I don't usually reply to ignorant commentary, because there is just so much of it. But there is ignorance, and then there is willful ignorance. Speculating in public on matters which are clearly dealt with in the existing literature is a disservice to anyone involved in or with this accident, including the investigators, and the engineers who worked on the airplane.
Originally Posted by Captain Crunch
I'm not a software expert, .... All I can fathom is that dual identical software bugs struck at the same time in the same conditions since the code is identical on both channels and identical on both engines.
Yes, we can agree you are not a software expert. I am.
In the report, even preliminary reports, on this accident, it is clearly stated that the FADECs behaved exactly as intended and designed for the conditions with which they were presented. Even if there are anomalies somewhere, on this occasion they did not show.
Originally Posted by Captain Crunch
you're talking about millions of lines of computer code and expotential combinations of output. It might take ten or twenty years to test all the possible software decision trees.
We are talking about some small hundreds of thousands of lines, not millions. If that code is DAL A, there is a certification requirement to exercise all decision branches: it is called MC/CD testing. I don't know whether the code was MC/DC tested but I can find out.
However, this does not suffice to test the code adequately. In fact, thorough testing is impractical. Far from "ten or twenty years", to reach the conclusion that there are no dangerous errors in the software would require testing for as long as or longer than the entire service life of the aircraft. It is impractical to reach a conclusion with any reasonable level of confidence through statistical testing that the software has a lower rate of failure than once every hundred thousand operational hours on average. This is a hard mathematical boundary, one with which critical-software developers have to work.
PBL