임태현, software catastrophe
•Download as PPTX, PDF•
1 like•466 views
2016.08.16 Smilegate Programmer Seminar
Recommended
Recommended
More Related Content
Viewers also liked
Viewers also liked (20)
Recently uploaded
Recently uploaded (6)
임태현, software catastrophe
- 3. 소프트웨어 재앙 영화 속의 이야기?
- 4. 실제 사례를 통해 문제의 심각성과 그 책임을 공감
- 6. Mars Climate Orbiter 화성의 기상관측을 목표 1998년 12월 발사 1999년 9월 화성궤도 진입 몇 분 후 통신 두절
- 7. Mars Climate Orbiter 로키드 마틴사의 고도 측량 유닛이 문제 중력을 lbF 로 계산 다른 모듈은 kg⋅m/s2 로 계산 예상보다 더 작은 중력 값을 측정 궤도 유지를 위해 추진력 강화 낮은 궤도 진입 후 대기 마찰로 소멸
- 8. Ariane 5 flight 501
- 9. Ariane 5 flight 501 1996년 6월 아리안5 로켓, 발사 직후 폭발
- 10. Ariane 5 flight 501 • 아리안 4의 관성제어 시스템을 사용 • 이전 모듈은 부동소수를 16bit 로 처리 • 다른 장치들은 부동소수를 64bit 로 처리 • Overflow Exception 이 발생해서 과도한 궤도 수정이 폭발의 원인
- 11. AT&T Long Distance Network Crash
- 12. 소프트웨어 업그레이드 메시지 처리 루틴 성능 향상 자체 테스트를 통과 전체 114개 스위치에 배포 Memory overwrite 오류 스위치 연쇄 리부팅 1 while (ring receive buffer not empty and side buffer not empty) DO 2 Initialize pointer to first message in side buffer or ring receive buffer 3 get copy of buffer 4 switch (message) 5 case (incoming_message): 6 if (sending switch is out of service) DO 7 if (ring write buffer is empty) DO 8 send "in service" to status map 9 else 10 break END IF 11 process incoming message, set up pointers to optional parameters 12 break END SWITCH 13 do optional parameter work
- 14. East Coast blackout 2003년 8월 미국 북동부 정전 장소에 따라 이틀 동안 정전이 지속 브라질 정전사태에 이은 대규모 정전
- 15. East Coast blackout FirstEnergy 컨트롤 소프트웨어 버그가 원인! 송전선이 나무와 접촉 해당라인 전원 공급 중단 전력 이상감지가 안됨 전력 공급 소프트웨어 레이스 컨디션 발생 과부하로 전력망 전체가 정지
- 16. Therac-25
- 17. Therac-25 1985년 캐나다의 AECL 에서 개발 표피치료와 내부종양제거의 두가지 방사선 치료기기를 하나에 합침 공간과 비용을 혁신적으로 감소
- 18. Therac-25 강한 방사선 모드에서는 턴테이블이라는 장치로 제어 소트프웨어 문제로 강한 방사선 시전상태에서 턴테이블 오동작 6건의 사고가 발생해 3명이 사망
- 19. Therac-25 Thread 1 : // 턴테이블 준비 Thread. 주기적으로 수행 if ( system ready ) in_progress = 0 else in_progress ++ Thread 2 : // X-ray 빔 제어 Thread. 주기적으로 수행. if ( start key pressed AND in_progress == 0 ) start radiation
- 20. Knight Capital 2012 stock trading disruption
- 21. Knight Capital 트레이딩 알고리즘을 사용해서 주식거래 2012년 8월 45분만에 5천억원 손해 그 해 여름, 경쟁업체와 합병
- 22. Knight Capital 8대의 서버를 사용 구매 알고리즘을 업그레이드해서 배포 7대에만 배포, 한대는 기존 모듈 탑재 새로운 모듈 활성화 플래그를 기존 환경변수 재활용 환경 변수에 TRUE 값을 넣자, 3년전에 폐기된 모듈이 8번 째 서버에서 활성화 45분동안 비상식적인 가격에 매매를 시도
- 23. 시베리아 가스관 폭발
- 24. 시베리아 가스관 폭발 1982 년 6월 30일 시베리아 천연 가스관 폭발 핵폭발로 오인될 정도 구소련의 천연가스 수출에 타격 이후 계속된 문제로 경제악화 구소련의 개방개혁 원인제공
- 25. 시베리아 가스관 폭발 구소련, 캐나다 소프트웨어 회사에 잠입 CIA 가 고의로 오류 소프트웨어 작성 소련에서 해당 소프트웨어 탈취 어느날 갑자기 펌프가 오작동해 파이프 에 압력을 가함 3킬로톤의 폭발 발생 (히로시마 핵폰탄 : 15킬로톤)
- 27. ACM Ethics • 1. PUBLIC - Software engineers shall act consistently with the public interest. • 2. CLIENT AND EMPLOYER - Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest. • 3. PRODUCT - Software engineers shall ensure that their products and related modifications meet the highest professional standards possible. • 4. JUDGMENT - Software engineers shall maintain integrity and independence in their professional judgment. • 5. MANAGEMENT - Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance. • 6. PROFESSION - Software engineers shall advance the integrity and reputation of the profession consistent with the public interest. • 7. COLLEAGUES - Software engineers shall be fair to and supportive of their colleagues. • 8. SELF - Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession.
- 28. Steam 파일 삭제
- 29. Steam 파일 삭제 STEAMROOT="$(cd "${0%/*}" && echo $PWD)" # Scary! rm -rf "$STEAMROOT/"* 스팀 업그레이드중에 파일 전체 삭제 문제 발생
- 30. Q & A
Editor's Notes
- On November 10, 1999, the Mars Climate Orbiter Mishap Investigation Board released a Phase I report, detailing the suspected issues encountered with the loss of the spacecraft. Previously, on September 8, 1999, Trajectory Correction Maneuver-4 was computed and then executed on September 15, 1999. It was intended to place the spacecraft at an optimal position for an orbital insertion maneuver that would bring the spacecraft around Mars at an altitude of 226 kilometers on September 23, 1999. However, during the week between TCM-4 and the orbital insertion maneuver, the navigation team indicated the altitude may be much lower than intended at 150 to 170 kilometers. Twenty-four hours prior to orbital insertion, calculations placed the orbiter at an altitude of 110 kilometers; 80 kilometers is the minimum altitude that Mars Climate Orbiter was thought to be capable of surviving during this maneuver. Post-failure calculations showed that the spacecraft was on a trajectory that would have taken the orbiter within 57 kilometers of the surface, where the spacecraft likely disintegrated because of atmospheric stresses. The primary cause of this discrepancy was that one piece of ground software supplied by Lockheed Martin produced results in a United States customary unit, contrary to its Software Interface Specification (SIS), while a second system, supplied by NASA, expected those results to be in SI units, in accordance with the SIS. Specifically, software that calculated the total impulse produced by thruster firings calculated results in pound-seconds. The trajectory calculation software then used these results - expected to be in newton-seconds - to update the predicted position of the spacecraft.[16]
- 영국에서 개발되었다고 함
- https://en.wikipedia.org/wiki/Cluster_(spacecraft)#Launch_failure The Ariane 5 reused the inertial reference platform from the Ariane 4, but the Ariane 5's flight path differed considerably from the previous models. Specifically, the Ariane 5's greater horizontal acceleration caused the computers in both the back-up and primary platforms to crash and emit diagnostic data misinterpreted by the autopilot as spurious position and velocity data. Pre-flight tests had never been performed on the inertial platform under simulated Ariane 5 flight conditions so the error was not discovered before launch. During the investigation, a simulated Ariane 5 flight was conducted on another inertial platform. It failed in exactly the same way as the actual flight units.
- https://en.wikipedia.org/wiki/Cluster_(spacecraft)#Launch_failure The Ariane 5 reused the inertial reference platform from the Ariane 4, but the Ariane 5's flight path differed considerably from the previous models. Specifically, the Ariane 5's greater horizontal acceleration caused the computers in both the back-up and primary platforms to crash and emit diagnostic data misinterpreted by the autopilot as spurious position and velocity data. Pre-flight tests had never been performed on the inertial platform under simulated Ariane 5 flight conditions so the error was not discovered before launch. During the investigation, a simulated Ariane 5 flight was conducted on another inertial platform. It failed in exactly the same way as the actual flight units.
- For up to four days in the middle of a hot spell, 50 million residents across eight U.S. states as well as Ontario were left without electricity. The largest power outage in North American history began shortly after 4 p.m. on Aug. 14 when a high-voltage power line in Ohio failed. Normally, that would trigger an alarm so operators could distribute the energy between lines. But a software glitch in the management system caused a communication failure, and one by one, energy grids overloaded and shut down. The blackout is estimated to have cost New York City alone $1.1 billion.