TEAM-ADA Archives

Team Ada: Ada Programming Language Advocacy

TEAM-ADA@LISTSERV.ACM.ORG

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Mime-Version:
1.0
Sender:
"Team Ada: Ada Advocacy Issues (83 & 95)" <[log in to unmask]>
X-To:
Date:
Tue, 28 Jul 1998 11:51:25 -0400
Reply-To:
"Robert I. Eachus" <[log in to unmask]>
Subject:
From:
"Robert I. Eachus" <[log in to unmask]>
In-Reply-To:
Content-Type:
text/plain; charset="us-ascii"
Parts/Attachments:
text/plain (39 lines)
At 05:31 PM 7/27/98 -0400, Matthew S. Whiting wrote:
>No, definitely not MS Flight Sim!  I'm a pilot myself and have a little
>familiarity with full-motion flight simulators from some training I took
>at Flight Safety.  Sure if one went haywire it could shake you up a bit,
>but I think most flight sims have an E-stop button in case things go
>nuts.  I design industrial process control systems and we have several
>E-stop buttons near almost any station that a human might occupy.  It is
>very hard to E-stop a flying airplane, an ATC computer, a pacemaker,
>etc.  I prefer to use "safety critical" for those situations where it
>really fits almost all of the time, rather than a situation where it may
>fit under some very unusual circumstances.

     Once upon a time, flight simulators were overbuilt so that the
structure was much stronger than the hydraulics.  Now the tendancy is to go
the other way, and to use software limits to prevent the simulator from
throwing the cockpit through the wall.   (If you look at a modern flight
simulator, there are usually three pistons connected close together.  One
retracting while the other two extended could exceed stress limits for the
cockpit riding on top.)

     Now the original request seemed fairly normal.  The system is divided
into a model of the aircraft, and that model is not treated as
safety-critical, and a control system which imposes limits on the behavior
of the simulator--maximum g's maximum jerk, and software copies of the
hardware travel limits so you don't slam into a stop.  That way the
training people can wring out the pilots without worrying about the safety
aspects.

     BUT, as has come up in the discussion here, if you have both sets of
software in the same computer, you have to hold the aircraft simulation
code to a higher standard.  It isn't safety critical, but it can't be
allowed to interfere with the software that is.

                                        Robert I. Eachus

with Standard_Disclaimer;
use  Standard_Disclaimer;
function Message (Text: in Clever_Ideas) return Better_Ideas is...

ATOM RSS1 RSS2