underwater."
"Three people killed when a computer glitch caused a 16-inch pipeline to rupture, dumping 237,000 gallons of petrol."
and so on. Makes you a little paranoid. Now I know why indemnity insurance is so high these days.
You are in a twisty maze of processor lines, all alike.
There is a lot of hype here.
No sir, I don't like it.
Too much corn.
Airplanes too, its bad for one to fall out of the sky due to bad code...
Uuuuuuuh, may be 11.09 was a bug??????;o)...........
1. No sig. 2. ???? 3. Profit!!!
Go on, enlighten some of us.
Someone mod the parent up, this is a very good point.
However, there is a lot of code in these types of critical systems that the companies are going to want to keep that way (competitive advantage etc.).
Could you force them to open up only the safety critical code?
This has happened in the past:
T he rac_1.html
Search Google for the Therac_25.
A series of interlocking problems in software and hardware damaged and outright killed one patient.
http://courses.cs.vt.edu/~cs3604/lib/Therac_25/
where the diver gets a blue screen on one of those :-p
The war with islam is a war on the beast
The war on terror is a war for peace
Upon further reflection, I've changed my mind. Actually, it's a good idea to bring a dive computer with you. So if you take a bends hit, you can blame the computer and sue the company.
Should have thought of that before!
and pussies!
Dolphins can't breathe underwater, they're mammals. They can just hold their breath for a very long time, like whales.
Sigs are like bumper stickers.
Even if they were pros, the injured divers made a rookie mistake.
Diving is really, really wonderful and very safe if you follow proper security measures. But like in many other activities there are always some risks involved, and it is YOUR responsabiliy to do all you can to minimize this risks.
You never trust your computer alone, you always doble check with the tables, and you memorize the tables, just in case. Ok, calculations with Nitrox are more difficult than with air, but anyway after a while you should develop some mental aproximations to right values based on experience.
I mean, I would never accept a "5 hours to fly safely" time, after 3 dives in a row (RTFA). No matter what computer says it, I'll relax in the sun for at least 12 hours before even getting close to an airport.
On the other hand, Uwatec executives should be impaled on air tanks, and dragged to Bonaire, Cozumel, or any other location full of divers year round, where we can take turns torturing them for years before killing them and feeding their corpses to the sharks.
There were just less than 400 defective computers, this could have been solved quite easily.
http://ask.slashdot.org/article.pl?sid=02/10/26/22 23230&mode=thread
When Software Attacks, Next On FOX!
Did they have to buy the Microsoft diving watch?
Or was it what ever one else was wearing?
PADI covers "Enhanced Air" diving in yet another certification. That's why it isn't in the regular book. You may also pay for such gems of certification as "boat diver", "deep diver" and my personal favorite "altitude diver".
Put Another Dollar In training indeed.
Well I think that when the managers first raised the issue that there was a problem with the device it could have been checked and verified by a neutral party. Instead the company just said they were making up stories to drag the company down after they were fired...
If the problem could have been proven to exist then the company may have been forced to recall the product earlier, and less people would have needed to have their lives put at risk.
-- Pete.
Monochrome - Probably the UK's largest internet BBS
some of these bugs.
Anybody who relies on a dive computer to avoid the bends is just asking for trouble. Dive computers are useful as an additional safety measure, but you should always calculate your dive profiles by hand. "Closely spaced dives" are particularly problematic and should either be avoided entirely, or you should include a big extra safety margin. Unless this guy did all that and kept meticulous dive logs, I think his lawsuit has no merit, even if the computer was completely broken.
Dive tables and dive computers are rough guides, but there are far too many variables to be able to make any guarantees.
Beyond that, "the bends" may cause all sort of really unpleasant permanent injuries, but, while they can be fatal, that is fairly unusual.
Almost any piece of code could be safety critical. Bad UI could mislead people. Low-level sensor and chipset interface code could cause critical bugs by omission, if it failed to work around some stupid hardware bug. Every line of arithmetic would need to be checked for overflows and roundoff errors. Then you'd need to open-source the requirements and the design documents, because verification is not the same thing as validation. Seems unlikely that limited disclosure would make a big difference.
How many people a beowulf cluster of these can kill!
Steve's Computer Service, Hobbs, NM
Companies are out to make money.
Take the expected number of products that customers have that will fail and harm/kill someone, then multiply that by the average settlement. You end up with what your company can expect to pay from all the court cases from people dying with whatever product a company sells.
If this is cheaper than doing a recall, the company won't do a recall. Even when the company knows people will die from their shitty products
That's what Fight Club says, though I think most companies these days will do a recall anyway, in an effort to avoid bad PR as well.
Ford/Firestone didn't do too well by not doing a recall for a long time. Yeah, they might have expected to lose less money by not doing a recall, but the massive amout of bad PR that came around (people started noticing they were more likely to die on the things) ended up doing a lot worse damage to the bottom line than a recall.
I learned from the RIAA and the MPAA, that any one who codes has no ethics. So you see your lectures would be useless.
I would love to find some attribution to this, I believe I remember reading it in Computerworld in the mid-'80s:
A manufacturer of particle accelerators for treating cancers had a unit, that due to a software bug, would occasionally blow a fuse. It wasn't considered important enough to track down, since you could just reset the machine, and it'd be fine.
Until they upgraded the equipment for a higher power unit, with the same software. The radiation dose killed a patient.
This came up originally under the subject of software malpractice.
Design for Use, not Construction!
Anybody remember ther Therac 25? It was a medical radiation machine, and killed a handful of people, due to a firmware bug...
Therac 25 Investigation
ToaterBoy
An OPEN mind is a beautiful thing...
Welll duuuuh
do a google search for it......Lots of information out about it
_ 25/The rac_1.html
heres one link i found super fast
http://courses.cs.vt.edu/~cs3604/lib/Therac
Lawyers, MBA's, RIAA? A jedi fears not these things!
When a lawsuit comes up, I file for the escrowed copy to be given to my lawyer under an NDA where upon they can have it examined by experts in the field of computer science and diving. The first person who figured out that the software might have had a bug, might have figured all this out.
That's a more viable solution to corporate nature. The only problem is that the process of escrowing it, means they are afraid a bug might exist, which creates an image problem. So it's not likely to happen, but more likely then open sourcing the software.
Having it as Open Source would have meant the bug could have been announced in public anonymously, and verified by people in the public. This is exactly the same as security via obscurity in encryption. You want security, not security by obscurity. It's mearly a matter of time until the obscurity becomes clear, and your data is now in the clear.
The problem here is that everyone who knew, was liable for a lawsuit for defamation and would have to defend themselves in a court of law. That's not very cheap. Putting out an e-mail, on a mailing lists, or thru the popular channels that divers use (magazines, flyers at the shops), would have been easy had the software been available to the public for examination.
I like open source and think it's great for the great software I get for essentially free. For specific applications however, the peer review and transparency are a wonderful thing. They can easily be accomplished without the GPL, or BSD licenses. Open source isn't a magic bullet, but I'll bet the manager resigning and announcing to the public that someone should peer review the software for a specific flaw, would have saved a lot of pain and suffering.
I'll bet word of a specific flaw that is provable by experts, that could explained to the divers so they can understand:
"The computer assumes when you come up for air, you are breathing the enriched oxygen, if you aren't the computer is wrong!"
I don't know dick about diving, but even I know about the bends and how bad it is, and what it does to you, and I'd understand the problem if somebody told me the above. I bet news like that would travel fast in diving circles. It might ruin the corporation, but it'd save lifes.
Open source isn't a magic bullet, but some transparency would have mitigated the number of people put at risk.
Kirby
Read the story. The company denied there was a flaw. Were the code open, a third party without financial interest could be brought in to audit said code and say without a doubt that there was a flaw and that the code was unsafe.
Marxism is the opiate of dumbasses
My class project was specifying an X11 window manager in Z.
Z has it's place (and Lotos, which the class also covered), but I don't think it applies to general purpose programming.
Assuming that you have the tech to check if your program matches the spec, and the spec is somewhat consistent, you still don't know if your spec matches what you want - so you're back to the original problem but in a slightly different language.
I have, however, been quite impressed with what the compiler group at stanford has done. The system is not 100% perfect (e.g. false positives), but it's detected a lot of real errors in real software (linux and bsd kernels) without too much noise.
As for run-time checking, I'm particularly impressed with valgrind. Whenever I suspect that a C/C++ program is breaking because I did something stupid, I use valgrind to find the fault.
That said, I think using safer programming languages, with GC and either dynamic or static typed (per your religion) would greatly improve the quality of software.
makes me glad that i'm being cheap right now and still using dive tables and analog gauges...
Corporations covering up stuff like this?
I guess this gives new meaning to the cliche "How low can they be?"
Vonal Declosion
Comment removed based on user account deletion
I drive a 1970 MGB so I know all about Lucas electrics. Now you're telling me they did weapons too?!? Oh, good grief!
In my experience, it is seldom the engineers who make the ethic calls. (Sure, about code reuse, etc...) In the engineers in this article actually did raise objections, but weren't listened to.
The simple truth is that management will decide what type of product is shipped. Great engineers with shitty management still equals trouble,
We read a lengthy paper on this in a software engineering course. This equipment was responsible for delivering massive radiation doses and killing quite a few people. The biggest mistake that they made was removing the hardware interlocks and relying soley on software.
Operators that reported malfunctions would just keep hitting keys when the machine seemed to malfunction and were reported to say "it always does this" when an error message would appear.
I'd suggest that anyone interested in how not to engineer software for life critical applications read the (quite lengthy) paper.
Commercial source escrow should be mandatory. Some sort of oversite agency would ensure compliance and safety of the source. The agency database of source code would be encrypted and released to the public every year. They keys would be released after 75 years or after copyright has expired. Or when something like this happens.
When a software bug can kill, you've got to test, test, test, test, test, test, test, ....
Unfortunately my boss just want's it out the door! Lol, I guess when he's out of a job (me included), I can look back and say I told you so! (Not a good concilation prize by any stretch.)
Bug or no bug, pushing the limits when you dive can get bent... dive computers operate by constantly measuring your depth and time to tell you what ammount of nitrogen your body has absorbed. They are doing a calculation based on some research or formula that says at this depth and time 99.99% of people don't get bent. There is no way for the computer to know that you're 55 years old and have poor circulation or that you're seriously dehydrated because you were drinking the night before the dive.
Over the last few years, diving equiptment has become much more reliable and diver training standards have been seriouly reduced. People don't take seriously the consequences of diving deep for long periods of time. The guy in the article dismissed the diving he was doing by calling it 'baby-diving'... there is no such thing.
A few years ago, a buddy of mine and I were doing some deep diving (on Suunto Vypers). We were right at the limits of our computers (in fact mine kicked over into decompression mode). We both did the same basic dive profile, she got type II dcs (bad neurological symptoms) and I was perfectly fine. Fortunately we were able to get her to a recompression chamber and her symptoms were sucessfully treated, but it was very dicey for a while...
Anyways, my point is that bug or no bug in the software, you need to be responsible and understand the fundamentals behind diving, not just trust the number that the computer tells you.
-Dan
In my experience as a diver for the last 15 years, I have seen many divers who rely on dive computer technology to get closer to the edge and get more bottom time, longer dives, deeper dives, etc. The original "paper" dive tables were based on the experience and testing by U.S Navy diver's and are VERY conservative. The advent of widespread use of dive tables for recreational diving resulted in diving being a lot safer. The advent of computerized tables has promoted a false sense of security to the diver (kind of like having a radar detector in car - you might avoid more tickets, but you may speed more also) - I myself have dove profiles I would never have attempted based on the dive tables but the computer "said" it was OK so we did it. Here is a story about a dive computer specifically designed to be used with mixed gas diving (nitrox) adding yet another element of risk over regular diving. I think that dive computers should come with a waiver that says "if you trust you life to this device you do so at your own risk". Based on what the story said I would never have gone flying so soon after diving using regular dive tables - they threw the dice and lost, and now they want to pretend that what they were doing was risk free and the dive computer caused all the problems - Its nice that the dive computer maker is recalling the units to make them more conservative. Too bad those divers didn't buy the "common sense" computer too.
This kind of story makes you want to stick your head in the sand and not buy any critical applications from corporations...Unfortunately, for some "leaders of industry," protecting image is more important than the safety of the users. Users are expendable; image is not.
So you're saying you're not going to ever drive a car again?
Computer applications aren't the only life-critical products we depend on. You put your life in the hands of corporations every minute of the day. How are you going to make sure your house is structurally sound? Buy open-source lumber and build it yourself? Are you going to keep eating food which has been prepared by corporations?
But as you, the Pinto history and others point out, corporations will only care about the lives of their consumers to the point at which it becomes economically favorable to do so. If it's cheaper to settle 10 probable death cases than issue a recall for the faulty product, they settle. The value of human life doesn't factor in. Today's cars only sell themselves on safety because it has become economical to do so, i.e., consumers value safety and demand it from their products.
This is why we need government oversight. I'll tell you what makes me want to put my head in the sand: how we are not funding the oversight agencies enough to do their job. We just passed two tremendous tax cuts in three years; I don't know where the cuts are going, but I feel like people take safe food and transportation for granted around here. I hope at least the sand is clean.
All that mathematical methods allow you to do is prove that code satisfies a specification. Unfortunately, in most application domains, generating a rigorous specification is not significantly easier or less error-prone than just writing code.
I think it's very sad when CS people fail to notice this obvious fact.
Even my lecturer on this subject, who co-wrote the language, would use such techniques on a large software project.
Um, I mean: wouldn't use such techniques on a large software project.
Also as a certified diver (1994) I know that tissue nitrogen saturation is highly dependent on the individual and a multitude of complex factors. There are tables for very general estimations, which have to be very conservative to be useful at all to a diverse group of individuals diving in a variety of circumstances.
Dive computers allow the use of less conservative "tables" by applying the algorithms to sensor data. By applying actual depth/time/gas data to the algorithmic tables a diver can dive more agressive profiles, and also have the convenience of having the calculations automated in real time.
The 'no flying within 12 hours' and similar rules are simple conservative safeguards, and don't assume much at all about dive profiles. Also, it's not just a rule against flying, driving home via a route that elevates you a few thousand feet above your dive elevation can result in the same effects. (I live and dive at sea level, but I can't drive more than a few miles in any direction without significantly increasing my elevation.)
The alleged problem with the computer in question (if I understood the story correctly) is that the program assumed the diver continued breathing nitrox while surfaced between dives. That's a considerable problem, since it provides incorrect data. Even worse, it's an anti-conservative error.
Nitrox diving is an inherently more agressive attempt to increase dive profile limits. I am not personally a nitrox diver, but I understand the principles. I certainly don't want my computer to base it's calculations on an air mixture I'm not breathing between dives.
There is no rational excuse for knowingly allowing such an error to go unreported or fixed.
In australia , we've got an animal that is just as intelligent as that dolphin. He's called "skippy" (the bush kangaroo)
Skippy can use radios, crack safes, mow down bad guys with machine guns..
Yes, it is bad that this computer has a bug that can result in over-saturation of Nitrogen. But anyone who relies on their dive computer ONLY, and doesn't do a hand table, when 'diving aggressivly' is being a fool. Would you drive straight into a building becuase your GPS says it should be a road and you are just too stubborn in your reliance on computers to believe your eyes?
Dive computers are a convenience, but they shouldn't be a replacement for using your brain and planning safe dives.
One person in this thread mentioned the safties in their insulin pump. I'm willing to bet that they still own a glucose tester and a few spare syringes, because they aren't going to put their lives in the hands of one piece of hardware.
-Chris
-- This sig is only a test. If this were a real sig it would say something witty. --
Yes companies should be responsible.
But these divers were being stupid.
I'm a novice diver, but the concepts are not hard to understand:
You don't fucking dive within 24 hours of taking an airplane ride.
You don't push the limits of your gear. Computers ESTIMATE the nitrogen in your blood; every person's metabolism is different, the exact same conditions can kill one person and have no effect on another.
DIVE TABLES. Many divers still use dive tables.. sure, your computer is great.. but you USE your dive tables, plan your dive, know roughly what you are going to do.
These guys pushed it, with dangerous consequences. Is the computer company at fault? Partly. But let's not forget these guys were doing unsafe stuff in the first place. The dive computer is a tool, not a God.
The article mentions "Nitrox lets you go where you can't normally go". That's BS. Nitrox is used so you can stay down LONGER, usually on shallower dives. This is compounded because Nitrox has a higher than normal oxygen content, and oxygen becomes toxic under pressure... so the depth of a nitrox dive is limited.
American company was it?
Narcosis has nothing to do with dive tables... only with depth. The rough figure is 30 meters... I think narcosis at 20 meters is rare if not impossible. All you have to do if you experience narcosis is ascend to a depth where you realize that fish can breathe water, and you can't.
When you learn to dive, you usualy do a deep dive to a) show you what depth you start to experience narcosis and b) learn what it feels like, so you can recognize it when you are diving.
O2 enriched air == enriched air == nitrox == reduced nitrogen air (effectively).
The feature divers like is the reduced nitrogen, not the increased O2. You don't "breathe slower" or anyhting because of the extra O2.
So when a diver is at the surface, they generally breathe real air, not tank air, (to conserve tank air, and because it's more relaxing/takes less effort). This air counts towards your nitrogen level... if it is assumed you are still breathing nitrox between dives, the numbers will come out wrong, the error getting more severe the longer you are out. (Dive computers aern't used just for one dive, they are continuous... telling you when you can dive safely again, and for how long, at what depth, etc)
Current diving training STILL trains you to use tables, not computers. They specifically tell you that computers are a nice tool, and very useful, but that you MUST know how to do things the normal way. That means: Watch, pressure guage, and dive tables. Pencil & Slate.
What these divers did was NOT indicative of how diving schools train nowadays by any means.. they pushed it, doing many things that dive schools make a BIG point of discouraging.
It sounds to me like the market for these computers was agressive divers...people who were trying to push the limits of safe dive times. That means the company should have been even more vigilant of there calcuation methodology, especially considering the price those computers went for.
And as far as fly time, NAUI recommends 24 hours wait time after a dive before flying...extremely conservative, but one again I prefer to be safe (especially since it's a hobby!).
"We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
I'm an avid scuba diver, but I have never been keen on using the dive computer for this very reason; rather I go for the manual method even though you supposedly cut your dive time down.
Having worked in software for many years, I have yet to see a perfect program, and I have never wanted to trust my life and/or health to the programming and testing skills of someone else.
It makes a Patriot missile battery not recognize you as friendly.
"Much work is lost, for the lack of a little more." -Edward H. Harriman
You can escrow the source without making it available. I can't see how your example makes a point for open source.
Don't forget that, for years, the PADI dive tables were Navy Dive Tables. For a very good history of dive tables, click here. Dive tables are based on the same theories and technology as dive computers. The biggest difference is that they are more prone to human error than are dive computers.
It's great to say "plan your dive and dive your plan", but people are fallible. Your buddy may go a little deeper than he/she intended. You may, because of narcosis, get confused about the maximum time or depth. You or they might have problems that slightly delay your ascent. If you plan to go to 90 feet and you drop a video camera to the bottom at 110, unless you're Bill Gates, you're probably going to go get the camera and cut the dive short. So much for the plan. (I've been a diver for over fifteen years. I've seen everything from divers getting entangled in wrecks to outright equipment failures. Don't reply with some macho explanation of how you can foresee and prevent every error. You can't and if you believe that you can, then you need to stop diving until your ego and testosterone stop affecting your reasoning.)
My buddy and I each bought dive computers at the same time. I made it a point to choose dive computers from different manufacturers so that a sofware flaw in one would not put us at undue risk. We stick close together and always use the more conservative of the two computer readings. Had one of us had a UWATEC computer, we would have noticed the problem immediately when comparing the two computers.
... is what they hammer on in the courses, for good reason: simply put, you can die or be a cripple for life if you screw up. (My course? NAUI in 1976, taught by a Coast Guardsman at Alameda Naval Air Station. No wussy computers then.)
The main benefit of computers is that they simplify the task of figuring safe repetitive dives. In theory they can also give a more accurate plan based on accumulated nitrogen load, and thus allow more bottom time than a strict tables dive. Some computers even include a planning function which provides a simulation of a dive profile, based on its calculated estimate of your N2 load from prior recent dives.
But... the computers can fail. Think about it: you're relying on a relatively low-cost piece of electronic hardware, immersed in saltwater under pressure. There's lots of direct and indirect failure modes... not only could its seal or battery fail, it could be knocked loose, bitten by something etc.
And don't forget user error: if it's like most gizmos you could have forgotten to push the button to start it. Or, worse, you pushed it at depth and so the reading is too shallow.
God forbid it should have a software error like the early Aladdin evidently did.
To protect yourself, prior to your dive you should already have figured out your basic safe dive profile and bottom time given your nitrogen load. Manual tools like the PADI Wheel are used to do this. Then, you have: a watch, a backup gauge, and a buddy (who functions as a redundant set of gear.)
Once you're in the water your plan, your mechanical depth gauge, your watch and your buddy are your friends: they will save your ass (or at least your dive) if that fancy gizmo on your wrist decides to go tits-up at depth.
Yes, I have and use a computer. But I still do a 'sanity check' of the proposed dive using a manual tool like the PADI Wheel or the tables. Actually, if you're like most recreational 'vacation' divers who dive with divemasters, the divemaster does that check for you in case YOU screw up.
More rant: these newer 'air-integrated' computers scare me even more. I won't use one. I recently saw one fail, and the guy fixed the pressure transponder using a spring from a ball-point pen (bragging about 'MacGyvering' the thing) and then DIVED ON IT! Nuts!
My take on the guys who got bent on the early Aladdin is that they were pushing it, relying solely on the computer and doing 'closely-spaced' (repetitive) dives. Had they used manual backup and a lick of commonsense for time-to-fly they would not have gotten the bends.
As pros they should have known better. Yet to my mind they're not much smarter than those Moskito lobster divers I saw marking time in Roatan's hyperbaric chamber at Anthony's Key. Rather than placing faith in an etherial deity like la Moskita, they placed their unquestioning trust in a piece of software. The result is the same: they came up bent.
(Read more about the Moskito epidemic of decompression sickness here.)
- dvd_tude
This reminds me of the old disclaimer that came with Windows 95 and up that the software shouldn't be used in situations where lack of stability would mean megadeaths (i.e nuclear facilities).
So THAT'S the real cause of Chernobyl! Microsoft!
If you're happy and you know it read my blog
You are a 'certified rescue diver'? That has as much weight in the diving community as saying you are 'Network +' certified in a room full of CCNPs. You are positively wrong.
The dive computer uses algorithms to calculate the amount of nitrogen going into and out of the tissue compartments. Different pressures affect the rate you on and off gas. If you drop to 100 feet, you are absorbing gas quickly. If you then ascend to 80 feet, you will off-gas some of the absorbed nitrogen at one rate and yet still on-gas nitrogen at a different rate. Ascend again and the same thing occurs, off gas some of the previous nitrogen and still on gas nitrogen at another rate. This is called 'multi-level' diving. Tables assume you are at the deepest depth for the whole dive. If you were to do a square profile (descend, stay at one depth, and then do a straight ascent) then a dive computer has a lesser no-decompression limit than the table would. What you have confused is a dive computer that is air integrated. that may, as a feature, have a different display that calculates your given air consumption and figures out how long you may stay at depth before reaching a reserve point (generally 500 psi). That is simple algebra, but decompression algorithms are a lot more complicated.
I should know, I teach this several times a month as a current and experienced dive instructor (check my profile) and use this information weekly on my technical dives to wrecks where we (my dive group) consider anything above 200 feet to be shallow. I have been on most of the sites that the article mentioned in passing (Florida caves [look at my web site]), the Andrea Doria, U-boats, etc.
Dive computers may be used to help avoid decompression, but not for decompression diving. I generate my own tables for any technical dive. Most people commenting here so far seem just to be newbie divers themselves. It is like someone that just finished a VB class starts spouting off about C++.
Most divers don't know how to properly ascend and decompress as it is. for the laymen, think of it like a soda bottle that is slightly agitated with dissolved gases (CO2). You would slowly open the bottle until there is a slight release in pressure and then close it; allows gasses to equalize, and then open, stop, repeat. You are allowing the gas to escape slowly enough that bubbles do not form. In the case of diving and human bodies, it is to prevent nitrogen from forming bubbles. Most divers just do direct ascents too quickly or a quickly stop at 15 feet before hitting the surface. The best way to ascend is to do a full stop (assuming a deep dive) at 40 feet for 15-20 seconds, stop at 30 feet for 30-60 seconds, stop at 20 60 seconds, and a stop at 10 for 120-180 seconds. this allows the nitrogen time to slowly come out at a slow rate; i.e. like opening the coke bottle slowly so it doesn't spill over.
If you decompress properly, then flying isn't a big deal. The general problem with flying after diving is the reduced pressure. You are going at a reduced pressure (most commercial craft will pressurize to no more than 8000 feet) so the nitrogen currently in the body comes out more quickly.
Cave, wreck, and deep diver.
Wasn't Flipper played by Lassie in the television series?
Stop bitching and whining about diving. Do what you want to do, and accept the risks involved. We all write faulty software on purpose. Why? It's called job security. If it worked perfectly the very first revision you put out, you couldn't make any money on upgrades and your boss would probably fire you because he/she got what they wanted.
/. readers are divers!
All of this complaining, and no one around here wants to write their own diving computer software. You'd think that at least some
As long corporations can figure out when it's cheaper to just go-ahead and let a few people die, some will. There needs to be a 3 strikes your company is dissolved law.
No more company, all assets sold, stockholders get whats left over, after all debts payed (as usual). Corporate officers and board members prohibited from serving in either capacity in any corporation for a period of at least 2 years. Don't worry if they don't actually have enough cash to cover that, they can always get real jobs...
At one point in our history, it actually required an act of Congress to incorporate, it isn't a right its more like a drivers license, the only thing Congress would need to do is care.
1. they're boring. I find it unlikely there are many scuba diving programmers with a specialty in algorithm verification willing to devote the months of formal verification necessary. Even less likely is one with a decent test lab.
2. They require specialized expertise. Especially when it comes to developing a test methodology. Since every combination of variables cannot be tested in any system of complexity, one must pick and choose the likeliest combinations and extrapolate behaviors from those. Again, people who are good at that tend to be rare and very well paid for doing it (its tedious). Not something someone is simply going to volunteer their time on.
Safety critical systems are one of those things where you simply cannot give the code out and expect that to make a difference. It's less about the code itself than about experience in designing and validating safety systems. The code is merely a means to the end.
-
I guess I just have to add dive software to my list of things I won't work on. The other two that have been on my list for a long time have been air traffic control and missile guidance. At least I don't think the Arms guys are going to let me program their missiles to launch out of the earth's gravitational field and make for the sun (or some other star). At least the dive software can't kill so many people so quickly.
Maybe we could program the flight controls of big aircraft so that they are equipped with GPS maps of where they cannot fly or land, like central business districts.
Ie if the pilot tries to fly at a skyscraper the autopilot takes over and redirects the plane. Hmm. Be good if we could make it work properly.
-- it must be true, it's on the internet.
"The value of human life doesn't factor in. " yes it does, that Pinto page (which was pretty good actually) even had a figure in there, $200k, I think. You may not like it but the current cost of an American life is about 4 million bucks.
Supposing the perceived benefit had been 100 times the cost of the injuries, not 2.5 times? Would that be acceptable?
I think they made a cost/benefit decision (wrong, as it turned out), and they got hammered for it. But their logic was correct.
We don't live in a world of fluffy bunnies and chocolate houses. Safety costs. At some point there is an engineering change to a product that is not worth making, even though it will save a life.
In some respects we have gone to the opposite extreme. Holden in Australia have fitted side airbags. They sold these things for two years, so that is 60000 vehicle years, before one went off in an accident.
Cost to society 80000*600 dollars= 48 million dollars. life saved: 2, possibly.
Even if they carry on crashing at the same rate for ten years it is very hard to believe that they will have been worth fitting.
Incidentally you would be amazed by the number of people who think that airbags are more important than antilock brakes, apparently they still want to have the accident, just not get their nose broken when it happens.
And of course it is very hard to get even slightly het up about safety when the morons won't wear safety belts.
I have two friends who have had laser eye surgery, one, very succesfully so far, the other somewhat less so.
Things they don't tell you
1) Your eye is stll going to change shape with age, so your prescription will change, so you will have to have it redone in 5 years or so (less if you want to keep driving without glasses)
2) If you indulge in any activities involving pressure (eg scuba diving) or lack of (eg mountaineering) then there is a risk that your eye will deform and render you temporarily unfocussed until normal pressure is restored.
3) the scars cause massive internal reflections and this will affect your night vision when driving.
4) you may need to have tune-ups. two in one friend's case.
5) Cross infection risks means that it is wiser to have each eye done at different times.
I'm not a big fan.
or as we call them ABS.
These are software driven just like vehicle stability systems (in fact VSS is just ABS hardware with a few more sensors).
We don't seem to have a plague of rogue software killing occupants because, guess what, we really try to be careful with this stuff. The FMEA for ABS software is huge, and detailed. How many of you guys ever have to do an FMEA? or even know what one is?
Here's a funny war story (I know everyone involved, this happened).
The wheel speed is picked up via a sensor on a 40 tooth tone wheel. Cars without ABS don't have tone wheels. Someone asked, what will happen if a non-ABS wheel gets onto an ABS car?
Mechanic fits non-ABS wheel to car. Development engineer drives off, hits brakes at 10 kph, no prob.
same at 20, same at 30
same at 40
same at 50
same at 70
Drives up to 80 kph hits the brakes, one wheel locks, the car slews sideways into a bank and rolls up on two wheels.
Engineer needs new undies.
What had happened was that the sensor could pick up the back of the wheelstuds. There are 5. The software assumed that the car was travelling at the speed of the slowest wheel, so the non-ABS wheel was the vehicle speed. Our ABS is disabled below 9 kph to ensure that you can stop the car, on some surfaces it will only inch to a halt unless you lock the wheels.
So, at 80 kph the ABS realised it was supposed to work, activated, saw one wheel almost stopped, released the brakes on that wheel, and locked the other one. Hilarity ensued.
guys complaining about black boxes in cars last week?
that's what they are for. Debugging software. Now all we need is a black box to debug the drivers.
The Tables written up by the military are based on a young seaman who is in good condition, using normal air, with no known medical conditions, doing exactly the depth we are talking about for exactly the times we are talking about.
Tell me one diver who actually does that? I know and associate regularly with rescue divers, dive masters, and a crop of other experienced divers--none of them are young, fit seamen in the military form of good condition and none of us do exactly the depths we say we will--some err shallow, some are a few feet deep.
It is also based on averages and says nothing about how you will personally react.
I was talking to my Advanced Open Water (PADI) instructor the other year (long overdue, I probably have over 100 dives) and he had a woman he was training at one point who was doing just the open water tests for the basic certification. Nothing deeper than about 20 feet all day, did everything correctly, didn't stay too long, ate right, wasn't overly stressed, &c. Never left the "A" category on a PADI dive table.
She got bent.
Furhter, we don't know that absorbtion is the same on repeated dives. We don't even know quite how absorbtion works (though we have a few equations that help). If you do more than 2 or 3 dives, throw your computer out since it is worthless for that day--the tables are no better in this regard.
The point is this: whenever you dive, you are taking a risk. We have tables and computers which lend to us a false sense of security but there are no guaruntees. You can stay about 98+% confident diving within the tables, you can stay in about the same range diving on most computers, but you never, ever even approach 100% confidence any more closely.
Computers track your actual depth--not the one you planned (whether it be deeper or shallower). Thus they can actually be far more accurate and still let you get your dives in without a difficulty. They keep a record of useful information--their best guess at how much nitrogen you've absorbed (see above, its a guess), your maximum depth, bottom time, and a variety of other things for you. This is conveinant more than anything else and, while they may not be as conservative as dive tables, they do increase my bottom time while still keeping me in that range of "as certain as anything else."
You throw the dice every single time you step into the water. Don't think that tables are any better or worse than the computer--they both lend a false sense of security.
Integrate Keynote and LaTeX
At the bottom of their recall web page:
"We apologize for any inconvenience this may have caused you."
Now *that* is an understatement...
In fact, of the companies I have work in, the one with the highest quality product was the smallest and the one without any QA people.
Yes! And then we could have a Beowulf cluster of diving computers! Or diving computer webservers! Or a diving computer that can be used to control your TV!
(sorry but someone was going to say it)
I believe that Gimpel's PC-Lint/flexeLint was doing the memory checks in 1996, at least the NULL pointers and double deletes.
I wonder what the difference is between Gimpel's algorithm and the standford algorithm?
Simply as a point of information...
Speaking as a certified diver that does dive nitrox (and I love diving happy gas!) I'll point you to DAN for guidelines for flying after diving. You mention them, but perhaps didn't get a full information exposure there.
And if you don't know DAN (Divers Alert Network) you really should look them up. They are a non-profit research organization for scuba divers, and they offer diving insurance. It's worth getting. 1 Dive Table #3 deco in a hyperbaric chamber will run you an absolutely awful amount of money (about $25,000) and is not covered by any "normal" insurance.
Anyway, DAN's current guidance for flying after diving is not terribly clear. But you are right, for a single dive, they currently suggest a minimum of 12 hours before flying. Or, as another person notes, before any change to a higher elevation (defined as "more than 3000ft elevation change" just like the definition for high-altitude diving). For repetitive diving, the current guidance is "not less than 18 hours" and the longer the better.
And that "minimum is 4 hours" you mention depends on the source. The US Navy says 2 hours, after a single no-deco dive. Though, I'll agree, that's a little crazy for my tastes.
And diving nitrox doesn't seem to have any influence on time to safe flying after diving, beyond the obvious that you might have absorbed less nitrogen. This guidance assumes you are diving close to the limits of either tables or computers, and therefore you end the dive at the same nitrogen-loading whatever gas you are breathing.
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
lets face it, if you are given an imcomplete spec and someone's life depends on the code you are producing, wouldn't you like to be able to say that you did everything in your power to show that your code is complient to the spec.
Additionally, whenever you are designing, coding and testing, you also need to be aware of the limitations of the spec and make sure you understand the logic behind it and everything is consistant and makes sense.
I routinely do dive profiles that my dive tables say I should get bent on. My computer knows better, because it knows the actual depth profile I dive, and not just the max depth and total dive time.
Almost any dive profile on a wall will do this. You start deep, and drift slowly more shallow as you go, and you can do a nice hour-long dive with a max depth of about 80ft, and an average noticably shallower than that.
Yes, you can do this with a multi-level dive table, with a wheel or similar. I've done that. You know how much trouble that is? And how difficult it is to know, for a sloping wall dive, exactly how long you'll spend at any particular depth looking at coral? Yes, plan your dive, and dive your plan. But realize that you aren't a robot, and don't dive like one.
Multilevel dive planning is for deco diving where your computer can't handle it, and, incidentally, you *have* to know deco times ahead of time so you can hang stage bottles at the right depth.
But that dive profile above, for a normal set of dive tables, diving with a computer, will almost always end with your tables telling you that you went into deco. Because all it uses is max depth and total bottom time.
Yeah, and the tables are approximations, too. Actually, they are statistical representations, and state that 98% of divers that stay within these guidelines will not get DCS, with some confidence bound. Yes, diving tables, you can still be that unlucky 2% that does everything right and gets bent anyway. Sometimes it's just not your day.
No. You do research, you find out what algorithm your computer uses, how conservative or liberal it is, how it was modified from standard industry-published algorithms, and you pick a computer that works the way you want it to. And then you dive within the bounds the computer sets, so long as those bounds pass your internal bullshit detector. (You *do* have an internal bullshit detector, right?) But diving close to those bounds is not "dumb" it is simply using your equipment to the limits you are comfortable with.
Can't disagree with that at all. Finishing a dive at 10pm and flying at 6:30am the next morning is not safe.
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?
... he is EXACTLY describing what happens when you have an air bubble somewhere in the hydraulic system.
sheesh - talk about guessing.
Has anyone actually taken out their computers alongside their tables and actually compared the dives you can do with each.
On the same profile, and consequently the same depth at the same time, I could never get the same dive on my computers (2, yeah, I would never trust just one) that I can get on tables.
All the computer does is give me credit for when I'm not as deep as what the table say.
I have only done one dive in my life, a resort dive to only roughly 30 feet but isn't the added dive time gained by $1200, the stated cost of this computer, better spent on more tanks using a conservative dive profile based on the established tables rather than a fancy-smancy dive computer?
On the other hand, one does tend to take for granted, for example, supervised or standardized testing procedures / quality control to be in place regarding such products as airbags in cars, and as was mentioned in earlier posts, medicinal equipment. And a lot of this goes for guns, too, though i don't mean to start an NRA/regulation flamewar here.
Manufacturers of gear in the more critical fields are definitely aware that consumers expect them to adopt adequate safety measures. Does this make the cover-up worse? In principle, I'd say yes. But legally, I dunno (IANAFL) ... Of course, once you plunge in, that's your own decision. And my diving instructor did in fact tell us, even with all these fancy computers around these days, know your dive tables and multilevel wheel. Plan the dive and dive the plan.
But one does wonder, who should start initiatives to protect such specific consumers? Organisations of peers (PADI, in this case)? Government? Or is it, in the end, as simple as: every man for himself? Seems to me that these scattered, fragmented suits that the article mentions, are bound to be less effective than a collective effort could be.
In skydiving there are 2 electronic devices (made with hardware chips with software on them) similar to the dive computers: audible altimeter and automatic activation device (AAD).
An audible altimeter is mounted in your helmet next to your ear, it beeps when you reach a certain altitude so you know its pull time. It is meant as a backup to your wrist altimeter, but a lot of skydivers these days rely on their audible as their primary altimeter, with their wrist as secondary, because it is more convenient. An audible will remind you no matter what which altitude it is, while a wrist altimeter is a passive device, requiring you to look at it. When this device fails, you have a possibly dangerous situation. There are still a number of things that have to happen before someone bounces, but it can happen.
One of the things that prevents people from hurting themselves after they don't hear their audible or they're unconcious or whatever, is an automatic activation device. This is a small computer which sits in your rig (the backpack which houses your parachute and reserve) and monitors air pressure and pressure changes. You switch it on at the beginning of the day and it will monitor the air pressure continuously from then on. If it determines you are still in freefall at 750 feet, it will deploy your reserve parachute.
This is also a device which, when it fails, will probably mean someone dies. Of course, the AAD is like a safety net for a circus trapeze artists. A trapeze artist does their thing while considering the safety net not to be there. Same for skydivers. The AAD really is a last resort measure, and you never act as if it were there. So for a situation where an AAD is needed to arise, things have already gotten pretty out of hand. Statistically, the chance that the AAD will also fail at that moment is very small.
Of course, if don't have an AAD installed, not hearing your audible is a lot more dangerous. In most countries more advanced skydivers are allowed to jump without one.
So, although these devices are designed to save lives, when they fail, then could kill. It is not as extreme as an insulin pump or a dive computer, of course, where your life depends on it working correctly.
Most popular audible: Larsen & Brusgaard ProTrack
Most popular automatic activation device: Airtec Cypres
Cheers,
Costyn.
The Official Steve Ballmer Webpage
Anyone who does "technical" diving knows that computers are completely inadequate for the job.
You can plan multi-level dives using software the same way you generate deco schedules for your tech dives.
A dive computer is merely a crutch for those that don't understand decompression. It promotes diving without adequately planning your dive. It can produce very unsafe schedules especially for bounce dives by saying that no deco is needed when you clearly need some. Not if, but when it fails, the user is left without a proper understanding of deco, and they are left doing an ascent without confidence that they will come out of the water safely.
The problem with dive organizations like PADI (Put Another Dollar In ;-) is that they certify divers with ego-boosting titles like Dive-Master or Mater-Scuba Instructor and they have a TON of useless certifications like Boat Diver. What's next, Knife Diver? Advanced Knife Diver with the 6" blade specialty? The problem is that a Master Scuba Knife Diving Instructor who doesn't understand deco himself tells his students that they need a dive computer. Who can say 'NO' to this Knife Diving GOD? Now you have a ton of divers who don't understand deco enough to recognize when their overpriced dive computer (which is less reliable than Win 98) gives out bad information.
The only computer I trust while diving is my brain.
I used to be an applicationmanager for a few Hospital-Information-System applications. A few years ago there was a large news-item about a hospital administrering blood of the wrong blood-type to a patient, killing him.
The cause of it was a software-flaw: the bloodbank-software had a duplicate-entry system. Analyst A enters the bloodtype, analyst B enters the bloodtype. If the two matches then we are satisfied.
The checking-system did not check. The analysts entered different values but no alarm-bells were ringing.
This did not happen at the hospital where I worked, but we also used the same software.
I checked the buglists... and there it was... bug # 12345 date: half-a-year-ago. Bug: application does nog check inconsistent entries. Stunning... absolutely stunning.
There is a programmer / accountmanager who has now found out (the hard way) that programming medical applications is a serious business. And that if he scaled the priority of this bug up, a life would have been saved. This company was quite sluggish in it's reactions to bugs and it took quite something to get a bug classified as top-priority. I don't know what the priority of this bug was, but it was too low.
Nice detail is that the hospital was found to be the responsible party, because the bug was known and they did not implement temporary manual/alternative checks into their process.
Siggy
This unique sig is intended to make this user more recognisable.
I don't agree with you. This dive computer had a design error, not a programming error. All the algorithm verification in the world wouldn't have caught this error. But if the code had been published open source, maybe someone would have caught the erroneous assumption that a diver on the surface would continue to breathe the Nitrox mixture instead of taking out his regulator and breathing normally.
It may be true that open source as a method of creating the code would be inefficient. But publishing the source so anyone could review it might have avoided a tragedy.
-ccm
Too much Law; not enough Order.
Does anyone out there know of any compiler
development system that doesn't have a
disclamer in the license agreement?
You know the disclamer..."software is
provided for entertainment value only,
and is not to be used in situations where
loss of life or bodily harm can occur.
Not responsible for any damages. But we
will replace the CD's if something really
bad happens!"
I switched gears, from the fourth paragraph on, assume I'm talking about the software being open sourced. For phrase "Having it Open Source", subsitute "Having it Open Source instead of Escrow would be much better because: ", and read the rest of the comment.
That three paragraphs is a simple example of why having the source available under certain condictions is good. It being open source is vastly superior to escrow (from the perspective of the consumer), because you don't have to jump thru the legal hoops to break the escrow. You just grab your copy of the source, and find somebody to audit it.
Essentially, if it had been open source, the manager could have anonymously tipped anybody to check the source for a very specific flaw. Nobody has to break escrow, or is violation of the NDA, and a large corporation, or a gov't body could have fought the defamation case, instead of them crushing one of their former employees for defamation (even though they are correct, they'd probably lose in court).
Open source has a lot more transparency, which is very good in this case.
Kirby
As a spokeperson of the anti-capitalist über-left cynical jaded morons I inform you we greatly resent being outed.
Don't be ridiculous.
I presently develop software for a medical device. At last check we had around 500kloc running on custom hardware that costs the customer about $80,000 per instrument. What possible benefit could there be to Joe Random Developer seeing the code without having intimate knowledge of the design requirements and the hardware? For that matter, how could he change anything without having the hadware to test it on?
If you want to improve safety, insist on better scrutiny by outside agencies a la CE, UL, CSA, (or in our case, all of the above as well as the US FDA) to certify the software, but saying that Open Source is a solution is just silly.
Remember the pentium FDIV bug ?
Now while we are taught to worship the dive tables, I do know that in practice many divers don't use it. Generally the dive operator has already worked out the tables for you if you are on a party baot.
Another note, the computer is essentailly a lump reading temperature, time, and depth until the alarm bells go off telling you to get the hell to the surface. If someone is diving and relying on a piece of equipment to do that for them, he or she does not belong in the water.
For the record, I do scuba dive, I do use tables, and I do always arrive on the surface with 500 psi in the tank. I am a bit of a killjoy.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
The dive boat guys had never seen anything like it.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
I know someone who worked on a navigation/mapping program that I will not mention. Out of the user feedback that has come in, I can assume that software like this could also be considered life-threatening.
Example 1: A bus that used the software was routed to roads with low bridges. Oh, something should be added to the trip parameters eh?
Example 2: A new feature was added to allow for footpath trips... and people have been routed to walk along busy highways without a sidewalk. Oops.
i am a experienced diver.
i started diving before the goat got bent. in the mid '70's the navy bent the goat at 1 atomosphere, it took about 30 days.
if the suits say their product is not bogus, then let them prove it by 'demoing' it under the conditions that the law suit is about.
At the very least there is the "generate thesis topics" use. :)
valgrind just wraps the executable (you use it like strace). The way it works is quite impressive - it's an x86->x86 dynamic translater, which instruments the code.
It also has "skins" that allow you to plug in different checks. In addition to the memcheck, there is a cachegrind skin which does a cache miss profile of your application (marks up code with # of each type of cache miss). And you can make your own. You write a function that takes a basic block of risc code and returns your augmented version.
The downside is that it's x86 Linux only. And porting to another processor would be major work.