Originally Posted by
BDAttitude
I agree in so far that compared to the costs piling up now it is close to zero.
However, the actual costs of all the above are not zero. We are talking bronze age embedded systems not iPads. Nothing is easy there. Limited resources - not money wise - may also have been an issue coupled with time pressure.
I spent 16 years coding and managing software development. About half of my sw career involved a large body of system software written in assembler. I am fully aware of what's involved in the features I discussed in my post, and I wasn't confusing them with programming Java apps on a phone or iPad.
I have no information about what process Boeing actually followed for the design and verification of MCAS, either initially or as it evolved to encompass a second requirement (i.e., low speed maneuvering). I don't know what kinds of specs were written, what kinds of reviews were held and what kind of testing was performed. But whatever process they followed, coding input validation and output constraints would have cost no additional money. Someone would have just had to think of it and do something reasonable. The more formal the process, the more likely this was to happen. But even with no formal process, it is really difficult to understand why the people who implemented MCAS didn't think of any of this.
The truth may eventually prove otherwise, but I have a hard time believing that someone told his manager that they should hold a design meeting to review the requirements and spec for the feature, and the manager said no. There may have been cost and schedule pressures that explicitly or implicitly discouraged a highly-formal development process for MCAS. But it smells more like a situation where the engineers involved simply didn't appreciate the risk presented and thought of it more as a bug fix or minor tweak not requiring formal process, rather than appreciating the risk but intentionally cutting corners on the sw dev process to save money.