Originally Posted by
SteinarN
The first Ariane 5 launch failure in the 90's would be a prime example for just such a software error.
The report is very interesting reading,
ARIANE 5 Failure - Full Report the 3.1 findings summarizes a series of assumptions that led to the failure.
One lesson is undcocummneted ( or at least not formally captured/controlled) decisions are very likely to be buried over time and are impossible to verify against new requirements.
One other takeaway is that 'best effort' fail soft would have saved the mission, rather than setting a diagnostic code on output had the irs units set a "suspect" flag instead and continued to provide data the main guidance system would have been fine. (The overflow error was in an alignment routine that did not affect the main functions.)
Parallel to 737 MAX would be to display an error band on airspeed on disagree if raw data was consistent, indicating a failure in the corrections not the pitots.