Originally Posted by lomapaseo
Can we work with the questions in post # 3? or is more information needed to clarify?
Much more information is needed to clarify, probably more than anyone here has.
There are, say, about 100,000 lines of source code (LOC) in typical FADECs on a modern engine. The highest quality level known to have been attained in code for a critical system is about one error in 25,000 LOC, and more typical quality levels are of the order of 1 in 1,000 LOC. So you can expect a few to about a hundred errors in FADEC code. Now, you can't tell what executing code through those errors is going to do to the behavior of the FADEC. The manufacturer has to have performed an appropriate a hazard analysis. That will presumably demarcate what kit behavior the FADEC can possibly influence and what not.
Such a failure may or may not raise an ECAM message. Tyropicard says what happens if you lose both channels, assuming a fail-stop scenario. With a fail-live scenario it could be different.
That is the glory of digital electronics. It makes hazard analysis extremely hard, indeed in many cases combinatorially infeasible.
PBL