• DocumentCode
    467961
  • Title

    The Dangers of Failure Masking in Fault-Tolerant Software: Aspects of a Recent In-Flight Upset Event

  • Author

    Johnson, C.W. ; Holloway, C. Michael

  • Author_Institution
    Dept. of Comput. Sci., Glasgow Univ., Glasgow
  • fYear
    2007
  • fDate
    22-24 Oct. 2007
  • Firstpage
    60
  • Lastpage
    65
  • Abstract
    On 1 August 2005, a Boeing Company 777-200 aircraft, operating on an international passenger flight from Australia to Malaysia, was involved in a significant upset event while flying on autopilot. The Australian Transport Safety Bureau\´s investigation into the event discovered that "an anomaly existed in the component software hierarchy that allowed inputs from a known faulty accelerometer to be processed by the air data inertial reference unit (ADIRU) and used by the primary flight computer, autopilot and other aircraft systems." This anomaly had existed in original ADIRU software, and had not been detected in the testing and certification process for the unit. This paper describes the software aspects of the incident in detail, and suggests possible implications concerning complex, safety- critical, fault-tolerant software.
  • Keywords
    aerospace computing; aircraft; safety-critical software; software fault tolerance; accelerometer; air data inertial reference unit; aircraft system; autopilot; failure masking; fault-tolerant software; flight computer; safety-critical software;
  • fLanguage
    English
  • Publisher
    iet
  • Conference_Titel
    System Safety, 2007 2nd Institution of Engineering and Technology International Conference on
  • Conference_Location
    London
  • ISSN
    0537-9989
  • Print_ISBN
    978-0-86341-863-1
  • Type

    conf

  • Filename
    4399910
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=467961