NTRS - NASA Technical Reports Server

Back to Results
The Dangers of Failure Masking in Fault-Tolerant Software: Aspects of a Recent In-Flight Upset EventOn 1 August 2005, a Boeing Company 777-200 aircraft, operating on an international passenger flight from Australia to Malaysia, was involved in a significant upset event while flying on autopilot. The Australian Transport Safety Bureau's investigation into the event discovered that an anomaly existed in the component software hierarchy that allowed inputs from a known faulty accelerometer to be processed by the air data inertial reference unit (ADIRU) and used by the primary flight computer, autopilot and other aircraft systems. This anomaly had existed in original ADIRU software, and had not been detected in the testing and certification process for the unit. This paper describes the software aspects of the incident in detail, and suggests possible implications concerning complex, safety-critical, fault-tolerant software.
Document ID
Document Type
Conference Paper
Johnson, C. W. (Glasgow Univ. United Kingdom)
Holloway, C. M. (NASA Langley Research Center Hampton, VA, United States)
Date Acquired
August 24, 2013
Publication Date
October 22, 2007
Subject Category
Avionics and Aircraft Instrumentation
Meeting Information
2nd International Conference on System Safety 2007(London)
Funding Number(s)
WBS: WBS 457280.
Distribution Limits
Public Use Permitted.

Available Downloads

NameType 20070034017.pdf STI