Some years ago I listened to a very interesting debate about the software systems used on the fly-by-wire Airbus.
Now apparently the blokes at Airbus decided that they achieve redundancy by having the software run on three different CPU’s, each from a different manufacturer, and that the software for each of them would also be created by three different software houses.
The idea is that these disparate systems would use a black-box approach, i.e. that by putting ‘A’ in, you’d get ‘B’ out, and how it is achieved is of no concern – just so long as ‘A’ in, has a result of ‘B’ out, every time.
Now the three computers use a voting system to check that their results are in sync, i.e. if all the systems had input ‘A’ but only systems 1 & 2 got output ‘B’ (i.e. where system 3 gave output of ‘C’ ) then systems 1 & 2 would out-vote system 3, and only their output would be used.
Nb. Gawd only knows what happens if the outputs of all three were different ?! .... but read on ...
Now if you gave three people a problem to solve where you require input ‘A’ to result in output ‘B’ but a ‘black-box must be used (Nb. a box that inherently uses similar components) it would not be too unreasonable to expect that the internal designs would be somewhat similar.
And there’s the rub.
Because most of us have been educated / taught to think along similar lines (i.e. there are not too many lateral thinkers out there), when we approach a problem the results tend to look quite alike, e.g. ask three children draw a house, and they’ll nearly all draw what they are used to, i.e. Eskimo kids would draw an Igloo (or tin shack) where as the kids from Windsor would draw a three-story Georgian mansion. Taking it further, if you went to three schools in Windsor and asked three set of kids to each draw a house they’d all draw something that fundamentally looks like a Georgian mansion.
Software engineers are no different, they all tend to be from similar backgrounds with very similar education. Thus when set a problem, they’ll each come up with a design which, on close inspection, does not really differentiate one from the other.
So, if their software design is indeed similar, perhaps just once in a blue moon their understanding of the input, required output, and how to achieve it might be flawed or biased to their understanding of the problem and / or previous experience. This is how bugs are introduced, and which none of the software teams envisaged, but which each believe the other teams software will catch in the output vote.
So potentially, all the software teams could similarly misunderstand / misinterpret a problem and manage to write the software so similarly that it results in input ‘A’ giving output ‘C’, across all three systems !
Makes you think, doesn’t it !?
Ps. Ask any programmer if they’ve ever written a program without a bug and guess what the answer will be ?
Eg. For all you C programmers out there, debug this for me; now is there a bug in it ?
#include <stdio.h>
main()
{
print(“Hello world.\n”
;
}