Originally Posted by
Mad (Flt) Scientist
All DAL-A assures is that the software does what the software requirements say it should do, not that those requirements are themselves correct or complete. That's a SYSTEMS requirements issue not a software requirements issue - and indeed, can be thought of as applying to non-software aspects of design as well.
I understand that.
And, if MCAS failure had been properly classified as catastrophic (which should be the case for any system with full authority over the H-stab), it would have failed certification at the DAL-A level. If MCAS 2.0 has similar authority, the same applies -- and may apply for other reasons, but we don't really know the 2.0 details, at this point.