'For reliable systems, we need a different mindset.'
We often say that reliability must be designed in, not tested in. What do we mean?
I recall a debate from early in my career as a young software engineer about the merits of optimizing for the average case behavior versus optimizing for the worst case. The product in question had a lot of serial interfaces. Those arguing for the average case advocated to interrupt routines tied to each of the serial ports. That way, if a subset of ports were active, the non-active ports would not use any processing cycles. This, they reasoned, would give optimal performance for a typical workload. My approach was to create one timer interrupt at a specified highest byte rate for the serial ports. My interrupt handler checked all the ports for data. This guaranteed a worst case throughput of the timer interrupt rate on all ports.
Read the full article