Fail-Safe server: NT or UNIX?
Scott Collins
On Sun, 5 Jul 1998 19:34:43 +0200, Stefan Albrecht <s.alb...@tu-bs.de> wrote:
>
>some of the software we are developing, e.g. parts of train control
>systems, is "vital" (i.e. people can be seriously hurt or killed if
>software fails).
>
>For the design of a new vital real-time system my boss wants to use WinNT
>as server (this seems to have "political" reasons). I tried to convince
>him that NT isn´t fail-safe enough, but I ran out of arguments because I
>am no NT wizard. Can you help me (and maybe save lives with your answers
>;-) )?
>
>Any arguments that show that NT is not designed for safe environments, no
>matter how detailed, are appreciated, e.g. conceptional shortcomings in
>process management or system security, a specific detail that NT lacks
>of, an example of what you have experienced w/ NT that mustn´t happen in
>vital environments etc (are there statistics about the OSs involved in
>lethal software failures?)
>
Similar systems that are crucial to safety and/or financial transactions
(such as SCADA systems) have long been the domain of systems running
DIGITAL VMS. It can be argued that it is still the only system capable
of having it's downtime measured in seconds per year or not at all through
true clustering. While UNIX is advancing in these areas and may soon
be comparable to VMS (in the case of DIGITAL UNIX v5.0).
NT is definitely "Not There" yet. Its clustering is rudimentary and
more of a failover scenario than anything else which does not guarantee
availability.
Considering the likely future fate of VMS (sigh) I would look at UNIX
for now.
I hope this helps ...
----------------------------------------------------------------------
Scott Collins - SAP Systems Consultant
scol...@galstar.com
"Always do right. You will gratify some people and astonish the rest."
Mark Twain
Stephen JT Bourike
On Sun, 5 Jul 1998 19:34:43 +0200, s.alb...@tu-bs.de (Stefan
Albrecht) wrote:
>
>Hi,
>
>some of the software we are developing, e.g. parts of train control
>systems, is "vital" (i.e. people can be seriously hurt or killed if
>software fails).
>
>For the design of a new vital real-time system my boss wants to use WinNT
>as server (this seems to have "political" reasons). I tried to convince
>him that NT isn´t fail-safe enough, but I ran out of arguments because I
>am no NT wizard. Can you help me (and maybe save lives with your answers
>;-) )?
>
>Any arguments that show that NT is not designed for safe environments, no
>matter how detailed, are appreciated, e.g. conceptional shortcomings in
>process management or system security, a specific detail that NT lacks
>of, an example of what you have experienced w/ NT that mustn´t happen in
>vital environments etc (are there statistics about the OSs involved in
>lethal software failures?)
>
The issue here is not just about failure (or is it ?). Surely, if
process control is involved, there are issues of system response time
too, and neither NT nor most Unices can guarantee that.
For mature development platforms for RTC (Real Time Control) consider
the Microware family of products (OS/9 and OS/9000).
http://www.microware.com I believe.
Regards
Steve
====================================================
Name: Stephen JT Bourike
Company: Appropriate Solutions Company Limited
Position: Senior Systems Consultant
email: ste...@ascltd.co.uk
URL: http://www.ascltd.co.uk
====================================================
fl...@interport.net
On Sun, 05 Jul 1998 22:22:58 GMT, Stephen JT Bourike
<ste...@ascltd.co.uk> wrote:
>
>For mature development platforms for RTC (Real Time Control) consider
>the Microware family of products (OS/9 and OS/9000).
>
>http://www.microware.com I believe.
QNX is also supposed to be good, that's a real-time OS that runs on PCs.
http://www.qnx.com
--
Ben
root@localhost (hi spammers!)
Hello! Are you my mommy?
> Hi,
>
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
>
> For the design of a new vital real-time system my boss wants to use WinNT
> as server (this seems to have "political" reasons). I tried to convince
> him that NT isn´t fail-safe enough, but I ran out of arguments because I
> am no NT wizard. Can you help me (and maybe save lives with your answers
> ;-) )?
>
> Any arguments that show that NT is not designed for safe environments, no
> matter how detailed, are appreciated, e.g. conceptional shortcomings in
> process management or system security, a specific detail that NT lacks
> of, an example of what you have experienced w/ NT that mustn´t happen in
> vital environments etc (are there statistics about the OSs involved in
> lethal software failures?)
NT is indeed ridden with vulnerabilities and unstability. It's also not very
efficient resource-wise, and tends to respond to events in whatever order it
feels like doing so. That is not a personal opinion, or an immature
anti-microsoft comment, it is a fact that has been proven by benchmarks and
statistical analysis.
The problem we have, is that microsoft is a "big name" of the scene. No
matter how shitty their products are, their reputation will always be safe,
because they are aimed at masses of people who know nothing about the domain
of computer sciences. Therefore, they can safely continue to impose their
own pro-restrictive standards to the world. It also seems to be more and
more of a trend, these last few years, to hire complete morons as network
administrators. This is because NT eliminates the need for competent
technicians/netadmins.
I'm attaching a HTML document to this message, which provides an impartial
comparison between NT and several Unix-based systems.
- Ric.
Brian J. Bernstein
Stefan Albrecht wrote:
> Hi,
>
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
If he wants WinNT, people _WILL_ be seriously hurt or killed.
If he is looking at cost comparison (say NT vs Sun), run Linux. It's cheaper
than NT (umm.. free?).
If he is looking at dependability, he's only listening to the marketing spiel
and not the REAL facts.
Why use NT? Why not MS-DOS while we're at it? I'm assuming this system is for
switching operations, so I can see where the GUI would come in useful, but
does he want to take that risk? There are hundreds of examples proving NT is
not acceptable for critical operations, you just have to look. ...you could
always use the Hotmail fiasco. MS tried to replace the backend of Hotmail
with NT and the OS just couldn't do it, so they had to revert back to the
original Sun equipment. Yes, you're not running a web site, but it was the OS
at fault here.. do you want to take that risk?
--
Brian J. Bernstein
bern...@home.com
http://www.netcom.com/~bernstbj
Timothy J. Lee
"Hello! Are you my mommy?" <del...@pragma.net> writes:
| It also seems to be more and
|more of a trend, these last few years, to hire complete morons as network
|administrators. This is because NT eliminates the need for competent
|technicians/netadmins.
No, it doesn't. However, NT often fools people into believing that a
good system administrator is not needed ("it's a GUI, it can't be hard..."),
so NT environments often are allowed to limp along in a messy, disorganized
state.
--
------------------------------------------------------------------------
Timothy J. Lee timlee@
Unsolicited bulk or commercial email is not welcome. netcom.com
No warranty of any kind is provided with this message.
Mathew A. Hennessy
In article <MPG.1009d718...@news.tu-bs.de>,
Stefan Albrecht <s.alb...@tu-bs.de> wrote:
>
>some of the software we are developing, e.g. parts of train control
>systems, is "vital" (i.e. people can be seriously hurt or killed if
>software fails).
>
>as server (this seems to have "political" reasons). I tried to convince
>him that NT isn´t fail-safe enough, but I ran out of arguments because I
>am no NT wizard. Can you help me (and maybe save lives with your answers
>;-) )?
If this person does not have a fiduciary liability in case of
failure, ethically you should point this out to someone who does. Also,
read the MS license: IIRC it says that MS is not liable for damages if its
OS fails to perform under the conditions you stipulated. Seriously, if
lives are at risk, go over this shmo's head. This kind of thing gives the
term 'Blue Screen of Death' a whole new meaning..
Otherwise, you could simply build the prototypes, waste lots of
money discovering that NT is shite, then blame it on your pointy-haired
manager and watch him squirm. Keep lots of documentation to C Y own A.
>Any arguments that show that NT is not designed for safe environments, no
>matter how detailed, are appreciated, e.g. conceptional shortcomings in
>process management or system security, a specific detail that NT lacks
>of, an example of what you have experienced w/ NT that mustn´t happen in
>vital environments etc (are there statistics about the OSs involved in
>lethal software failures?)
Why not go over the licenses? Also, you don't have to be too
creative to generate a BSOD..
>(however, maybe you can convince me that NT _is_ fail-safe)
I think the rest of us would be extremely amused by any such
attempts.
--
Mathew A. Hennessy (henn...@thoughtcrime.com), Computer geek.
Year 2000 Computer Crisis: "Golly, this could be serious."
please mail if interested in spam-resistant mail service.
Mathew A. Hennessy
In article <timleeEv...@netcom.com>,
Timothy J. Lee <see-signature-for-email-address---junk-not-welcome> wrote:
>so NT environments often are allowed to limp along in a messy, disorganized
>state.
Sounds like a virus to me...
Michael Powe
[posted and mailed]
>>>>> "Stefan" == Stefan Albrecht <s.alb...@tu-bs.de> writes:
Stefan> For the design of a new vital real-time system my boss
Stefan> wants to use WinNT as server (this seems to have
Stefan> "political" reasons). I tried to convince him that NT
Stefan> isn´t fail-safe enough, but I ran out of arguments because
Stefan> I am no NT wizard. Can you help me (and maybe save lives
Stefan> with your answers ;-) )?
Stefan> Any arguments that show that NT is not designed for safe
Stefan> environments, no matter how detailed, are appreciated,
Stefan> e.g. conceptional shortcomings in process management or
Stefan> system security, a specific detail that NT lacks of, an
You may want to check out
http://www.isdmag.com/Editorial/1998/CoverStory9807.html
This is part one of a two-part selection of reader responses to
editorial comments about Linux vs NT in the trade journal Integrated
System Design. Part Two is next month.
mp
--
Michael Powe
mic...@trollope.org
Portland, Oregon USA
Vince Pachiano
Please let me know where this train system will be deployed.
I NEVER want to be any where near it !!!
Stefan Albrecht wrote:
>
> Hi,
>
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
>
> as server (this seems to have "political" reasons). I tried to convince
> him that NT isn´t fail-safe enough, but I ran out of arguments because I
> am no NT wizard. Can you help me (and maybe save lives with your answers
Michael Powe
>>>>> "Michael" == Michael Powe <michae...@trollope.org> writes:
Michael> [posted and mailed]
>>>>> "Stefan" == Stefan Albrecht <s.alb...@tu-bs.de> writes:
Stefan> For the design of a new vital real-time system my boss
Stefan> wants to use WinNT as server (this seems to have
Stefan> "political" reasons). I tried to convince him that NT
Stefan> isn´t fail-safe enough, but I ran out of arguments because
Stefan> I am no NT wizard. Can you help me (and maybe save lives
Stefan> with your answers ;-) )?
Stefan> Any arguments that show that NT is not designed for safe
Stefan> environments, no matter how detailed, are appreciated,
Stefan> e.g. conceptional shortcomings in process management or
Stefan> system security, a specific detail that NT lacks of, an
Michael> You may want to check out
Michael> http://www.isdmag.com/Editorial/1998/CoverStory9807.html
Two more references I probably should have mentioned.
http://www.ncworldmag.com/ncw-05-1998/ncw-05-nextten.html
http://www.ncworldmag.com/ncworld/ncw-04-1998/ncw-04-nextten.html
Peter da Silva
In article <359FFD2C...@pragma.net>,
Hello! Are you my mommy? <del...@pragma.net> wrote:
> own pro-restrictive standards to the world. It also seems to be more and
> more of a trend, these last few years, to hire complete morons as network
> administrators. This is because NT eliminates the need for competent
> technicians/netadmins.
Actually, no, it doesn't. It just makes you THINK you can, then you get to
pay big bucks to consultants and lose days of work to downtime when something
goes wrong and your admins can't deal with it.
[PS: you could have just posted a URL instead of the whole document]
--
In hoc signo hack, Peter da Silva <pe...@baileynm.com>
`-_-' "As the complexity of chips approaches the complexity of software.
'U` The behavior of chips approaches the behavior of software."
-- John Ahlstrom <jahl...@cisco.com>
Peter da Silva
In article <35a0fc06...@news.bucks.net>,
Stephen JT Bourike <ste...@ascltd.co.uk> wrote:
> For mature development platforms for RTC (Real Time Control) consider
> the Microware family of products (OS/9 and OS/9000).
Also look at QNX. I think they're at www.qnx.com.
Moe Skeeter
Knut Stolze wrote in message ...
[deleted]
>The 2nd:
>NT will not allow you to save files large than the virtual memory. I havn't
>found a way to increase the size of the VM. I had to reboot the System and
>all changes were lost.
[deleted]
Huh ? I've sure never encountered this and I've run with extremely small
swapfiles and extremely large physical files...never a problem...can you
provide any more information on this...? Thanks.
--
TimW - Halfordian Golfer
Guilt replaced the creel...
Steve Mading
Stefan Albrecht (s.alb...@tu-bs.de) wrote:
: Any arguments that show that NT is not designed for safe environments, no
: matter how detailed, are appreciated, e.g. conceptional shortcomings in
: process management or system security, a specific detail that NT lacks
: of, an example of what you have experienced w/ NT that mustn´t happen in
: vital environments etc (are there statistics about the OSs involved in
: lethal software failures?)
Perhaps the argument that would carry the greatest weight with a
Microsoft-phile is to simply read him Microsoft's OWN EULA, where
they state that under no circumstances will they be responsible for
any system used in a life-and-death situation. Point out that this
means that if there is some small bug that is MS's fault, and that
bug causes a loss of life, YOUR company will be held responsible,
and you cannot shift the blame to Microsoft, even if it turns out
to actually have been their fault.
--
Steve Mading: mad...@execpc.com http://www.execpc.com/~madings
Moe Skeeter
Steve Mading wrote in message <6nre1o$o...@newsops.execpc.com>...
[deleted]
>Perhaps the argument that would carry the greatest weight with a
>Microsoft-phile is to simply read him Microsoft's OWN EULA, where
>they state that under no circumstances will they be responsible for
>any system used in a life-and-death situation.
OK....then, what OS *does* offer liability for life and death situations
One thing about this question...to consider...NT has a lot of bugs...to be
sure. It is relatively new (and huge...). But most of these bugs are related
to the esoterica involved in the infinite myriad of applications, user input
and devices associated with any modern OS. A given application written
intelligently and tested devoutly should be very deterministic and
reliable/robust in a homogonous environment as you've suggested.
Perhaps with the lower cost of platform/OS in this design, more redundancy
could be built in creating an even safer server for your needs.
Matt Silberstein
In comp.unix.admin "Moe Skeeter" <twa...@aspenres.com> wrote:
[snip]
>
>OK....then, what OS *does* offer liability for life and death situations
Most reliable? Probably something on the mainframe.
>One thing about this question...to consider...NT has a lot of bugs...to be
>sure. It is relatively new (and huge...). But most of these bugs are related
>to the esoterica involved in the infinite myriad of applications, user input
>and devices associated with any modern OS. A given application written
>intelligently and tested devoutly should be very deterministic and
>reliable/robust in a homogonous environment as you've suggested.
No. There is too much insecurity in the file system, in the
application and process management.
>Perhaps with the lower cost of platform/OS in this design, more redundancy
>could be built in creating an even safer server for your needs.
A wayward application can take down the system. As such it is
inappropriate for any high reliability system, especially if live are
at stake. Yes, you can at great expense build some security in at
higher levels, but the cost is quite high.
Matt Silberstein
-----------------------------------------------------------------------
"I slept with Faith, and found a corpse in my arms on awaking; I drank
and danced all night with Doubt, and found her a virgin in the morning."
[Aleister Crowley, _The Book of Lies_] >
Bernhard Oemer
In de.comp.os.unix.misc Stefan Albrecht <s.alb...@tu-bs.de> wrote:
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
> For the design of a new vital real-time system my boss wants to use WinNT
> as server (this seems to have "political" reasons). I tried to convince
> him that NT isn´t fail-safe enough, but I ran out of arguments because I
> am no NT wizard. Can you help me (and maybe save lives with your answers
> ;-) )?
http://www.heise.de/newsticker/data/avr-12.06.98-000/
Linux statt NT fürs Krankenhaus
Die Deutsche Gesellschaft für Medizinische Informatik, Biometrie und
Epidemiologie (GMDS) hat in ihrer Arbeitsgruppe "Datenschutz in
Gesundheitsinformationssystemen" eine [3]"Sicherheitsempfehlung zu
Windows-NT-Netzen im Krankenhaus" herausgegeben.
Darin kommen die Experten zu dem Schluß, daß die
NT-Sicherheitsmechanismen bei sorgfältiger Einstellung zwar ungefähr
das Niveau gewöhnlicher Unix-Systeme erreichen; einiges sei etwas
besser, einiges etwas schlechter. Auf der praktischen Seite bemängelt
die Gruppe aber erhebliche Defizite bei der Zuverlässigkeit.
Zahlreiche konzeptionelle Mängel und Implementierungsfehler machten NT
mit älteren Unix-Systemen vergleichbar.
Die Arbeitsgruppe empfiehlt als Server für die sensiblen medizinischen
Daten aktuelle Unix-Systeme, insbesondere Linux. Für den Fall, daß
trotzdem ein Netz auf NT-Basis betrieben werden muß, geben die
Experten eine Reihe von Ratschlägen zur Datensicherheit.
Tilo Christ (ix/[4]avr)
12.06.98
Ref: http://www.Uni-Mainz.DE/FB/Medizin/IMSD/AGDatenschutz/Empfehlungen/NT.html
[ I case that despite your email adr. you don't speak german:
The German Society for Medical Computing, Biometry and Epidemiologie
(GMDS) officially discuraged the use of NT for sensible medical data for
security reasons and rcommends Unix, esp. Linux. ]
cu
Bernhard
--
The three principal virtues of a programmer are Laziness,
Impatience, and Hubris. See the Camel Book for why.
man 1 perl|grep -1 virtues
Moe Skeeter
Peter da Silva wrote in message <6nrki8$7...@web.nmti.com>...
>In article <6nrgvt$dsl$1...@news-2.csn.net>,
>Moe Skeeter <twa...@aspenres.com> wrote:
>> One thing about this question...to consider...NT has a lot of bugs...to
be
>> sure. It is relatively new (and huge...). But most of these bugs are
related
>> to the esoterica involved in the infinite myriad of applications, user
input
>> and devices associated with any modern OS. A given application written
>> intelligently and tested devoutly should be very deterministic and
>> reliable/robust in a homogonous environment as you've suggested.
>That's simply not true. There are many operating systems that respond
>deterministically in the face of complex applications and heavy loads.
All OS-es *better* be deterministic.
Our realtime financial information servers on NT run flawlessly day in and
day out and I think this sort of homogenous application is well suited to NT
servers. What craps the beasts is the miscellany (in my experience) running
on the OS (which might actually corrupt the state, although my own
development has me thinking NT is pretty damned hard to crash (unless you do
one of the few 'known' things...or muck with process quotas and priorities
much).
A straight forward single-purpose application that was well written would
run and run and run and run (till the freekin' cows get home) under NT. No
doubt about it. At that point your reliability locust shifts to the MTBF of
the hardware. RAID technology, disk mirroring, redundant (duplicated) server
cross checks, etc. can mitigate this to some degree (to very high levels of
fault tolerance).
At any rate, *this* same problem exists regardless of the OS.
Georg Kreyerhoff
>
> Stefan Albrecht (s.alb...@tu-bs.de) wrote:
>
> : Any arguments that show that NT is not designed for safe environments, no
> : matter how detailed, are appreciated, e.g. conceptional shortcomings in
> : process management or system security, a specific detail that NT lacks
> : of, an example of what you have experienced w/ NT that mustn´t happen in
> : vital environments etc (are there statistics about the OSs involved in
> : lethal software failures?)
>
> Perhaps the argument that would carry the greatest weight with a
> Microsoft-phile is to simply read him Microsoft's OWN EULA, where
> they state that under no circumstances will they be responsible for
> any system used in a life-and-death situation.
I read a similar statement in the licensing terms of Solaris and
probably there will be such for most other systems, unless it is
a system specially designed for such things (include the hardware). For
ordinary PCs I guess, already the hardware isn't failsafe enough
for such a task, no matter what OS you use.
Georg
Dave Kenny
: ...
: One thing about this question...to consider...NT has a lot of bugs...to be
"More code, more bugs."
: sure. It is relatively new (and huge...). But most of these bugs are related
: to the esoterica involved in the infinite myriad of applications, user input
: and devices associated with any modern OS. A given application written
: intelligently and tested devoutly should be very deterministic and
: reliable/robust in a homogonous environment as you've suggested.
Careful!
The _application_ may be deterministic in an ideal sort of way, but the
hosting _environment_ may not be. I notice that in computer security
books they often recommend that a Kerberos server be locked in a
nice secure closet, and that NOTHING that is not absolutely essential
be run on it. I think there may be a lesson here...
The most damning criticism of NT that I've read so far is that to
make NT faster in magazine benchmarks, Micro$oft pulled a lot of
fluffy junk (graphics and user interface stuff, muchos device drivers)
back into the kernel.
So M$ threw away the security and robustness NT was originally supposed
to have. (IIRC they were trying to do a microkernel like Mach originally.)
The bigger the kernel is (that is, the more stuff there is that runs at
a privileged level where it could affect other processes) the riskier
the system is. The more often the kernel gets changed, the more risk,
especially when these changes are influenced more by market forces
than by solid engineering considerations.
: Perhaps with the lower cost of platform/OS in this design, more redundancy
: could be built in creating an even safer server for your needs.
I'm skeptical. For a system to be reliable it has to be predictable.
To be predictable it has to be "reasonably" simple and have a significant
track record, among other things.
Having two wolves, not one, guarding your henhouse does not necessarily
improve the life expectancy of the chickens.
: --
Dave Kenny
But the sword of determinism has more than one edge. Sometimes the
deterministic behavior of a system includes features not anticipated
by its designers, or customers. Ever hear of "computer viruses"? :-)
: Our realtime financial information servers on NT run flawlessly day in and
: day out and I think this sort of homogenous application is well suited to NT
: servers. What craps the beasts is the miscellany (in my experience) running
: on the OS (which might actually corrupt the state, although my own
"Miscellany" on a computer can be a terrible adversary indeed!
In some ways this is a disadvantage of consumer-oriented
systems like Windows (and NT). They are designed to be as easy to
use for the broadest cross-section of people as possible. This makes
it more tempting to people to fiddle with them "just a little." To
install a screen saver they recently downloaded, perhaps. I think it
might be advantageous for important systems to run on unfamiliar boxes
with unfamiliar screens and obscure, cryptic interfaces. :-)
: development has me thinking NT is pretty damned hard to crash (unless you do
: one of the few 'known' things...or muck with process quotas and priorities
: much).
As a technical person you probably avoid without awareness things that
might compromise your app or the system it is running on. That's one
reason why a development organization often has a companion, but
_separate_, testing organization.
: A straight forward single-purpose application that was well written would
: run and run and run and run (till the freekin' cows get home) under NT. No
IF you let it. Not you personally, but everyone with access to the
systmem. Ideally that app should be running by itself on a dedicated
machine. I suppose this actually works in some companies/environments,
but it takes discipline and vigilance.
Physical secuity should ensure that there's no way a janitor is going
to unplug the system to plug in the vacuum cleaner, and you have a line
condtioner, UPS, or other forms of protection, etc. As programmers we
can come to rely so much on the abstract "logical" (0's and 1's) behavior
of computers that we can overlook the fact that they are electronic
devices with parts that can fail, diskette drives someone might stuff
with an innovative and unusual boot disk that does more interesting
things than say it's not bootable, cables someone might fiddle with
etc.
: doubt about it. At that point your reliability locust shifts to the MTBF of
Matt Silberstein
>
>Hi,
>
>some of the software we are developing, e.g. parts of train control
>systems, is "vital" (i.e. people can be seriously hurt or killed if
>software fails).
>
>For the design of a new vital real-time system my boss wants to use WinNT
>as server (this seems to have "political" reasons). I tried to convince
>him that NT isn´t fail-safe enough, but I ran out of arguments because I
>am no NT wizard. Can you help me (and maybe save lives with your answers
>;-) )?
>
>Any arguments that show that NT is not designed for safe environments, no
>matter how detailed, are appreciated, e.g. conceptional shortcomings in
>process management or system security, a specific detail that NT lacks
>of, an example of what you have experienced w/ NT that mustn´t happen in
>vital environments etc (are there statistics about the OSs involved in
>lethal software failures?)
>
>Please reply by email or send me a copy of the followup via email,
>because I don´t visit all above groups regularly.
>
>(however, maybe you can convince me that NT _is_ fail-safe)
>
BTW, is this train control software? My experience with such (BART)
was that process control was quite important. I don't know NT all that
well, but it is my understanding that NT Server is optimized for a
single process. If so, you either have to do lots of OS stuff
internally or you have real problems in getting a good balance.
Peter da Silva
Moe Skeeter <twa...@aspenres.com> wrote:
> >That's simply not true. There are many operating systems that respond
> >deterministically in the face of complex applications and heavy loads.
> All OS-es *better* be deterministic.
That's what I say. That's why NT and its kin bother me.
> Our realtime financial information servers on NT run flawlessly day in and
> day out and I think this sort of homogenous application is well suited to NT
> servers. What craps the beasts is the miscellany (in my experience) running
> on the OS (which might actually corrupt the state, although my own
> development has me thinking NT is pretty damned hard to crash (unless you do
> one of the few 'known' things...or muck with process quotas and priorities
> much).
I don't accept that. An operating system should not suffer from "corrupted
state" because you run "miscellaneous" applications on it. It should remain
deterministic in the face of anything short of deliberately malicious code.
> At any rate, *this* same problem exists regardless of the OS.
It doesn't exist for the operating systems I normally use.
Ross Koningstein
> >Microsoft-phile is to simply read him Microsoft's OWN EULA, where
> >they state that under no circumstances will they be responsible for
> >any system used in a life-and-death situation.
Yes - read Microsoft's End User License Agreement. It says it all.
Show it to your corporate lawyers to see if there is enough in it
for them to feel secure from liability :-)
> [deleted]
>
> OK....then, what OS *does* offer liability for life and death situations
Try some of the more mature embedded systems and real-time OS's.
> One thing about this question...to consider...NT has a lot of bugs...to be
> sure. It is relatively new (and huge...). But most of these bugs are related
> to the esoterica involved in the infinite myriad of applications, user input
> and devices associated with any modern OS.
NT has bugs in its TCP/IP subsystem that were found and fixed in UN*X a
decade
ago. The approach Microsoft seems to be taking does not involve taking
mature
industry-standard code. They do seem to re-invent their own way, in in
the
process, re-invent the bugs too. There is nothing esoteric here, merely
'new' proprietary technology versus portable industry standards.
[snip]
> Perhaps with the lower cost of platform/OS in this design, more redundancy
> could be built in creating an even safer server for your needs.
No. Redundant replicated systems need to have certain predictability
in their behavior, otherwise you are fighting a Byzantine type of
problem. These systems need the determinism a real-time system
can deliver. NT does not fit this bill either.
David Charlap
>
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
>
> For the design of a new vital real-time system my boss wants to use
> WinNT as server (this seems to have "political" reasons). I tried to
> convince him that NT isn´t fail-safe enough, but I ran out of
> arguments because I am no NT wizard. Can you help me (and maybe save
> lives with your answers ;-) )?
Microsoft has repeatedly stated (at various developer conferences) that
NT is not yet suited for "hard" real-time applications. "Hard" meaning
that missed deadlines will lead to loss of life and/or property. They
only support NT in "soft" real-time applications, where a missed
deadline is bad, but not catastrophic.
(A program controlling traffic lights is soft RT - if the program
doesn't get enough CPU time, you annoy drivers, but you don't get people
killed. A program controlling a 30 ton robot arm is hard RT - if the
program doesn't get enough CPU time, you may injure or even kill
people.)
MS has tried to redefine "hard" and "soft" RT to fit their marketing,
but when you force them to admit what their definitions are, they will
tell you that NT is not suited to running an application where OS
failures or glitches could get people killed.
BTW, your generic UNIX systems aren't suited for that either.
I suggest you look at a system designed for hard RT applications. One
place to start your search might be with QNX - a RT UNIX system.
Another might be VxWorks.
There are also very good RT systems for non-PC hardware. If that is a
possibility, you may want to consider something running on an IBM AS/400
or an s/390 mainframe. These will cost a lot more, but they are
extremely reliable systems, which is what you want for a system where
failures can kill.
-- David
H. Blakely Williford
>
> In comp.unix.admin s.alb...@tu-bs.de (Stefan Albrecht) wrote:
>
> >
> >Hi,
> >
> >systems, is "vital" (i.e. people can be seriously hurt or killed if
> >software fails).
> >
[snip]
> BTW, is this train control software? My experience with such (BART)
> was that process control was quite important. I don't know NT all that
> well, but it is my understanding that NT Server is optimized for a
> single process. If so, you either have to do lots of OS stuff
> internally or you have real problems in getting a good balance.
>
I can't hold it back; check out http://www.ssc.com/lj/issue38/1288.html
--
H. Blakely Williford | Men never do evil so completely &
cheerfully
Systems Programer/Administrator | as when they do it with religious
conviction.
The Fuller Brush Company | - Blaise
Pascal
void
>
>I suggest you look at a system designed for hard RT applications. One
>place to start your search might be with QNX - a RT UNIX system.
>Another might be VxWorks.
I didn't know QNX was a unix. In what sense? Is it derived from the
source of an earlier unix, or does it just support a lot of unix
interfaces? Are you sure it's not just POSIX?
Mathew A. Hennessy
Dave Kenny <d...@parka.winternet.com> wrote:
>
>Physical secuity should ensure that there's no way a janitor is going
>to unplug the system to plug in the vacuum cleaner, and you have a line
Or that the project manager isn't going to kick out the power
strip to multiple servers.. (don't ask ;0 )
>condtioner, UPS, or other forms of protection, etc. As programmers we
>can come to rely so much on the abstract "logical" (0's and 1's) behavior
>of computers that we can overlook the fact that they are electronic
>devices with parts that can fail, diskette drives someone might stuff
>with an innovative and unusual boot disk that does more interesting
>things than say it's not bootable, cables someone might fiddle with
>etc.
That's what admins are for.. ;)
Thanks,
- Matt
Gavin Kerr
<twa...@aspenres.com> wrote:
>Steve Mading wrote in message <6nre1o$o...@newsops.execpc.com>...
>[deleted]
>>Perhaps the argument that would carry the greatest weight with a
>>Microsoft-phile is to simply read him Microsoft's OWN EULA, where
>>they state that under no circumstances will they be responsible for
>>any system used in a life-and-death situation.
>[deleted]
>
>OK....then, what OS *does* offer liability for life and death situations
[deleted]
Most UNIX vendors will front up for that, assuming you agree to
purchase a high-end fault tolerant high-availability server setup from
them.
They will *deffinately* give you *binding* guarantees about LOS and
QOS
Gav
Gavin Kerr <g...@tritium.co.uk>
UNIX and Networking consultant
Current Job: System Admin for Philip Morris Engineering Services
Wolfgang Denk
>I suggest you look at a system designed for hard RT applications. One
>place to start your search might be with QNX - a RT UNIX system.
Ummm...
You may call QNX Unix-like, but it is no Unix.
The only RT Unix I know is LynxOS, see www.lynx.com
Wolfgang
--
Phone: (+49)-89-95720-110 Fax: (+49)-89-95720-112 w...@denx.muc.de
Office: (+49)-89-722-27328 Wolfga...@OeN.Siemens.DE
The use of Microsoft crippleware systems is a sin that carries with
it its own punishment.
-- Tom Christiansen in <6bo3fr$pj8$5...@csnews.cs.colorado.edu>
H. Eckert
> I think it might be advantageous for important systems to run on unfamiliar
> boxes with unfamiliar screens and obscure, cryptic interfaces. :-)
In a way this sounds like a statement pro NT. :-)
> As a technical person you probably avoid without awareness things that
> might compromise your app or the system it is running on. That's one
> reason why a development organization often has a companion, but
> _separate_, testing organization.
Absolutely correct. For several releases we had a dialog not working
when invoked directly from the menu. This wasn't discovered because
we took a shortcut route to get that dialog when testing. Fixing
this was trivial but as we hadn't noticed the problem before we simply
didn't know there was something to fix.
Greetings,
Ripley
--
http://www.in-berlin.de/User/nostromo/
==
"You don't say what kind of CD drive or hard disks you have, but since it is
causing you trouble I'll assume it is IDE." -- comp.unix.bsd.freebsd.misc
Wolfgang Denk
>I didn't know QNX was a unix. In what sense? Is it derived from the
In a marketing sense, of course :-)
>source of an earlier unix, or does it just support a lot of unix
>interfaces? Are you sure it's not just POSIX?
You are right.
If you want Unix and need reliable hard RT, then you go with LynxOS,
see www.lynx.com.
Disclaimer: No, I'm not affiliated with Lynx, I'm just a (happy)
customer.
Wolfgang
--
Phone: (+49)-89-95720-110 Fax: (+49)-89-95720-112 w...@denx.muc.de
Office: (+49)-89-722-27328 Wolfga...@OeN.Siemens.DE
Calm down, it's *__only* ones and zeroes.
Joerg Scheurich aka MUFTI
Just curious:
Match the realtime extension for the Linuxkernel to "hard RT applications" ?
If no, why not ?
so long
MUFTI
--
Es fehlen Informationen der Inhaltsratgeberkonfiguration.
(aus einer Programmfehlermeldung)
Jochen Kupper)
> >>I suggest you look at a system designed for hard RT applications.
>
> Just curious:
> Match the realtime extension for the Linuxkernel to "hard RT applications" ?
> If no, why not ?
Look at www.rtlinux.org.
Greetings,
Jochen
-----------------------------------------------------------------------
Jochen K"upper
Heinrich-Heine-Universit"at D"usseldorf joc...@uni-duesseldorf.de
Institut f"ur Physikalische Chemie I
Universit"atsstr. 1, Geb 26.43 Raum 02.29 phone ++49-211-8113681
40225 D"usseldorf fax ++49-211-8115195
Germany http://www-public.rz.uni-duesseldorf.de/~jochen
-----------------------------------------------------------------------
John Nagle
>>>I suggest you look at a system designed for hard RT applications.
QNX does have a web server. See "www.qnx.com".
QNX has a tiny kernel that doesn't change much. I think the last
change was in 1991. Even the device drivers are in protected memory.
It's a true message-passing operating system. Widely used for
embedded systems, nuclear-power plant control, railroad signalling,
and other important applications.
John Nagle
Stefan Albrecht
Hi,
thanks to all of you who answered to my question.
I was very positively surprised by the number of reactions. That愀 why I
couldn愒 answer all of you individually - sorry. This subject really
seems to be of public interest.
To avoid misunderstandings and to reassure those who don愒 dare to go by
train anymore:
*IF* such a system is being realized, then it *WILL* be fail-
safe, no matter what platform it is running on - even if this
would be NT.
The reason for this: There are independent legal institutions responsible
for the safety of railways. In Germany this is the "Federal Railway
Bureau" (transl?) ("Eisenbahnbundesamt", EBA). Only if the EBA has
released a system it can be installed - and you bet they *DO* test
(although of course there never can be a 100% warranty).
So: *DON幅 WORRY*, keep going by train (or by bike or bus, rather than by
car - but this is a topic for another newsgroup ;-) )
I just wanted to avoid an early wrong decision which might have become
expensive. You all helped me very much. Thanks again.
Regards
Stefan
In article <MPG.1009d718...@news.tu-bs.de>, s.alb...@tu-bs.de
says...
>
> Hi,
>
> some of the software we are developing, e.g. parts of train control
> systems, is "vital" (i.e. people can be seriously hurt or killed if
> software fails).
>
> For the design of a new vital real-time system my boss wants to use WinNT
> as server (this seems to have "political" reasons). I tried to convince
> him that NT isn愒 fail-safe enough, but I ran out of arguments because I
> am no NT wizard. Can you help me (and maybe save lives with your answers
> ;-) )?
>
> Any arguments that show that NT is not designed for safe environments, no
> matter how detailed, are appreciated, e.g. conceptional shortcomings in
> process management or system security, a specific detail that NT lacks
> of, an example of what you have experienced w/ NT that mustn愒 happen in
> vital environments etc (are there statistics about the OSs involved in
> lethal software failures?)
>
> Please reply by email or send me a copy of the followup via email,
> because I don愒 visit all above groups regularly.
>
> (however, maybe you can convince me that NT _is_ fail-safe)
>
> Thank you very much in advance!
> Regards
> Stefan
>
> s.alb...@tu-bs.de
>
Ralf X11 Pietsch
> For the design of a new vital real-time system my boss wants to use WinNT
> as server (this seems to have "political" reasons). I tried to convince
> am no NT wizard. Can you help me (and maybe save lives with your answers
> ;-) )?
This link may help you:
http://www.Uni-Mainz.DE/FB/Medizin/IMSD/AGDatenschutz/Empfehlungen/NT.html
Ciao, Ralf
Alexander Johannesen
> This link may help you:
>
http://www.Uni-Mainz.DE/FB/Medizin/IMSD/AGDatenschutz/Empfehlungen/NT.html
And if your German is as flaky as mine, here is another article
comparing NT to UNIX-systems, even the free ones ;
http://www.kirch.net/unix-nt.html
Alexander
Torsten Jerzembeck
>Hmmm. Rail system. In germany. Perfectly safe. We've heard this before.
>Just watch out for bridges, OK?
I will not say something about TWA jumbos taking off in the USA. No, I
really won't.
SCNR,
=ToJe=
--
Torsten Jerzembeck * Steinfurter Str. 79, Zi. 509 * D-48149 Münster
* PGP public key ID: B74DB58D * MIME welcome *
In der Regel surft man auf einem Brett im Wasser, im WWW liest man Texte
oder schaut sich Bilder an. (Claus Schönleber in de.admin.news.misc)
Mathew A. Hennessy
Torsten Jerzembeck <to...@gmx.de> wrote:
>In de.comp.os.unix.misc Peter da Silva wrote:
>>Hmmm. Rail system. In germany. Perfectly safe. We've heard this before.
>>Just watch out for bridges, OK?
>
>I will not say something about TWA jumbos taking off in the USA. No, I
>really won't.
Then I won't mention the lax security at Frankfurt which was a
primary factor in a little accident over Lockerbie, Scotland some years
back. You see, the problem with slinging mud is that it becomes very hard
to keep yourself clean, so I'd prefer it to stop here, so we can get back
to our regularly scheduled OS sermons..
Thanks,
- Matt
ps: One would think that a German rail project would use German
software (SAP)? Or at least a non-bourgeois-American OS to satisfy the
Greens?
Zachary Uram
both our countries have accidents and need to improve safety and take more
precaution & preventative measures.
Zach
On 14 Jul 1998, Torsten Jerzembeck wrote:
> In de.comp.os.unix.misc Peter da Silva wrote:
> >Hmmm. Rail system. In germany. Perfectly safe. We've heard this before.
> >Just watch out for bridges, OK?
>
> I will not say something about TWA jumbos taking off in the USA. No, I
> really won't.
>
> SCNR,
>
> =ToJe=
>
> --
> Torsten Jerzembeck * Steinfurter Str. 79, Zi. 509 * D-48149 Münster
> * PGP public key ID: B74DB58D * MIME welcome *
> In der Regel surft man auf einem Brett im Wasser, im WWW liest man Texte
> oder schaut sich Bilder an. (Claus Schönleber in de.admin.news.misc)
>
________________________________________________________
ur...@cmu.edu
"Blessed are those who have not seen and yet have faith." - John 20:29
Peter da Silva
Torsten Jerzembeck <to...@gmx.de> wrote:
> In de.comp.os.unix.misc Peter da Silva wrote:
> >Hmmm. Rail system. In germany. Perfectly safe. We've heard this before.
> >Just watch out for bridges, OK?
> I will not say something about TWA jumbos taking off in the USA. No, I
> really won't.
O-rings and subzero shuttle launches and "put on your manager hat" would be
a better analogy.
Doesn't bother me. I'm Australian. You need to babble on about using chunks
of concrete to flatten out bulges in bridges if you want to strike home.
All of this really supports the point that you can't depend on a bureaucracy
to make an inherent danger go away.
Fair enough?
Bill Vermillion
<pe...@nmti.com> wrote:
>In article <C6PZ...@nightingale.ms.sub.org>, Torsten Jerzembeck
><to...@gmx.de> wrote:
>
>> In de.comp.os.unix.misc Peter da Silva wrote:
>>
>> >Hmmm. Rail system. In germany. Perfectly safe. We've heard this
>> >before. Just watch out for bridges, OK?
>
>> I will not say something about TWA jumbos taking off in the USA.
>> No, I really won't.
>O-rings and subzero shuttle launches and "put on your manager hat"
^^^^^^^^^^^^^^^^^^^^^^^
It hasn't been that cold in Florida since the last ice age. I
remeber that on Tuesday before that fateful Thursday, I was
listening to the radio and heard them talking of knocking the
icicles off.
The problem starts occuring (as I recall) in the 40F range.
Vince Pachiano
STS 51-L
6. The ambient temperature at time of launch was 36 degrees
Fahrenheit, or 15 degrees lower than the next coldest
previous launch.
Those who made that decision were unaware of the recent history of
problems concerning the O-rings and the joint and were unaware of the
initial written recommendation of the contractor advising against the
launch at temperatures below 53 degrees Fahrenheit
Source:
http://www.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/table-of-contents.html
--
"There is no satisfactory substitute for excellence."
-- Dr. Arnold O. Beckman
Larry C. Gross NSWCDD K72 Rm.115
I must have missed something - huh ?
-- --------------------------------------------------------------- | Larry Gross , NSWCDD Code K72 , Bldg. 1580 Rm 115 Sys Support | | 17320 Dahlgren Rd., Dahlgren VA 22448-5100. | | Work:(540) 653-1431, FAX: (540) 653-8286, Home:(540) 786-6843 | | Work: lgross@.nswc.navy.mil Home: lgr...@pobox.com | --------------------------------------------------------------- The government is very capable of speaking for itself - I do not speak for it.
Vince Pachiano
Some sloppy cut/paste on my behalf.
I was merely trying to point out the temperature at launch
vs. previous low.
The second snippet came from the posted link.
Regards,
Vince
Peter da Silva
Bill Vermillion <bi...@bilver.magicnet.netREMOVETHIS> wrote:
> >O-rings and subzero shuttle launches and "put on your manager hat"
> ^^^^^^^^^^^^^^^^^^^^^^^
> It hasn't been that cold in Florida since the last ice age.
I'm from Australia, where we use sensible measurements not related to
the length of the king's foreskin or people's blood temperature on
religious holidays.
I still think in terms of water freezing at 0 and boiling at 100, and
if it's 36 you go to the beach.
Matt Silberstein
>Just for the record, regarding the loss of the Space Shuttle Challenger
>STS 51-L
>
> 6. The ambient temperature at time of launch was 36 degrees
> Fahrenheit, or 15 degrees lower than the next coldest
> previous launch.
>
> Those who made that decision were unaware of the recent history of
>problems concerning the O-rings and the joint and were unaware of the
>initial written recommendation of the contractor advising against the
>launch at temperatures below 53 degrees Fahrenheit
>
>Source:
>http://www.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/table-of-contents.html
Also, for the record, the whole O-ring discussion is, in some sense,
yet another smoke screen. The question we should ask is why does the
shuttle have the O-ring. Answer: because it is in two pieces. Why in
two pieces? Because it is build in Utah and shipped by rail. Why in
Utah instead of building it locally and getting a fundamentally better
design? Because Sen. Hatch made sure that M-T got the contract.
Matt Silberstein
----------------------------------------
And when you pray, be not like the hypocrites; for they love to stand and
pray in the synagogues and at the street corners, that they be seen by men.
Truly, I say to you, they have received their reward. But when you pray,
shut yourself up in your room and pray to your Father who is in secret; and
your Father who sees in secret will reward you.
Matt. 6: 5-6
Zachary Uram
discussion about the incident.
Regards,
Zach
On Mon, 20 Jul 1998, Vince Pachiano wrote:
> Just for the record, regarding the loss of the Space Shuttle Challenger
> STS 51-L
>
> 6. The ambient temperature at time of launch was 36 degrees
> Fahrenheit, or 15 degrees lower than the next coldest
> previous launch.
>
> Those who made that decision were unaware of the recent history of
> problems concerning the O-rings and the joint and were unaware of the
> initial written recommendation of the contractor advising against the
> launch at temperatures below 53 degrees Fahrenheit
>
> Source:
> http://www.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/table-of-contents.html
>
> Bill Vermillion wrote:
> >
> > In article <6otugh$n...@web.nmti.com>, Peter da Silva
> > <pe...@nmti.com> wrote:
> >
> > >In article <C6PZ...@nightingale.ms.sub.org>, Torsten Jerzembeck
> > ><to...@gmx.de> wrote:
> > >
> > >> In de.comp.os.unix.misc Peter da Silva wrote:
> > >>
> > >> >Hmmm. Rail system. In germany. Perfectly safe. We've heard this
> > >> >before. Just watch out for bridges, OK?
> > >
> > >> I will not say something about TWA jumbos taking off in the USA.
> > >> No, I really won't.
> >
> > >O-rings and subzero shuttle launches and "put on your manager hat"
> > ^^^^^^^^^^^^^^^^^^^^^^^
> > It hasn't been that cold in Florida since the last ice age. I
> > remeber that on Tuesday before that fateful Thursday, I was
> > listening to the radio and heard them talking of knocking the
> > icicles off.
> >
> > The problem starts occuring (as I recall) in the 40F range.
>
> --
> "There is no satisfactory substitute for excellence."
> -- Dr. Arnold O. Beckman
>
________________________________________________________
Anthony W. Youngman
writes
>In article <EwEB5...@bilver.magicnet.netremovethis>,
>Bill Vermillion <bi...@bilver.magicnet.netREMOVETHIS> wrote:
>> ^^^^^^^^^^^^^^^^^^^^^^^
>> It hasn't been that cold in Florida since the last ice age.
>
>the length of the king's foreskin or people's blood temperature on
>religious holidays.
>
>I still think in terms of water freezing at 0 and boiling at 100, and
>if it's 36 you go to the beach.
>
It was defined as the coldest achievable temperature at the time - the
temperature at which salt water froze. Why the difference between the
freezing and boiling points of water was defined as 180 degrees I don't
know, but I presume you have 180 degrees in half a circle, like us? I
think that is the second parameter used to define the Fahrenheit scale.
Anyway we use both.
--
Anthony W. Youngman - wol at thewolery dot demon dot co dot uk
Trousers with a single hole in their waistband are topologically equivalent
to a doughnut. These sugarcoated trousers have yet to catch on at fast-food
outlets! (SuperStrings by F. David Peat)
If replying by e-mail please mail wol. Anything else may get missed amongst
the spam.
void
<thew...@nospam.demon.co.uk> wrote:
>>
>But zero Fahrenheit IS the freezing point of water. :-)
Zero *Celsius* is the freezing point of water. That's 32 degrees
Fahrenheit.
Mats Olsson
Anthony W. Youngman <co...@thewolery.demon.co.uk> wrote:
>It was defined as the coldest achievable temperature at the time - the
>temperature at which salt water froze. Why the difference between the
>freezing and boiling points of water was defined as 180 degrees I don't
>know, but I presume you have 180 degrees in half a circle, like us? I
>think that is the second parameter used to define the Fahrenheit scale.
No. Body heat at 100F was the second parameter.
/Mats
Christian Tremblay
> >the length of the king's foreskin or people's blood temperature on
> >religious holidays.
> >
> >I still think in terms of water freezing at 0 and boiling at 100, and
> >if it's 36 you go to the beach.
> >
>
32 Fahrenheit not zero is the freezing point of water.
Chris
Graffiti
To quote the post you replied to, zero Fahrenheit(sp?) *IS* the freezing
point of water. It was achieved by Fahrenheit by adding salt to water
to see what the lowest temperature that water will stay a liquid is.
He designated that as zero degrees. So while you may be talking about
pure water, Fahrenheit based it on salt water. See?
Zero degrees Fahrenheit is the point at which water freezes. It was just
obtained in a slightly... unusual way, is all. :-)
(If you don't believe me, look it up).
-- DN
Steve Mading
: In article <6otugh$n...@web.nmti.com>, Peter da Silva
: <pe...@nmti.com> wrote:
: >In article <C6PZ...@nightingale.ms.sub.org>, Torsten Jerzembeck
: ><to...@gmx.de> wrote:
: >
: >> In de.comp.os.unix.misc Peter da Silva wrote:
: >>
: >> >Hmmm. Rail system. In germany. Perfectly safe. We've heard this
: >> >before. Just watch out for bridges, OK?
: >
: >> I will not say something about TWA jumbos taking off in the USA.
: >> No, I really won't.
: >O-rings and subzero shuttle launches and "put on your manager hat"
: ^^^^^^^^^^^^^^^^^^^^^^^
: It hasn't been that cold in Florida since the last ice age. I
: remeber that on Tuesday before that fateful Thursday, I was
: listening to the radio and heard them talking of knocking the
: icicles off.
: The problem starts occuring (as I recall) in the 40F range.
His "subzero" could have been in Celcius, not Farenhieght. Outside
the US, nobody "thinks" in farenheight. In most places "Subzero"
is a synonym for "below freezing", not "Really fscking cold, way
below freezing"
--
Steve Mading: mad...@execpc.com http://www.execpc.com/~madings
Steve Mading
: In article <6ovutv$n...@web.nmti.com>, Peter da Silva <pe...@nmti.com>
: writes
: >
: >I still think in terms of water freezing at 0 and boiling at 100, and
: >if it's 36 you go to the beach.
Nah, if it's that hot you stay in the machine room where the air
conditioning is. ;-)
: >
: But zero Fahrenheit IS the freezing point of water. :-)
: It was defined as the coldest achievable temperature at the time - the
: temperature at which salt water froze. Why the difference between the
: freezing and boiling points of water was defined as 180 degrees I don't
: know, but I presume you have 180 degrees in half a circle, like us? I
: think that is the second parameter used to define the Fahrenheit scale.
I always thought it was supposed to be based on human blood. Body
temperature was supposed to be 100 (Okay, so he was a bit off).
Steve Mading
: On Mon, 20 Jul 1998 19:13:05 +0100, Anthony W. Youngman
: Zero *Celsius* is the freezing point of water. That's 32 degrees
: Fahrenheit.
Read the rest of his post. He said that it was saltwater.
(Mr Farenheight essentially tried to mix as many things
together as he could to make water's lowest possible freezing
point, under the faulty impression that that is the lowest of
all possible temperatures.)
Kevin Collins
Even though salt water may freeze at 0'f, (I'd have to look that one
up), the statement that it was set as "the lowest of all possible
temperatures" could not possibly be correct. Below 0'f temperatures have
always been around, even at latitudes as low as Texas, including
temperatures WELL below 0 at higher latitudes. Possibly it was set as
the lowest "artificially produceable" temperature?
BTW, did I miss some of the earlier thread here? or is someone trying to
figure out why their NT system is "freezing" up. (I think even putting
it in HOT salt water would cause that) ;-)
--
"If Beta testing worked, why are we all using VHS?"
Kevin Collins
pe...@baileynm.com
lowest temperature you can measure is just above the freezing point of
water. If you use a saturated salt solution, you can measure lower
temperatures.
So, the lowest temperature you can measure is the temperature at which
the volume of a saturated solution of some salt (ammonium chloride is what
I thought he used, but it might have been plain old sodium chloride) is
at a minimum.
He called that 0.
Now for the high end, you can't measure temperatures up to the boiling point
of water, or even near it (the partial pressure of water vapor above the
column makes the response non-linear). But you can always measure body
temperature, and calibrate on that.
So call that 100.
Given the accuracy of his devices, that was probably as good as you could get.
It all makes sense, especially compared to SOME of the biometric standards
people were using at the time.
(all this information sucked from a science textbook, so it might be
completely wrong given the quality of science education in the US)