I imagine in that line of work, SW must consist of like 99% safeguards and checks of various kinds. Like rather double-check the thing the compiler already proved at runtime than discovering a rare compiler bug in 10 years during a complex oribital descent maneuver…
Gosh, if I ever get into the business of writing software for spacecraft with long duration missions, I have to test for such cases.
I imagine in that line of work, SW must consist of like 99% safeguards and checks of various kinds. Like rather double-check the thing the compiler already proved at runtime than discovering a rare compiler bug in 10 years during a complex oribital descent maneuver…
There is a great video about NASAs space-proof code style guide for c++