Another rewrite for 737 Max software as cosmic bit-flipping tests glitch out systems – report

Third time's a charm?

Further details have emerged on the 737 Max flight control software bug discovered at the end of June, with reports suggesting that belated tests by a US regulator found the hitherto unknown bug.

The Seattle Times, Boeing's hometown newspaper for many years, explains in detail how timid Federal Aviation Authority regulators eventually woke up and began doing their jobs in full after the two Boeing 737 Max crashes earlier this year.

During tests intended to check for malfunctions of the 737 Max's redesigned flight control software, the pilots still managed to lose control of a simulated aircraft during ground exercises. The test which caused them to lose control involved flipping bits in the memory of one of the Boeing's two flight control computers.

Flipping bits, the article explains, is intended to simulate a rare but not impossible situation where cosmic rays striking the memory of electronic components in flight can reset bits from 0 to 1. With 737s routinely flying up to 37,000ft, the possibility of this happening increases with altitude.

Testing focused on flipping five bits, said to control some of the most crucial parameters: positioning of flight controls and activation state of flight control systems, such as the infamous MCAS anti-stall system.

Astonishingly, until the 737 Max crashes, the aircraft was flying with no redundancy at all for the flight control computers. If the active one failed or suffered inversion of critical bits in memory, there was no standby unit ready to cut in and continue. The Seattle Times reported that this has now been redesigned so the two onboard computers run in an active:standby configuration. Previously the units merely swapped over in between flights.

In addition, the computers will receive input from both angle-of-attack sensors rather than just the one. A faulty AoA sensor is thought to have been a contributory factor to the 737 Max crashes, which together cost more than 300 lives.

Boeing is now working on yet another set of fixes in the hope that the 737 Max (or 737-8200, as some think the troubled aircraft may be rebranded) can regain certification from American authorities by October. Whether the rest of the world will trust the US FAA is unknown, however; China led the worldwide regulatory push to ground the unsafe aircraft, and despite Boeing's well-reported close relationship with the American regulator, the odds of all the world's civil aviation authorities taking it at its word is now lower than it was before the crashes. The US FAA was, predictably, the last major authority to take action and ground the dangerous aircraft.

The Seattle Times reported: "According to a third person familiar with the details, Boeing expects to have this new software architecture ready for testing toward the end of September. Meanwhile, it will continue certification activities in parallel so that it can stick to its announced schedule and hope for clearance from the FAA and other regulators in October."

As we reported previously, the flaw was thought to have been caused by a revised version of the 737 Max's firmware, triggering some unknown condition that caused a microprocessor in the active flight control computer to lock up. ®

Similar topics

Broader topics

Narrower topics

Other stories you might like

  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by, a US-based, non-profit computer security organization.

    Continue reading
  • Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

    NotPetya started over there, don't forget

    US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.

    In a statement issued on Tuesday, the Cybersecurity and Infrastructure Security Agency said it "strongly urges leaders and network defenders to be on alert for malicious cyber activity," having issued a checklist [PDF] of recommended actions to take.

    "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," added CISA, which also advised reviewing backups and disaster recovery drills.

    Continue reading

Biting the hand that feeds IT © 1998–2022