I got my first computer when i was 9 years old.
it ran Windows 95 on a 90 MHz AMD K5, with about 24 mb of RAM.
Since that time, we have traveled lightyears ahead and created technology with 1000 times the computing power at 100th of the original semiconductor size and power consumption of that particular microprocessor.
and in all that time, I have never met a computer that worked EXACTLY as it should. whether it be a smart phone, a laptop, or an Mp3 player; ALL computers malfunction. And many times, malfunction for no particular reason it seems.

so what is it about an electronic device that is made for critical systems use?
there are many machines that are built for the specific purpose of controlling a critical function. Be it medical equipment, automotive, networking or other; these machines absolutely must run at all times.
How? in all my life I've never seen an operating system that never crashed or never had bugs. even something as simple as programmable clock CAN bug out. how do engineers deal with this problem when it comes to critical function computers?

what happens if your life support machine blue screens?
what happens when the engine controller in your car goes stupid while moving down the interstate at 75 mph?
and as computers become more and more complex; how do they deal with the problems of glitched software/hardware that wouldn't exist in a simpler, more deeply embedded computer?
Whereas car computers in the 80's and 90's ran on 16 bit hardware and lookup tables written in EEPROM BASIC, now cars are seeing advanced 32 bit software that works more like a PC and less like an embedded device?
isn't this an almost guarantee of more glitches and problems?

 

You are mixing a bunch of different systems into one basket, embedded systems, personal computers and mission critical systems.

The hardware and software system in a PC is very complex and yes, we do experience failures, too frequently for anyone's liking.

The HW and SW in automotive, medical and industrial systems are relatively simple and there are strict engineering design practices that help to minimize failures.

Mission critical systems are in a completely different league that must employ redundancy in their design. Without such designs the Rosetta spacecraft would never get off the ground.

So to answer our question, there is a 100% guarantee that potential glitches and failure modes will present themselves. It is how you design your system to mitigate such attacks that makes the difference between failure and success.

Here is an example. Any resistor, transistor or even a solder joint can fail. What do we do about it? We can determine the probability of failure and compute the net failure rate of the complete system of 100 components and solder joints. This is what manufacturers of electronic components have to determine in their reliability testing phase.

In mission critical systems, after all the design rules and criteria have been put into the system, you test, test and test again.

 

so it's redundancy, and trial & error?

so why is it the quality control in critical systems is so much better than machines that aren't mission critical?
it's one thing for high performance to be necessary ; but why don't engineers try harder to make consumer technology better?
I understand a lot of it is in the manufacturer's hands of course, cheap manufacturing and all

 

Its not only cheap manufacturing, its how much the buyer is prepared to pay.
All products have to be designed to a clients budget specification, manufacturing cost and selling price.

Quality control costs money which has to be amortised into the selling price.

E

 

Trial & error gives the wrong impression.

Firstly, you design and manufacture with best practices. Do you compute on your PC while wearing an anti-static wristband, for example? Does your company have a strict ESD prevention program in place? Does your company source genuine components from reputable manufacturers or does your company source components from ebay?

Secondly, you test at the component, board and system level under all perceivable adverse conditions including environmental, electrical, electromagnetic interference, ionizing and non-ionizing radiation, vibration, g-forces, etc.

I have done consultation work for the nuclear industry where all boards and systems must be verified on an brutal shaker table test over a prolonged period of time, for example.

As eric says, all of the above costs money.

 

Space, military. automotive and medical lie support come to mind.

Some problems might be gamma ray, radiation. g-forces, extreme vibration and temperature. They have to be tested and testing costs money.
They also may have to be designed for it. Ceramics at one time emitted alpha particles that messed up memory. Thermal issues are more stringent. etc.
So, some part ends up in design, some in testing.

 

The TS may not be aware of this but did you know, we, our bodies and all electronics and computer chips are constantly being bombarded by ionizing radiation from the natural environment and from outer space?

As computer memory densities increase, and all computer chips decrease in feature size, this is becoming an increasing problem. A direct hit on a memory cell by gamma radiation can cause data corruption. The electronics industry continues to tackle this problem by developing radiation immune circuits.

Check out Radiation Hardening.

One possible solution is to shield the IC with a layer of lead. While lead is a good absorber of radiation, unfortunately naturally occurring lead has trace amounts of 210-Pb which itself emits alpha particles. The half-life of 210-Pb is about 22 years. If we wait long enough, lets say 220 years, we end up with lead that doesn't emit much radiation. This is called low-alpha lead.

Well guess what?

Everyone in the micro-chip industry knows this, including Intel and IBM. Companies for a long time now have been scouring across the continent looking for churches built with lead roofing and stained glass windows just to get at the age-old lead.

 

Its not only cheap manufacturing, its how much the buyer is prepared to pay.
All products have to be designed to a clients budget specification, manufacturing cost and selling price.

Quality control costs money which has to be amortised into the selling price.

E

Fly by wire in common cars means to increase their selling prince but, was it actually needed?

It gave way to a new story: software failure or human error? This last: how convenient!

 

The half-life of 210-Pb is about 22 years. If we wait long enough, lets say 220 years, we end up with lead that doesn't emit much radiation. This is called low-alpha lead.

If the half-life is so short, there shouldn't be any naturally occurring. Does it arise from the decay of some other long half-life isotope?

 

Yes, uranium.

 

And the refining processes of 200 years ago were sufficient to remove trace quantities of uranium from the lead?

 

Lead has a lower melting point.

 

Just found this in Wikipedia:

Ancient lead special use
Lead when mined contains an unstable isotope, lead-210, which has a half life of 22 years. This makes lead slightly radioactive. As such ancient lead which has almost no radioactivity is sometimes desired for scientific experimentation.

Regardless of melting point, I find it interesting that processed lead is entirely free of uranium.

 

I also found this:

Unfortunately the amount of Roman lead obtained was not sufficient to shield CUORE and in addition we were not sure that this material, while free from 210Pb, could not contain some radioactive contamination by uranium and thorium. For this aim samples of Roman lead were recently exposed to the LENA reactor of the University of Pavia to undergo the so-called neutron activation analysis. The result was excellent: the presence of these elements was found to be less than a part over a trillion: Roman lead was found to be also as good or better than any other available lead.

Note: Sorry, when I come across something that perks my interest, I tend to compulsively research it till my curiosity is satisfied!