[SystemSafety] Looking for information about safety-critical software faults in road vehicles

Ferrell, Uma D. uferrell at mitre.org
Wed Aug 22 14:16:37 CEST 2018 

FAA has a searchable archive of a combination of safety data bases- Aviation Safety Information And Sharing (ASIAS).  Each of these databases are searchable. There are also studies that have been conducted on specific issues.  
https://www.asias.faa.gov/apex/f?p=100:1:::NO:::


-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On Behalf Of Peter Bernard Ladkin
Sent: Wednesday, August 22, 2018 7:48 AM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] Looking for information about safety-critical software faults in road vehicles

MITRE WARNING: Do not open unexpected password-protected attachments.

>>>Email originates from a non-MITRE system. Use caution.<<<



On 2018-08-22 10:50 , Peter Bishop wrote:
> 
> A better source might be airworthiness directives (AD). These are 
> fixes to aircraft systems mandated by organisations like the FAA in 
> response to reported incidents (i.e. present a risk to flight safety).

I agree. They are also just in two places (FAA and EASA) and the EASA WWW site is easily searchable.
However,

> While
> software is not mentioned, directives to update flight control systems 
> are most probably (almost certainly?) software related.
Here is a catch. There is lots of stuff that is design-related which is most easily fixed in SW.
That doesn't mean the source was a SW issue.

Take Learmonth, the Qantas A330 incident in which the PFCS went on a roller-coaster ride. Trigger was a series of signal spikes coming from an ADIRU. Lots of signal anomalies are filtered in the PFCS SW, but this one wasn't. I understand that it had been considered during design and a decision was made that such a signal would not be generated in an otherwise-healthy ADIRU. So they didn't filter. The fix is obviously SW: put in a filter. But the original problem was a misjudgement. (BTW, they never did find anything with the ADIRU to explain the signal.)

I wouldn't be surprised to find that a majority of SW fixes are for such things which do not have a SW origin.

PBL

Prof. Peter Bernard Ladkin, Bielefeld, Germany MoreInCommon Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs-bi.de

More information about the systemsafety mailing list