Mailing List lml@lancaironline.net Message #60728
From: Isaac Heizer <ijheizer@comcast.net>
Sender: <marv@lancaironline.net>
Subject: RE: [LML] Steam Gauge Replacement
Date: Tue, 17 Jan 2012 11:41:36 -0500
To: <lml@lancaironline.net>
 Message Header

Undecoded Message
I am an electrical engineer, and have designed and often personally written operating system software for low volume commercial systems since 1979.  I am occasionally amazed at the latent software bugs we've found after a product has been in service for years and years.

We beat systems to death in systems testing (or so we believe) -- and still bugs are later found.  It is not through any lack of intelligence, state of the art design and development practices, good will, or effort.  This was true when I worked at Bell Laboratories.  It was true when I worked at Microsoft.  It was true when NASA lost a $125M Mars orbiter 286 days into its mission because some engineers were thinking in feet and others were thinking in meters.

My plane has a G900X...an experimental version of the Garmin G1000.  I have a lot of confidence in Garmin, and take some comfort in knowing the hardware is "essentially" the same as Garmin's relatively high volume commercial product.  The software is a derivation of their commercial line, too.  I bet Garmin's product design, development, and testing procedures at least rival any other supplier to the general aviation marketplace.  My G900X has performed flawlessly for over 650 hours in my plane.

And yet, Garmin has software bugs that slip through the cracks.  Heck, their current G1000 software has a service bulletin (#1156) indicating there may be a loss of attitude and heading for up to 45 seconds during sustained bank turns in northern latitudes.  Or how about the service bulletin (#1118) indicating possible autopilot disconnection or uncommanded pitch changes when sorting flight plans...

A backup instrument, which may be my final "get out of jail free" option, that is almost entirely software-based?  Not me.

Even if the software "doesn't have any bugs" (!!!), I really don't believe any low volume, relatively low budget, engineering shop (i.e. 99% of GA suppliers) does this kind of system testing (thanks for the link, Brent):

    http://www.youtube.com/watch?v=rDvkZUjBJRw

Even after those impressive tests, I'm willing to bet anything that Cobham is *still* finding latent bugs in their EFIS!

If aesthetics are an issue, IMHO a good looking feature-rich EFIS panel can be made even while incorporating steam gauges:




I just don't see any reason to fool around when lives really are at stake.  Having said all that, I acknowledge that almost everything contains at least some software, and I admit my backup (spinning mass) AI is electric.

-isaac
N7842K

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster