Jules Richardson wrote:
I suppose real computers have a separate service processor for this
kind of thing, so it's easy to put things right even if something does
go wrong (plus of course the update can *only* be done from the
service processor - not from some rogue code running on the main CPU)
This is exactly what we did on the 5ESS(sort of vintage now) switching
systems to avoid any glitches to retain the high availability. We always
designed in a 2nd coprocessor to preform routine maintenance tasks such
as downloading new updates into the backup flash in a duplex processor
system. Then we downloaded the code into the standby processor first and
switch over to active mode after all the diagnostics checked out.
Regression tests were a strict priority in any telecom system to weed
out any of the software faults.
=Dan
[ "I do not fear computers. I fear the lack of them" ]
[ Pittsburgh ---
http://www2.applegate.org/~ragooman/ ]