[SystemSafety] Technical information on Airbus A320 recall?

Michael J. Pont m.pont at safetty.net
Sun Nov 30 19:25:55 CET 2025 

We would typically duplicate variables (store a variable plus a bitwise
inverted copy) in order to detect this form of memory corruption.

[If we want to recover from the impact - not simply detect it - then we
clearly need to triplicate the data.]

I wonder if memory restrictions in new - expanded - software meant that a
lower level of duplication was employed?

This might have had a particular impact on earlier hardware units (it seems
possible that such units might have more limited memory, possibly without
ECC or similar hardware protection mechanisms).

Pure speculation on my part.

Even if this was the case, then - in what I assume is a DAL A design, that
clearly needs to be 'fail operational' - there does not seem to have been
any form of 'backup' unit in the system.  This is very surprising.

Michael J. Pont
SafeTTy Systems Ltd.

-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On
Behalf Of Prof. Dr. Peter Bernard Ladkin
Sent: 30 November 2025 17:04
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] Technical information on Airbus A320 recall?

On 2025-11-30 15:33 , Brian Jepson wrote:
> On 30/11/2025 14:07, Prof. Dr. Peter Bernard Ladkin wrote:
>> Which doesn't help answer David's question of how a pure *software* 
>> change can affect SEE subsceptibility.
>
> Software cannot prevent SEE it can defend against the effects of an event.
>
It is clear to me that you can write SW which makes a computer more
resilient to the effects of SEEs. It is not at all clear to me how you can
write SW which makes a computer more susceptible to the effects of SEEs,
except by removing code which made it so resilient in a previous version.

I guess one way might be that new software accepts a greater range of input
values from sensors, so that there is a greater range of input available for
SEE corruption which affects program execution. 
However, I don't see how reverting to a narrower range of inputs would help
prevent SEE corruption except in a purely statistical sense. So I wouldn't
think that is what is going on in the current situation.

PBL

Prof. Dr. Peter Bernard Ladkin
Causalis Limited/Causalis IngenieurGmbH, Bielefeld, Germany
Tel: +49 (0)521 3 29 31 00

_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
Manage your subscription:
https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety

More information about the systemsafety mailing list