Interesting lecture - one thing I would say is that when carrying out accident / incident investigations the software is often treated as a 'Black Box' that has worked in the past for lots of hours without apparent failures so it cannot be the cause of the incident. However as the lecture states it only requires an unusual set of input conditions to trigger the failure. In a lot of systems there are no or few logs and the diagnostic information disappears when the power fails or is turned off. However the unusual combination of circumstances can also occur in hardware. I am aware of a design error in a hardware safety critical system that was only found after 5 years in service as it required an unusual action by the operators. It appears that this particular set of circumstances had not occurred in the 5 years or if it had the wrong side failure had not been recognized or reported.
Interesting lecture - one thing I would say is that when carrying out accident / incident investigations the software is often treated as a 'Black Box' that has worked in the past for lots of hours without apparent failures so it cannot be the cause of the incident. However as the lecture states it only requires an unusual set of input conditions to trigger the failure. In a lot of systems there are no or few logs and the diagnostic information disappears when the power fails or is turned off. However the unusual combination of circumstances can also occur in hardware. I am aware of a design error in a hardware safety critical system that was only found after 5 years in service as it required an unusual action by the operators. It appears that this particular set of circumstances had not occurred in the 5 years or if it had the wrong side failure had not been recognized or reported.