Safety Features

A number of design features have been implemented with the goal of ensuring that the program does not misbehave even under unusual conditions, including interruption of connectivity or coding errors. The underlying philosophy is that it is much better for the program to shut itself down than to make a wrong trade. These include:

  • checking the integrity and latency of market  data  received          
  • a limit on a single transaction size with a forced time delay between two transactions
  • a testing mode in which  all the systems should work normally but orders are merely recorded and not transmitted

Many different steps were taken to limit the consequences of possible errors. The system  has been tested under fire with early versions running as early as in the summer 2001.