02 May 2015

I am not so Eager to Fly in a 787

One of the innovations on the aircraft is a move from hydraulic to electric actuators.

The need for higher led to the use of Lithium-Ion batteries, which are more prone to fires, and briefly grounded the aircraft.

It now appears that a counter rolling over could cause a complete loss of electrical power:
A software vulnerability in Boeing's new 787 Dreamliner jet has the potential to cause pilots to lose control of the aircraft, possibly in mid-flight, Federal Aviation Administration officials warned airlines recently.

The bug—which is either a classic integer overflow or one very much resembling it—resides in one of the electrical systems responsible for generating power, according to memo the FAA issued last week. The vulnerability, which Boeing reported to the FAA, is triggered when a generator has been running continuously for a little more than eight months. As a result, FAA officials have adopted a new airworthiness directive (AD) that airlines will be required to follow, at least until the underlying flaw is fixed.

"This AD was prompted by the determination that a Model 787 airplane that has been powered continuously for 248 days can lose all alternating current (AC) electrical power due to the generator control units (GCUs) simultaneously going into failsafe mode," the memo stated. "This condition is caused by a software counter internal to the GCUs that will overflow after 248 days of continuous power. We are issuing this AD to prevent loss of all AC electrical power, which could result in loss of control of the airplane."


The memo doesn't provide additional details about the underlying software bug. Informed speculation suggests it's a signed 32-bit integer overflow that is triggered after 231 centiseconds (i.e. 248.55 days) of continuous operation.
This is computer programming 101, and it's bullsh%$ that no one thought of this.

This was something that was present in in Windows 95 and 98 in the last millennium, where the system would crash after 49.7 days (equal to 232 milliseconds).

The embarrassing part for Microsoft was that it took about a decade before it was found, because no one could keep the systems running that long.

Seriously?  New electrics, new actuators, new structures, new manufacturing configuration, all done at the same time ……… I'm waiting for the next shoe to drop.


Post a Comment