From: Martin <martin.dowie@btopenworld.com>
Subject: Re: OT?: AF 447 and avionics software
Date: Sat, 6 Jun 2009 10:34:57 -0700 (PDT)
Date: 2009-06-06T10:34:57-07:00 [thread overview]
Message-ID: <3d6ecae8-8a48-4070-acd4-bec9d2d073b7@l12g2000yqo.googlegroups.com> (raw)
In-Reply-To: 96c44af9-d16d-45fb-b264-c77e0ec127a0@x3g2000yqa.googlegroups.com
On Jun 4, 7:20 pm, roderick.chap...@googlemail.com wrote:
> On Jun 4, 12:02 pm, Martin <martin.do...@btopenworld.com> wrote:
>
>
>
> > On Jun 4, 10:29 am, "Alex R. Mosteo" <alejan...@mosteo.com> wrote:
>
> > > I'm sure most of us are following the news on this issue. I just read an
> > > article where an 'expert' questions "damn computers". Particularly this
> > > quote:
>
> > > "In these fly-by-wire systems, one never really knows if one has checked out
> > > all possible combinations of events to make sure that the computer properly
> > > reacts,"
>
> > >http://www.time.com/time/world/article/0,8599,1902421,00.html
>
> > > Frankly I know nothing about the aviation standards for software/computer
> > > use, but I suspect it is somewhat more strict than "one never really knows".
> > > I mean, surely you can't test everything, but I guess one can be reasonably
> > > confident on the system design!
>
> > > Now, there's a trend forming pointing to the ADIRU [1] unit, because of
> > > recent incidents like the Qantas flight mentioned in the article. I'm not
> > > sure there's really verified reasons to point to it yet but, trying to stay
> > > on topic:
>
> > > I think Airbus is mainly Ada, right? Do you know some good place to read
> > > about its software systems?
>
> > > What about these ADIRU units, are they delivered to Airbus by some provider
> > > or are of their own built?
>
> > > [1]http://en.wikipedia.org/wiki/Air_Data_Inertial_Reference_Unit
>
> > They can analysis code to ensure absense of runtime error (e.g. using
> > SPARK and/or tools like PolySpace) but testing all possible scenarios
> > is a different kettle of fish all together.
>
> This is not entirely true.
>
> There is certainly SPARK code in the Rolls-Royce engines that power
> the
> A380 and Boeing 787.
>
> There is no SPARK in the other major avionics systems on
> the Airbus A320, A330, A340 or A380. (After all, if Airbus
> were a SPARK customer I would know for sure!)
>
> Airbus have cited the use of Patrick Cousot's ASTREE tool
> in the analysis of their flight control codes - this
> is published somewhere, so I'm sure a quick google
> search will reveal the correct ref.
>
> - Rod Chapman, SPARK Team
Sorry, I wasn't trying to imply that SPARK was used in this case -
just an example of a tool that is available and could be used in such
systems. I have no idea if PolySpace or a PolySpace-like tool is used
either. I would doubt they only do dynamic testing.
Cheers
-- Martin
next prev parent reply other threads:[~2009-06-06 17:34 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-04 9:29 OT?: AF 447 and avionics software Alex R. Mosteo
2009-06-04 11:02 ` Martin
2009-06-04 18:20 ` roderick.chapman
2009-06-06 17:34 ` Martin [this message]
2009-06-04 11:58 ` Egil Høvik
2009-06-04 13:25 ` Alex R. Mosteo
2009-06-04 19:02 ` Olivier Scalbert
2009-06-04 20:17 ` Matteo Bordin
2009-06-05 7:22 ` MRE
2009-06-06 10:38 ` sjw
2009-06-06 10:52 ` Dmitry A. Kazakov
2009-06-07 11:16 ` Florian Weimer
2009-06-07 13:19 ` Dmitry A. Kazakov
2009-06-10 6:11 ` MRE
2009-06-10 7:36 ` Dmitry A. Kazakov
2009-06-07 8:33 ` MRE
2009-06-05 9:22 ` Ludovic Brenta
2009-06-05 20:35 ` Tim Rowe
2009-06-09 21:06 ` Olivier Scalbert
2009-06-09 22:14 ` Martin
2009-06-10 6:12 ` MRE
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox