As Thor correctly quoted, Boscombe recommended a rewrite, having declared the implementation "positively dangerous".
ACAS signed his RTS less than a month later, in doing so declaring that all regulations had been complied with.
14 months later the AAIB stated the software in ZD576 was at its original issue (i.e. at the standard assessed and rejected by Boscombe).
This rather begs the question how the Certificate of Design for Safety Critical Software System/Subsystem (if one even exists) could be remotely valid given the Designer had to sign the Certificate to the effect it (software and host system) complied with laid down standards and that the "Requirement, Hazard Analysis, Design, methods employed and standard of work carried out, with a specific regard to safety, meet the satisfaction of the Independent Safety Auditor". The latter then had to sign the Certificate to confirm this. The PM then had to sign his acceptance. (See JB's post above - I can't imagine EDS-Scicon signing the Certificate). No Certificate, the equipment does not get in the PM's aircraft. End of.
Another good question is just who the Design Authority for the engine/FADEC was. This is not straight forward because at the time, for older engines, MoD (D/Eng) acted as DA, not the contractor. I wish I knew this detail because therein lies the answer to many questions on this subject. I have a distinct feeling this system changed during FADEC / new engine variant development (mid-1993 at a guess) and would not be surprised if the answer was confusion reigned supreme. But the stability and continuity was provided by Boscombe, which was all the more reason to listen to their advice.
So - Who signed the Certificate and who accepted the design, knowing Boscombe had condemned it as "positively dangerous" and recommended a complete re-write? It makes you wonder what pressure was applied.
All this may seem a bit of a bore, bureaucratic and unnecessary to some. Certainly, the staffs of the RAF Chief Engineer in 1991-94 thought it a complete waste of money. But to the guy with the signature, very often a relatively low grade, implementing these regulations properly is money in the bank. Verbal agreements or discussions do not stand the test when the chips are down, such as following an accident when certain types, who do not sign anything but have the "authority" to instruct you to ignore regulations, disappear into the woodwork with denials and different interpretations.