Similar presentations:
Patriot Missile Failure
1. Patriot Missile Failure
1991: The American PatriotMissile Battery in Dhahran
2. Dhahran, Saudi Arabia
3. The Patriot Missile
► PhasedArray TRacking Intercept Of Target
► Unproven in 1991
► Results after Gulf War: controversial
4. February 25, 1991
8:40pm (12:40pm EST)► An
Army barracks was struck by a
Scud in Dhahran
► 28 American soldiers were killed
► 97 people injured in the strike
► The Alpha Patriot Battery did not
track and intercept the Scud
5. What Happened?
► Thesystem was unable to identify the Scud
► The range gate was inaccurate
6. The Design Flaw
► Oldsoftware
► Time stored in 1/10 of a second, in
integer format
► 0.110 = 0.00011001100110011…2
► 24 bit registers
► Operation outside the range of
expected use: 100 hours vs 14 hours
7. How We Almost Avoided It
► Datarecorders: the US did not use them,
but Israel did
► February 11, 1991: Israeli forces reported
the Patriot errors back to US
8. Lessons Learned
When you adapt an older software system to a new
use, make sure you also analyze the likely behavior
of the users.
Take the results of testing seriously! If user A
could find the error, user B can too.
You can’t be too accurate when lives are at stake.
Military software must be robust.
Don’t rely on assumptions; if it’s a usage standard,
include it in the operating instructions.
Protect against error, not against error discovery.
9. References
http://en.wikipedia.org/wiki/Gulf_War► http://en.wikipedia.org/wiki/MIM-104_Patriot
► http://plichta-travels.blogspot.com/2007/03/patriotmissile.html
► http://www.fas.org/spp/starwars/gao/im92026.htm
► http://www.1stfighter.com/F15s/desertstorm.html
► http://www.ima.umn.edu/~arnold/455.f96/disasters
.html
► http://shelley.toich.net/projects/CS201/patriot.html