[120597] in North American Network Operators' Group
RE: Revisiting the Aviation Safety vs. Networking discussion
daemon@ATHENA.MIT.EDU (Vadim Antonov)
Fri Dec 25 19:18:39 2009
Date: Fri, 25 Dec 2009 16:17:44 -0800 (PST)
From: Vadim Antonov <avg@kotovnik.com>
To: George Bonser <gbonser@seven.com>
In-Reply-To: <5A6D953473350C4B9995546AFE9939EE081F711B@RWC-EX1.corp.seven.com>
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> I can see situations in the future where people's lives could be
> dependent on networks working properly, or at least endangered if a
> network fails.
Actually it's not the future. My father's design bureau was making
hardware, since 70s (including network stuff) for running industrial
processes of a kind where software crash or a network malfunction was
usually associated with casualties. Gas pipelines, power plants, electric
grids, stuff like that.
That's a completely different class of hardware, more of a kind you'd find
in avionics - modules in triplicate, voting, pervasive error correction,
etc. Software was also designed differently, with a lot more review
processes, and with data structures designed for integrity checking (I
still use this trick in my work, which saves me a lot of grief during
debugging) and recovery from memory corruption and such.
I'd be seriously loath to put any of the current crop of COTS network
boxes into a life-critical network.
--vadim
