Re: Boeing 777 - Totally Irresponsible?

Date:         27 Dec 96 13:32:19 
From: (Scott Odle)
Organization: Earthlink Network, Inc.
References:   1
Next article
View raw article
  or MIME structure

In article <airliners.1996.2792@ohare.Chicago.COM>,
>The keynote speaker of the 1996 Pacific Northwest Software Quality
>Conference reviewed the 10^9 (ten to the ninth power) problem.  Years of
>testing a PC program are required to believe that it won't fail within a
>week of release.  To meet the FAA standard of 10^9 hours of failure free
>operation would require 100 years of testing assuming that one could
>execute 1 test/sec (there are about 10^7 seconds in a work-year).
>He went on to say that because of the millions of lines of code written
>for the 777 that it would be impossible to test all of the failure
>conditions, and therefore was irresponsible to design and deploy such an
>aircraft.  He vowed never to fly on one...
>How was the 777 tested?  Is it safe?  Or is it "unsafe at any airspeed?"

It is not as simple as you make it sound.  First of all, all failures are not
required to be 10-9. Only those that are deemed "catastophic".  Determination
of failures is not necessarily done by testing.  Hazard analysis and effects
analysis is done to determine the effects of a given failure.  As for software,
there are very strict requirements.  However, the level that the software is
certified to based on if the a particular piece of equipment is critical,
essential, or non-essential.