Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ariane 5 Software error Integer overflow.

Published byTyler Berry Modified over 6 years ago

Similar presentations

Presentation on theme: "Ariane 5 Software error Integer overflow."— Presentation transcript:

1 Ariane 5 Software error Integer overflow

2 External view Only about 40 seconds after initiation of the flight sequence, at an altitude of about 3700 m, the launcher veered off its flight path, broke up and exploded

3 External view

4 Cost Development cost $7 Billion Delay of more than one year
One set of four identical, uninsured scientific satellites + One rocket $500,000,000

5 Source of the bug Software exception in the alignment part of the SRI (inertial reference system) 64-bit floating point  16-bit signed integer

6 Ada code begin sensor_get(vertical_veloc_sensor); sensor_get(horizontal_veloc_sensor); vertical_veloc_bias := integer(vertical_veloc_sensor); horizontal_veloc_bias := integer(horizontal_veloc_sensor); ... exception when numeric_error => calculate_vertical_veloc(); when others => use_irs1(); end;

7 Technical Events Animation!!!

8 Design errors Shut down on failure
Only addressing random hardware failures Requirement for continuing operation Ariane 4 can continue countdown without waiting Ariane 5 has a different preparation sequence Alignment function useless after lift-off Not all conversions were protected 

9 Design errors No Ariane 5 trajectory data was included in the specifications Never change a running system Software should be considered correct until it is shown to be at fault

10 Testing No adequate analysis and testing of the SRI
Limitation of the SRI software not fully analysed Test coverage was inadequate Review contributory factor in failure

11 Testing Tests performed on the SRI could not detect the fault
The error could have been detected by Testing the software alone Using electronic input to the SRI

12 Recommendations „Any onboard function used solely on the ground must be inhibited in flight“ „Software should be assumed to be faulty until applying the currently accepted best practice can demonstrate that it is correct“

Download ppt "Ariane 5 Software error Integer overflow."

Similar presentations

Test process essentials Riitta Viitamäki, 14.4.2004

Test process essentials Riitta Viitamäki,
CML CML CS 230: Computer Organization and Assembly Language Aviral Shrivastava Department of Computer Science and Engineering School of Computing and Informatics.

CML CML CS 230: Computer Organization and Assembly Language Aviral Shrivastava Department of Computer Science and Engineering School of Computing and Informatics.
10/14/2005Caltech1 Reliable State Machines Dr. Gary R Burke California Institute of Technology Jet Propulsion Laboratory.

10/14/2005Caltech1 Reliable State Machines Dr. Gary R Burke California Institute of Technology Jet Propulsion Laboratory.
CSCI 5230: Project Management Software Reuse Disasters: Therac-25 and Ariane 5 Flight 501 David Sumpter 12/4/2001.

CSCI 5230: Project Management Software Reuse Disasters: Therac-25 and Ariane 5 Flight 501 David Sumpter 12/4/2001.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development 2.
Wilfried Mausz Testing Presentation for Software Quality Management Testing and Inspections.

Wilfried Mausz Testing Presentation for Software Quality Management Testing and Inspections.
1 Software Engineering Lecture 11 Software Testing.

1 Software Engineering Lecture 11 Software Testing.
Software Safety Basics

Software Safety Basics
3. Hardware Redundancy Reliable System Design 2010 by: Amir M. Rahmani.

3. Hardware Redundancy Reliable System Design 2010 by: Amir M. Rahmani.
23/05/2015Dr Andy Brooks1 FOR0383 Software Quality Assurance Lecture 2 ESA Ariane 5 Rocket Flight 501.

23/05/2015Dr Andy Brooks1 FOR0383 Software Quality Assurance Lecture 2 ESA Ariane 5 Rocket Flight 501.
1 COMS 161 Introduction to Computing Title: Numeric Processing Date: November 10, 2004 Lecture Number: 31.

1 COMS 161 Introduction to Computing Title: Numeric Processing Date: November 10, 2004 Lecture Number: 31.
Figures – Chapter 17. Figure 17.1 Component characteristics Component characteristic Description StandardizedComponent standardization means that a component.

Figures – Chapter 17. Figure 17.1 Component characteristics Component characteristic Description StandardizedComponent standardization means that a component.
CSC444 Lec01 1 University of Toronto Department of Computer Science Lecture 1: Why Does Software Fail? Some background What is Software Engineering? What.

CSC444 Lec01 1 University of Toronto Department of Computer Science Lecture 1: Why Does Software Fail? Some background What is Software Engineering? What.
1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.

1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.
INFORMATION TECHNOLOGIES SAFETY AND QUALITY THROUGH INFORMATION TECHNOLOGY WSRS Ulm – 20 Sept. 2004 St. Ramberger / Th.Gruber 1 Experience Report: Error.

INFORMATION TECHNOLOGIES SAFETY AND QUALITY THROUGH INFORMATION TECHNOLOGY WSRS Ulm – 20 Sept St. Ramberger / Th.Gruber 1 Experience Report: Error.
Amsterdam, The Netherlands

Amsterdam, The Netherlands
Software Development Methodology for Robotic and Embedded Systems (from drawing to coding) Presented by Iwan Setiawan for Robot and Technology Fair (01-12-09)-

Software Development Methodology for Robotic and Embedded Systems (from drawing to coding) Presented by Iwan Setiawan for Robot and Technology Fair ( )-
©Ian Sommerville 2000CS 365 Ariane 5 launcher failureSlide 1 The Ariane 5 Launcher Failure June 4th 1996 Total failure of the Ariane 5 launcher on its.

©Ian Sommerville 2000CS 365 Ariane 5 launcher failureSlide 1 The Ariane 5 Launcher Failure June 4th 1996 Total failure of the Ariane 5 launcher on its.
RIPPLE COUNTERS A register that goes through a prescribed sequence of states upon the application of input pulses is called a counter. The input pulses.

RIPPLE COUNTERS A register that goes through a prescribed sequence of states upon the application of input pulses is called a counter. The input pulses.
ARIANE 5 FAILURE ► BACKGROUND:- ► European space agency’s re-useable launch vehicle. ► Ariane-4 was a major success ► Ariane -5 was developed for the larger.

ARIANE 5 FAILURE ► BACKGROUND:- ► European space agency’s re-useable launch vehicle. ► Ariane-4 was a major success ► Ariane -5 was developed for the larger.

Similar presentations

Ads by Google