Comment by KolmogorovComp
8 hours ago
To all here saying this is was only a pilot error. I'll ask you, do you also think it is only a programmer error when a critical memory-safety bug is introduced in C? And that they should be the only one responsible and face jail-time (or death, like here)? Or is there more at play? Why use C in safety-critical code, why wasn't it catched by reviewers, fuzzing, testing, etc ?
Error is not binary, it's a statistic. Even perfectly trained pilots/programmers do make errors depending on the situation. What you should ask is what the error chance is, and if it acceptable.
As the accident report shows, the exact same pitot tube failure happened at least 15 times and recovered by the pilots. The 16th time, it killed more than two hundred people. Do you think a 1/16 chance of dying is appropriate in modern aviation safety?
I'm not sure what you're arguing for.
Out of the X% times this error occurs, are you okay with 1/16% failure? Can you avoid the failure-mode?
What if mode 2 fails 2x of the time and it can't be averted by switching to the Y language.