NW_Pilot's Trans-Atlantic Flight -- All the scary details...

A few years ago, I remember reading an excellent book on general design of
modern avionics. In particular, one thing that I believe is different between
Garmin's baby and what they have in B-s and A-s is redundancy. The whole thing
there is doubled, and some critical components are tripled. And then there's
a whole body of software that takes care of voting-elimination among inputs.
By design, the event of the computer reboot (i.e. all three redundant computers
reboot) is perhaps as likely as the event of all four engines quitting at the
same time. What surprises me is that Garmin got FAA approval for such a system,
whereas it doesn't even come close to what "normal" glass cockpit is supposed
to be like in terms of robustness of system design. I understand it's all done
in the name of affordability, but this is clearly a dangerous game to play.

If you think about it, just to be able to claim any kind of "robustness",
you should be reasonably sure that there's no single failure that will take
the whole system out, right? And there we go: excessive fuel venting took
airspeed indicator out completely, and CO indication out completely. And this
is aside from any software bugs; this is the way G1000 is supposed to work
by design!

So, I guess my point is: you can't just take a steam-gauge-type airplane,
replace all the individual *independent* instrument systems with one
electronic box, and claim you've got an equally reliable plane. No way. By
tying everything together and establishing inter-system dependencies that
never existed before, you increase your likelihood of a catastrophic failure
by orders of magnitude. If you want to use an all-in-one instrument system,
you need to redesign the airplane and fit it with redundant systems to
compensate for that loss of overall reliability.

That's the book, btw:
http://www.amazon.com/Avionics-Handb...e=UTF8&s=books


Andrey


Larry Dighera wrote:
On Mon, 02 Oct 2006 10:18:13 GMT, Matt Whiting
wrote in :

... , it isn't a good idea to have all of your
eggs in one basket, especially when that basket is made of software! :-)

It would seem that Airbus has successfully grappled with this issue.
Perhaps Cessna and Garmin should get a clue from them.