this post was submitted on 19 Mar 2024
47 points (98.0% liked)
Programming
17668 readers
182 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For critical work, you can easily apply the same approach but replace the "deploy it" stage with "do extensive internal testing". It takes a longer and is more expensive, but it does work. For example the first ever hydrogen powered aircraft flew in 1957, was an airplane with three engines and only one of those three ran on Hydrgoen. Almost 70 years of engineering later and that's still the approach being used. Airbus claims they will have commercial hydrogen powered flights around 2035 and plan to flight test the final production engine next year on an A380 Aircraft.
The A380 has four engines and each is powerful enough to fly safely with only one engine running. In fact, it should be able to land with four engine failures - with a "Ram Air Turbine" providing electricity and hydraulic pressure to critical systems.
The best approach to critical systems is not to build a perfectly reliable system, but rather to have redundancy so that failures will not result in a "please explain" before congress.
It's a bit more complicated when security is involved. I deleted that post because it didn't seem responsive enough to OP's question but basically there is a big difference between stuff going wrong randomly (Murphy's law) and smart determined adversaries trying to mess with you on purpose. Testing helps more with the former.
Sure — security is one area where you do need to be a specialist.
I'd say it's the exception that proves the rule though. Don't write your own encryption algorithms, don't invent new auth flows, do hire third parties to audit and test your security systems, etc etc. If you want to specialise in something like security, then yeah that's something you should study. But at the same time - every programmer should have general knowledge in that area. Enough to know when it's OK to write your own security code and when you need to be outsourcing it.