44 ;;Quote: high-level languages free programs from their accidental complexity but not their essential complexity

45 ;;Quote: uncaught errors in executable specification languages are just as disastrous as in traditional programming

45 ;;Quote: a formal specification also requires user feedback from an implementation

45 ;;Quote: specification without implementation is not possible because can't formalize requirements without user feedback from an implementation

53 ;;Quote: a software error is a combination of illegal actions, incorrect paths, and wrong results

54 ;;Quote: layered systems should prevent errors from spreading to other layers

55 ;;Quote: system components should be self-protective and self-checking to prevent error propagation

56 ;;Quote: a self-protective component can check for error conditions before execution or asynchronously

56 ;;Quote: self-checking hardware either gives a correct answer or it signals failure

57+ ;;Quote: fault containment is the reduction and elimination of error propagation

57 ;;Quote: a self-checking component can propagate some errors if its clients can catch the error

58 ;;Quote: a resourceful system achieves its goals despite failures of standard methods

58+ ;;Quote: a functionally rich system is not orthogonal; there are multiple ways to achieve a result

58 ;;Quote: a resourceful system has functional richness, testable goals, and some planning abilities

59 ;;Quote: many existing systems are functionally rich, especially life threatening ones such as airplanes

60 ;;Quote: an altitude control system can use any three of four reaction wheels to maintain a satellite's orientation

61 ;;Quote: a resourceful system can combine basic functions into programs or plans

61 ;;Quote: a resourceful system will automatically create programs to deal with contingencies