For novel ideas about building embedded systems (both hardware and firmware), join the 28,000+ engineers who subscribe to The Embedded Muse, a free biweekly newsletter. The Muse has no hype and no vendor PR. Click here to subscribe.
By Jack Ganssle
Worst Case Analysis
Leaving Marsh Harbor astern a glorious 15 knot breeze carried us 135 miles in 24 hours.
But then it petered out to a zephyr. With 400 more miles to go, and the Atlantic brewing tropical storms like Macbeth's witches, we fired up Voyager's diesel and puttered along. A current, in excess of 3 knots at times, appeared and for a time greatly retarded our progress. It's quite discouraging to see the GPS spitting out a speed over the bottom of 1.5 knots hour after hour.
My wife was somewhat relieved as the dearth of wind flattened the seas. Me, well, I'm an engineer. I can visualize the 28 year old pistons and valves flying around at 1400 RPM for days on end, and can think of hundreds of failure modes, any of which might keep us stranded at sea for days or weeks till the wind returned. So I watch the gauges like a hawk, and shut the engine down twice a day to check the oil, belt tensions, etc. An awful lot of things have to operate perfectly to keep that diesel running, and I worry about every one of them.
She often asks me why we have so many spare parts and tools aboard. Yeah, there's a spare injection pump in one locker, an alternator in another, and a couple of giant boxes of other engine spares scattered around the boat. There must be a hundred feet of threaded rod of various sizes in case I have to make some sort of huge bolt. Various stainless steel plates, sheets of other materials, wood, dowels, and piping eat up shelf space. You never know what might happen and what I might have to make. It's nice to have a lot of raw materials at hand.
She wonders about why we have three months of canned food aboard. And why I backup the home computers so frequently. And what's the point of the surge protectors and so many other protective devices.
The answer is always the same: "just in case. Something could go wrong."
My closest friend, also a sailor is equally cautious. Our wives sometimes complain that we are always looking for problems. They are right. Scott is an engineer, of course, and engineers, of course, always assume things will be terrible.
We've spent our lives doing worst case analysis, figuring out ways our systems can fail and building in redundancy or margin to assure reliable operation over whatever environmental extremes the gear is likely to encounter. Will that resistor dissipate 0.2 watts? Sure, a ¬ watt part might be fine, but let's stuff in a half-watter. We'll add a watchdog timer in case the code crashes. No, the system doesn't use all possible interrupts, but let's aim unused vectors to a debug routine in case there's some sort of unexpected glitch. Of course we seed the firmware with assert() macros.
Worst case analysis is part of the engineering zeitgeist, and is the reason that so many systems behave so well despite all sorts of unanticipated insults.
We engineers are very much unlike other professionals. Our mode of thinking permeates every aspect of our lives, much to the annoyance of many spouses. "Uh, is that bra really structural, honey?"
Few other professionals will touch a device and think it's running surprisingly hot. is something wrong? Or do the math even in beery political discussions. "No, the State's budget is a bit over $20b, so your statement can't be correct." My engineer dad picked his retirement city by calculating which town offered the minima of distance to all the kids.
Engineering is more than a career choice. It's a way of thinking, a different view of the world, an attitude that leaks across our whole lives. The US's Declaration of Independence says "We hold these truths to be self-evident." But we engineers hold every truth, every observed fact and supposition, to analysis. "Evident, perhaps, but exactly how did you acquire the data?"
What do you think? Can you leave your analysis attitude at the office at 5 o'clock?