RISKS@SRI-CSL.ARPA (RISKS FORUM, Peter G. Neumann, Coordinator) (02/10/86)
RISKS-LIST: RISKS-FORUM Digest, Sunday, 9 Feb 1986 Volume 2 : Issue 9
FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Computerized train wreck? ... Computer-induced stock-market swings.
(Martin Minow)
Selectively Displaying Data -- Boeing 767 EFIS (Alan M. Marcum)
Cape Range Safety Display Systems (Lynne C Moore)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
(Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.)
(Back issues Vol i Issue j stored in SRI-CSL:<RISKS>RISKS-i.j. Vol 1: MAXj=45)
----------------------------------------------------------------------
Date: 09-Feb-1986 2048
From: minow%serf.DEC@decwrl.DEC.COM (Martin Minow, DECtalk Engineering ML3-1/U47 223-9922)
To: risks@sri-csl.ARPA, minow%rex.DEC@decwrl.DEC.COM
Subject: Computerized train wreck? ... Computer-induced stock-market swings.
On the news recently, it was noted that the recent Canadian train wreck
[8 Feb 1986] "shouldn't have happened as the system was computer
controlled."
[Bill Dewan, spokesman for the Canadian National Railroad, was
quoted in the SF Chron, 9 Feb 1986: "The [freight] train should not
have left the double-track section, and whether its failure to stop
was due to signal failuer or human failure is what is under
investigation." Death toll initially estimated 30 to 50. Eastbound
transcontinental passenger train with up to 120 people aboard,
head-on with westbound freight on single-track section, 75 yards
after freight left double-track section. PGN]
------
In today's Boston Globe (Sunday, Feb. 9, 1986), an article by Rick Gladstone,
Associated Press discussed problems caused by "the growing effect of
computerized buying and selling programs that influence stock prices without
regard to economic fundamentals that historically have shaped the market."
These programs monitor stock prices and future prices for the same stock,
selling the stock and buying futures when the stock price exceeds the
futures price and buying stocks and selling futures when the stock price
falls below the futures price. "The investors, therefore, profit no matter
what." ... The recent big swings of the Dow Jones average "are partly
attributed by some Wall Street analysts" to these programs, "because they are
activated at the same time and greatly increase the number of shares traded."
... Many analysts "agree that at least part of the Dow Jones industrial
average's record 39.10-point plunge Jan. 8 was linked to a mass of
sell-program orders activated by the computers."
Martin Minow minow%rex.dec@decwrl.arpa
------------------------------
Date: Fri, 7 Feb 86 16:17:06 PST
From: sun!nescorna!marcum@ucbvax.berkeley.edu (Alan M. Marcum, Sun Consulting)
Subject: Selectively Displaying Data -- Boeing 767 EFIS
To: ucbvax!risks
In Risks V2.7, Jim Giles raises a question regarding selective display of
telemetry, with a computer helping control what is displayed. This is
currently being done in the "Electronic Flight Instrument System" (EFIS)
being used on, for example, the Boeing 767. The EFIS can be configured to
display various data on command by the flight crew, and to display "flags"
if certain things go outside the normal range. This is by no means using
what we might consider full-blown expert systems technology.
For those unfamiliar with the 767 cockpit, or an EFIS in general, there are
various CRTs under computer control. Usually, the tubes immediately in
front of the pilot and the co-pilot display the flight attitude (an enhanced
"artificial horizon"), often with airspeed, altitude, heading, and trends.
Additional tubes display route and various engine parameters. These
additional tubes are those used for displaying abnormal information.
A couple of EFIS configurations are available for some of the larger general
aviation aircraft (for example, Beech's new Starship turboprop will be
delivered with and EFIS). It is interesting in light of this digest to note
that in all EFIS configurations I've seen, there are ALWAYS conventional
(i.e. mechanical) backups for the critical instruments portrayed by the EFIS.
------------------------------
Received: from eglin-vax.ARPA Fri 7 Feb 86 18:48:54-PST
Date: 0 0 00:00:00 CDT
From: "LYNNE C MOORE" <moorel@eglin-vax>
Subject: Cape Range Safety Display Systems
To: "risks" <risks@sri-csl>
Clive Dawson (in Risks 2.4) asked what kind of data display the Range Safety
officer at Cape Canaveral uses to determine when to destroy missiles.
Data is collected from a wide variety of sources throughout the Eastern Test
Range, including a number of radar and telemetry sites and optical trackers.
The latter are especially important in the first few seconds of launch, when
radars cannot be used due to multi-path problems associated with the large
metal gantries. This data is collected by the Central real-time computers
(redundant Cyber 740's), which determines the best and next-best estimates of
present position and instantaneous impact point for the missile body. This is
displayed by the Range Safety Display System (RSDS) computers along with plots
of destruct lines, which indicate the limit of endangerment of a populated
area if the missile's thrust were to terminate at that moment. These destruct
limits are considerably broader on the Shuttle than they are for an unmanned
missile. In addition, the RSO's maintain a voice link with the Shuttle Flight
Dynamics Officer (in Houston), and they will not destroy the Shuttle as long
as the crew is in control, even if the destruct line is violated.
The RSO's also have real-time telemetry displays and video plus a voice link
to an observer as close to the launch pad as safety permits to assist at the
initial moments of flight when the data is at its worst.
This system provides the best chance for crew survival within the limits of
range safety, assuming there is enough time in a danger situation for crew
response (which there wasn't in the Challenger explosion).
At the time that my husband, Martin Moore, was working on the destruct
software at the Cape, I was working on a radar data switching system which
is physically located in the same room as the RSDS system. I was also one of
the near-real-time analysts for the Central computer, involved in reducing
post-mission trajectory and orbital data. In the course of my duties, I
learned a lot about the RSDS system and the other data collection/display
systems at Cape Canaveral AFS (which is not quite the same thing as Kennedy
Space Center -- KSC is NASA, CCAFS is the Air Force).
Lynne C. Moore (moorel@eglin-vax.arpa)
------------------------------
End of RISKS-FORUM Digest
************************
-------