Software Bug Causes Soyuz To Land Way Off 573
howhardcanitbetocrea writes "A mysterious software fault in the new guidance computer of the Soyuz TMA-1 spacecraft was the cause of the high-anxiety off-course landing over the weekend, according to NASA sources.' Which is why I will never trust the Strategic Defence Initiative - the star wars project. It only takes one line of mistyped code in what will always be a beta release."
space agencies make some big mistakes (Score:2, Interesting)
You'd think that in such operations, where you only ever get one chance, they would have the most error free systems possible. I'm surprised they didn't feed the computer simulated data and found where it would take them.
Re:Lower cost to consumer? (Score:4, Interesting)
Maybe the problem was in that gigantic magnetic field wiping some data... (TMA stands for Tycho Magnetic Anomaly, aka the monolith in 2001)
I think the next spacecraft (TMA-2) should be nicknamed "big brother."
Bugs = "Spoilage" in Japan (Score:5, Interesting)
SDI funds basic research too (Score:2, Interesting)
Irrelevant. SDI, then and now, is a proven way to fund some basic research. The public is not that interested in science except to counter a perceived threat.
FWIW with your attitude we would not have the F16, F18 (?), F117, B2, and the various other aircraft with fly-by-wire control systems. The space shuttle too. Also do you think 'beta' mechanical devices are inherently safe and function properly? Again, the space shuttle, both disasters.
Re:ah, right (Score:5, Interesting)
But more concerning is the fact that despite their effort they cannot pass even their minimal tests, and resort to fraud instead. We have tried, and failed. The whole thing is military graft -- money being sent down a pit to profit defense companies. They probably hope to cover up the failure of the system by avoiding any real-world test of the system, though certainly avoiding having missiles launched at the US is a good goal regardless.
Re:space agencies make some big mistakes (Score:2, Interesting)
You'd think that in such operations, where you only ever get one chance, they would have the most error free systems possible.
Given the track record of the Soyuz vehicles, I'd say they're pretty damned error-free, all things considered.
A question About Nasa, Russian Space Agency (Score:1, Interesting)
If Nasa and the Russian Sapce Agency can design strong and reliable computer system OSes and controls under very difficult low budgets that don't put lives in danger....
Why can't a company with 40 billion in cash design a computer system OS that is secure or adequately fix one that they have goofed up on?
Makes you wonder about MS hiring policies and software engineering doesn't it?
Re:space agencies make some big mistakes (Score:1, Interesting)
One-line error in Microsoft Office = tech support gets a few more phone calls
One-line error in guidance software = state funerals for our brave heroes
Better Question (Score:4, Interesting)
http://www.cnn.com/2003/TECH/space/05/05/soyuz.
"In 1976, a Soyuz spacecraft came down in a freezing squall and splashed into a lake; the crew spent the night bobbing in the capsule.
Eleven years before that, two cosmonauts overshot their touchdown site by 2,000 miles and found themselves deep in a forest with hungry wolves. That's when Russian space officials decided to pack a sawed-off shotgun aboard every spacecraft."
If they can launch a shotgun hundreds of times, then why can't the US launch some lasers?
Fail-safe design (Score:5, Interesting)
On (nearly) every manned spacecraft ever flown, every system has a hot-backup that kicks in if the first one fails. The exceptions are systems for which it is basically impractical to have a backup-- can't really have redundant heat shields, as the weight is too much. But for electronics and software, this is standard. This story would have gone practically unnoticed if Soyuz had notified Star City that they were doing a "ballistic" entry, in which case they would have been located much sooner.
This landing showed that the Soyuz has a robust design; if Endeavour enters the atmosphere at the wrong angle, could it recover? What if the flight landing computer failed? NASA has a lot of these things covered; for many problems it is probably more robust than Soyuz, for others it is less robust. Soyuz has the advantage of much more flight experience; I doubt that it's a coincidence that this anomaly happened on a flight with a newly upgraded Soyuz.
Re:Why single out SDI? (Score:3, Interesting)
By the way, how can a chip in your car make the engine blow up? Is it like that virus that will format your hard drive and eat all the good leftovers in your fridge and unspay your dog?
SDI (Score:4, Interesting)
But, SDI is really another way to spend billions on research (just like the space race used to be the research money hole). There is no doubt good things will come from it, but at a very high cost.
New here? (Score:3, Interesting)
Re:A question About Nasa, Russian Space Agency (Score:3, Interesting)
Think about it, the shuttle computer - and the soyuz capsule - needs to only do a, relatively, few things. Autopilot and navigation. These are relatively simple mathematical problems that just don't require alot of horsepower or complexity. The operating systems on these things just aren't that complex. No need for drivers, plug and pray, support for thousands of applications, preemptive multitasking, virtual memory, smp, 3D, hundreds of thousands of hardware configurations, etc, etc. Windows - or any modern OS - is a few orders of magnitutde more complex than the OS's used to run space equipment.
This is not to say that the system used by NASA is in any way inferior or 'easy' - it is not and the entire system has undergone numerous code audits and has recieved lots of praise because, as far as any body can tell, it is impervious to any software caused error.
Glass Cockpit? (Score:3, Interesting)
As a software QA guy, I know what kinds of havok a UI defect can cause in a software package. Is it possible that insufficient QA is going into the interface software for these "Glass Cockpits"? There's a time and place for everything, and at the moment, I'd feel a lot better with hardware switches for most spacecraft function (particularly with something as old as Soyuz) than with the kinds of UIs that I've seen in terrestrial software...
Re:Why single out SDI? (Score:3, Interesting)
-B
Case in Point: Patriot in Iraq (Score:2, Interesting)
This is fine in a restricted combat zone/Single theater.
Now, expand this to the entire globe. You set your stuff up in Alaska to shoot down Rogue Nation N. Korea's missiles aimed at the US. How many planes fly back and forth through zones covered by this system? Can you GUARANTEE that your system WILL NOT shoot down a civilian airline by mistake? What if it decides N. Korea has launched a massive first strike, and lets loose all of its anti-missile capability on everything flying over the Pacific Ocean?
When I was in my Software Engineering course back years ago (read: things MAY have changed since then) the Professor talked about his encounters (face to face, via journal articles, conferences, etc.) with the CompSci people in charge of writing the software for the SDI system. When asked how they would gaurantee error free code they'd give vague answers like "we'll do both a top down and bottom up method that will meet in the middle and somehow miracously be bug free"
Uh, That doesn't really work out too well, as I'm sure other
Hopefully there are smart enough people on the job who can build in good enough failsafes that what happened in Iraq with the Patriot (a tried, tested, and tested again in real life system) won't happen on the scale capable from an SDI system.
Re:In Soviet Russia... (Score:5, Interesting)
Did any one other than myself notice that the Soyuz module is named TMA-1?
If I'm not mistaken, that was the name of the spooky monument site in Clarke's "2001, a Space Odyssey".
Tycho Magnetic Anomaly One...
Re:Case in Point: Patriot in Iraq (Score:2, Interesting)
There's no guarantee the wrong item won't be removed from the sky. Why is that necessary? (I'm not being ridiculous here, it's a serious question.)
Nothing in life, especially a military situation, is 100% guaranteed nor can it be. It's unrealistic to think something shouldn't be done unless you know the outcome, absolutely, before you begin.
Don't take this next comment as an insult, it most definitely is not:
Deciding not to do something unless the outcome is 100% guaranteed is the the most sure way to guarantee failure.
Getting back to the military thing and software. OK, so some professor mentions some encounters with software developers. So what? He knew ALL of them and talked with ALL of them ALL the time. Funny, I don't remember any professor talking with me...
Does this professor now head anything having to do with software development for critical control of national asset-level resources? My guess is, no.
Methodologies and capabilities grow and change over time. When the U.S. first fielded nuke missiles all it took to launch was flip a switch then turn 2 keys in a co-ordinated manner. Things changed drastically over time.
So has software design. The wildcat days for software in this arena are long gone.
Re:On missile flight paths (Score:5, Interesting)
Stratiegic Defense Initiative is intended to take out stratiegic nuclear weapons, the ones that are designed to cross oceans. And the only realistic way to get a missle to fly over oceans (without a fleet of B-52s hovering just outside the target's borders) is to lob them over a sub-orbital arc. These weapons are essentially in free-fall as soon as the boosters fall away, which happens well before the warhead crosses the target's horizon.
"but I'd assume any country capable of launching nukes from a distance could setup the missiles to fly erratic flight plans."
Consider the decades of time between the development of ICBMs and cruise missiles. And again, these missiles would have trouble crossing the Atlantic Ocean, let alone the Pacific. What are these missiles going to do, hook up to a refuelling jet two or three times during its flight?
The focus on stopping ballistic missiles is both because such missiles are the easiest to build (remember that ballistic missiles were used in WWII) and the most difficult to stop. Any other form of delivery can be stopped by conventional means.
Re:ah, right (Score:3, Interesting)
When used for its primary purpose - attacking countries that do not approve of the US regime - the danger is that instead of knocking out a military target, a bug in the software could cause the death of a large number of civilians in a highly populated area............
Oh yeah.
It already happened and no-one gives a shit.
Sorry.
Yeah, but still no integration test (Score:5, Interesting)
Re:Why single out SDI? (Score:3, Interesting)
The thing is that we know that Patriot doesn't work very well in the field (except against friendly aircraft). We know also that the collateral damage from the enemy missle being destroyed is also quite bad.
SDI is only really effective against ballistic missles in their boost phase. They are more difficult to destroy in their extra-atmosphere and reentry phases. If not completely destroyed during the boost phase (likely), they are more likely to go off course and go somewhere unintended.
You talk about the probability of the thing working and compare it with an ICBM. Well, no ICBMs were launched in anger, but enough test firings took place to ensure a high probability of success. Not so with SDI.
The moon program was civil and everything about it was public knowledge. SDI is military and classified. We know that tests have been falsified, we don't know the payola between the gun pushers and those involved with promoting the program within the Government. Any technology spin-offs will start out as classified and remain so. Mostly to prevent people finding out who was paid, how much and for what.
graceful failure is a good thing (Score:4, Interesting)
- you lose data
- you corrupt data
The second one is far, far worse because the failure makes changes to your data and you know longer know what is right and what is wrong. The same situation maps onto this failure. The automatic primary system failed, and lost data. But it did not
Code that fails gracefully is good code.
simon
Re:Why single out SDI? (Score:2, Interesting)
Canada (greatest country on earth) was the second country in the world with the power to make Nukes.
Yet We Are still Nuclear Free.
We canadians actually value life....150,000 people is a fucking lot, do not belittle them.
The US could/Should have Fired a Warning shots first, (Let the first 1 or 2 off in the ocean).
The Use of nukes had something to do with ending the war early (about 6 months), and something to do with the US Beating its chest like a gorilla to warn the Russians that they mean buisness.
as for countries that would use them
I have to believe your right most countries would have, Rusia would have, Japan Would have, Germany would have used them, But I don't think Britan would have, not that late in the war.
There citizans acutally knew what war was
any way....
ignore the rest of my ramble
mostly its tendancy to break treaties and when ever the hell they feel like it.
Specifically:
Kyoto [unfccc.int]
NAFTA [unites.uqam.ca]
[bbc.co.uk]
Anti-Ballistic Missile (ABM) Treat
Re:Why single out SDI? (Score:3, Interesting)
Well, that could just be because Bush is a lying fucker and Saddam didn't have any weapons of mass destruction...
SDI: Gold Version (Score:2, Interesting)
No, it might not always be a beta release.
We hope it will always be a beta release.
There is a possibility that the code will be tested enough in the real world to reach "production" status, but we hope the situations which exercise it in the real world will never happen.
technophobia (Score:3, Interesting)
Which is why I will never trust the Strategic Defence Initiative - the star wars project. It only takes one line of mistyped code in what will always be a beta release.
You could use that argument against any weapons system that uses a computer. You could also further expand that statement to say that computers can never be used for important tasks. It is amazing how quickly politics can make luddites of us, isn't it?