Ariane 5 Disaster and Design by Contract

Ariane 5 was an unmanned rocket launched by the European Space Agency (ESA) and Centre National d’Etudes Spatiales (CNES) after taking 10 years to develop it with a cost of $7 billion.  About 40 seconds after lifting off, the rocket exploded during its first voyage on 4^th of June, 1996 and ended in a failure and became one of the disastrous failures though there were no victims.

An inquiry board which nominated by the Director General of ESA and the Chairman of CNES investigated the causes of crashing and issued a report. According to the report, reason behind this crash was a software failure.

The root cause behind Ariane 5 flight 501’s crash was uncaught exception which could not handle during data conversion of 64-bit floating point number to 16-bit integer for the horizontal component of the velocity vector with respect to the platform and an overflow occurred. The crash occurred due to an oversight to handle this particular exception even though they handled other comparable conversions in the same code smoothly.

According to Jean-Marc Jézéquel and Bertrand Meyer, no one can blame the language used, design, implementation, testing or reusing the code but specification reuse which could have been lightened through “Design by Contract” to specify interfaces between modules precisely (Meyer, B., Jezequel, J, 1997). But considering the software point of view of the disaster, it is difficult to agree with the decision of reusing the code, where it dated back to 10 years. It was the period when new programming languages were introduced.

When the Ariane 4 was launched, the software used had no any problem with system while taking off and after.  They could not detect the fault due to the speed of Ariane 4 though the problem existed.

Trajectory of Ariane 5 was different from Ariane 4’s. Therefore trajectory of Ariane 5 led to make horizontal velocity which is five times higher than Ariane 4. So it asked to check the floating point value of horizontal component of the velocity vector to be less than the maximum value.

There were many programming languages in that period but C++, Java and Eiffel could have been used to overcome the issue since all were prominent and well known even that time.

Since C++ supports object oriented programming was one of the solutions that would have used in the perspective of code re-usability and it contains with innumerable libraries. But it is easy to get involved into memory management problems because of the less support for dynamic memory management, it could have come up with another disaster.

Java is fully object oriented language and it uses assertions. It gives an exception and terminates executing by default as it’s a special feature in Java. Also Java is one of the secure portable languages. Still it was not matured enough and could have slow down the speed of the program. And it does not support multiple inheritances and not based on “Design by Contract” concept.

Eiffel supports object oriented programming comprehensively. It based on the concept of “Design by Contract” with full assertion support. It concerns about the flexibility of the software and prevent the rigidness and limitations unlike in Java and C++. Other advantage of Eiffel is reusing classes. Also, it supports multiple inheritance and faster than the other languages. Therefore, Eiffel would have been the best programming language to make the problem correct. 

References

Meyer, B., Jezequel, J., (1997), Design by Contract:The Lessons of Ariane. Los Alamitos: IEEE Computer Society Press, [online] Available at: http://portal.acm.org/citation.cfm?id=619014.620625 [accessed: 29^th October 2010]