9-Feb-86 23:38:16-PST,7373;000000000000 Mail-From: NEUMANN created at 9-Feb-86 23:36:39 Date: Sun 9 Feb 86 23:36:39-PST From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.9 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Sunday, 9 Feb 1986 Volume 2 : Issue 9 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computerized train wreck? ... Computer-induced stock-market swings. (Martin Minow) Selectively Displaying Data -- Boeing 767 EFIS (Alan M. Marcum) Cape Range Safety Display Systems (Lynne C Moore) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Date: 09-Feb-1986 2048 From: minow%serf.DEC@decwrl.DEC.COM (Martin Minow, DECtalk Engineering ML3-1/U47 223-9922) To: risks@sri-csl.ARPA, minow%rex.DEC@decwrl.DEC.COM Subject: Computerized train wreck? ... Computer-induced stock-market swings. On the news recently, it was noted that the recent Canadian train wreck [8 Feb 1986] "shouldn't have happened as the system was computer controlled." [Bill Dewan, spokesman for the Canadian National Railroad, was quoted in the SF Chron, 9 Feb 1986: "The [freight] train should not have left the double-track section, and whether its failure to stop was due to signal failure or human failure is what is under investigation." Death toll initially estimated 30 to 50. Eastbound transcontinental passenger train with up to 120 people aboard, head-on with westbound freight on single-track section, 75 yards after freight left double-track section. PGN] ------ In today's Boston Globe (Sunday, Feb. 9, 1986), an article by Rick Gladstone, Associated Press discussed problems caused by "the growing effect of computerized buying and selling programs that influence stock prices without regard to economic fundamentals that historically have shaped the market." These programs monitor stock prices and future prices for the same stock, selling the stock and buying futures when the stock price exceeds the futures price and buying stocks and selling futures when the stock price falls below the futures price. "The investors, therefore, profit no matter what." ... The recent big swings of the Dow Jones average "are partly attributed by some Wall Street analysts" to these programs, "because they are activated at the same time and greatly increase the number of shares traded." ... Many analysts "agree that at least part of the Dow Jones industrial average's record 39.10-point plunge Jan. 8 was linked to a mass of sell-program orders activated by the computers." Martin Minow minow%rex.dec@decwrl.arpa ------------------------------ Date: Fri, 7 Feb 86 16:17:06 PST From: sun!nescorna!marcum@ucbvax.berkeley.edu (Alan M. Marcum, Sun Consulting) Subject: Selectively Displaying Data -- Boeing 767 EFIS To: ucbvax!risks In Risks V2.7, Jim Giles raises a question regarding selective display of telemetry, with a computer helping control what is displayed. This is currently being done in the "Electronic Flight Instrument System" (EFIS) being used on, for example, the Boeing 767. The EFIS can be configured to display various data on command by the flight crew, and to display "flags" if certain things go outside the normal range. This is by no means using what we might consider full-blown expert systems technology. For those unfamiliar with the 767 cockpit, or an EFIS in general, there are various CRTs under computer control. Usually, the tubes immediately in front of the pilot and the co-pilot display the flight attitude (an enhanced "artificial horizon"), often with airspeed, altitude, heading, and trends. Additional tubes display route and various engine parameters. These additional tubes are those used for displaying abnormal information. A couple of EFIS configurations are available for some of the larger general aviation aircraft (for example, Beech's new Starship turboprop will be delivered with and EFIS). It is interesting in light of this digest to note that in all EFIS configurations I've seen, there are ALWAYS conventional (i.e. mechanical) backups for the critical instruments portrayed by the EFIS. ------------------------------ Received: from eglin-vax.ARPA Fri 7 Feb 86 18:48:54-PST Date: 0 0 00:00:00 CDT From: "LYNNE C MOORE" Subject: Cape Range Safety Display Systems To: "risks" Clive Dawson (in Risks 2.4) asked what kind of data display the Range Safety officer at Cape Canaveral uses to determine when to destroy missiles. Data is collected from a wide variety of sources throughout the Eastern Test Range, including a number of radar and telemetry sites and optical trackers. The latter are especially important in the first few seconds of launch, when radars cannot be used due to multi-path problems associated with the large metal gantries. This data is collected by the Central real-time computers (redundant Cyber 740's), which determines the best and next-best estimates of present position and instantaneous impact point for the missile body. This is displayed by the Range Safety Display System (RSDS) computers along with plots of destruct lines, which indicate the limit of endangerment of a populated area if the missile's thrust were to terminate at that moment. These destruct limits are considerably broader on the Shuttle than they are for an unmanned missile. In addition, the RSO's maintain a voice link with the Shuttle Flight Dynamics Officer (in Houston), and they will not destroy the Shuttle as long as the crew is in control, even if the destruct line is violated. The RSO's also have real-time telemetry displays and video plus a voice link to an observer as close to the launch pad as safety permits to assist at the initial moments of flight when the data is at its worst. This system provides the best chance for crew survival within the limits of range safety, assuming there is enough time in a danger situation for crew response (which there wasn't in the Challenger explosion). At the time that my husband, Martin Moore, was working on the destruct software at the Cape, I was working on a radar data switching system which is physically located in the same room as the RSDS system. I was also one of the near-real-time analysts for the Central computer, involved in reducing post-mission trajectory and orbital data. In the course of my duties, I learned a lot about the RSDS system and the other data collection/display systems at Cape Canaveral AFS (which is not quite the same thing as Kennedy Space Center -- KSC is NASA, CCAFS is the Air Force). Lynne C. Moore (moorel@eglin-vax.arpa) ------------------------------ End of RISKS-FORUM Digest ************************ -------