May 1, 2026
Houston, we have backup plans
Artemis II Fault Tolerance
NASA packed Orion with backup after backup, and the comments instantly asked: is this genius or too much
TLDR: NASA built Orion so it can keep flying even if several computer parts fail, using layers of backups and a separate emergency system. Commenters were impressed but also obsessed with one spicy question: does all that extra protection make the craft safer, or just more complicated?
NASA’s new Artemis II deep-space capsule is basically the paranoid overachiever of computers: eight processors running together, backups for the backups, and even a totally separate emergency system in case the main setup has a bad day in space. If radiation zaps one chip or power drops out, Orion is designed to stay calm, reboot what broke, point itself at the Sun, and try to phone home. In other words: the spacecraft has more contingency plans than most people have weekend plans.
But the real fireworks were in the comments, where readers split into two camps: "this is beautiful engineering" versus "at what point does backup overload become its own problem?" One fan was thrilled to learn the phrase “dissimilar redundancy,” saying they love building software on different operating systems because weird failures expose hidden mistakes. Another reader immediately hit the brakes, wondering whether all this protection adds so much complexity that it starts creating new risks. That question — when does safety become spaghetti? — was the thread’s biggest mini-drama.
Then came the delightful nerd nostalgia. One commenter compared Orion to older fault-tolerant machines from the 80s and 90s that could literally call home for replacement parts. Another chimed in with a real-world “we already do this” flex from safety hardware. And perhaps the most relatable reaction of all was the blunt, meme-ready question: who decided eight was the magic number? Not four, not sixteen — eight. The vibe was equal parts awe, skepticism, and engineers yelling “show your math.”
Key Points
- •Orion’s primary flight computing system uses two Vehicle Management Computers containing four Flight Control Modules, and each FCM has a self-checking pair of processors, resulting in eight CPUs running flight software in parallel.
- •The system is designed as fail-silent, so erroneous calculations caused by events such as radiation are detected quickly and faulty modules are silenced, reset, and later re-synchronized.
- •NASA states Orion can lose three Flight Control Modules in 22 seconds and still continue safely using the remaining module.
- •The architecture includes triple-modular-redundant memory, dual-lane network interface checking, and a triple-redundant network with self-checking switches.
- •To mitigate common-mode failures, Orion carries an independent Backup Flight Software system on different hardware and operating system, and it can enter a recovery safe mode after a total power-loss event.