Johnson, C.W. (2009) The dangers of interaction with modular and self-healing avionics applications: redundancy considered harmful. In: 27th International Conference on Systems Safety, Huntsville, Alabama, USA, 3-7 Aug 2009, pp. 3044-3054.
Full text not currently available from Enlighten.
Abstract
Redundancy is one of the primary techniques for the engineering of safety-critical systems. Back-up resources can be called upon to mitigate the failure of primary systems. Traditionally, operator intervention can be required to manually switch between a failed unit and redundant resources. However, programmable systems are increasingly used to automatically detect failures and reconfigure underlying systems excluding faulty components. This creates problems if operators do not notice that their underlying systems have been reconfigured. In this paper, we examine a number of additional concerns that arise in the present generation of redundant, safety-critical applications. A range of innovative ‘self-healing’ avionics applications are providing new benefits through the application of redundancy. They are also raising serious questions about the operators’ ability to maintain situation awareness as control passes from primary to secondary and tertiary applications. Two recent in-flight interruptions involving a Boeing 777 and an Airbus A330 are used to illustrate the argument.
| Item Type: | Conference Proceedings |
|---|---|
| Status: | Published |
| Refereed: | Yes |
| Glasgow Author(s) Enlighten ID: | Johnson, Professor Chris |
| Authors: | Johnson, C.W. |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science H Social Sciences > HV Social pathology. Social and public welfare T Technology > TL Motor vehicles. Aeronautics. Astronautics |
| College/School: | College of Science and Engineering > School of Computing Science |
| Related URLs: |
University Staff: Request a correction | Enlighten Editors: Update this record
Deposit and Record Details
Deposit and Record Details