[SystemSafety] Overflow triggering AC power cut-off in Boeing 787
David MENTRÉ
dmentre at linux-france.org
Sun May 3 18:44:04 CEST 2015
Hello,
Le 2015-05-03 10:41, Mike Ellims a écrit :
> “History teaches us that people have never learned anything from history.”
>
> Hegel
>
> http://rgl.faa.gov/Regulatory_and_Guidance_Library/rgad.nsf/0/584c7ee3b270fa3086257e38004d0f3e/$FILE/2015-09-07.pdf
For those that don't want to read the FAA advisory, a signer integer
overflow can trigger a cut-off of all AC power in Boeing 787 planes
after 248 days (~8 months). It never occurred on real planes but in
simulation.
Other source:
http://betterembsw.blogspot.fr/2015/05/counter-rollover-bites-boeing-787.html
This would not happen if absence of overflow was automatically checked
(by using tools like Frama-C, Astrée or Polyspace). Or more probably
this overflow was identified but judged as "could never happen". Would a
reader of this list have some insight about what really happened?
Best regards,
david
More information about the systemsafety
mailing list