walter kennedy:
To that enormous number of hours I add that not only was there no evidence of a FADEC problem in this crash but, as I have described previously, that snapshot state preserved by the impact showed definitively that the engine management system had been performing normally.
No problem with the lack of evidence of a FADEC problem but I am very sceptical that for an extremely complex piece of software such as a FADEC it would be possible that a "snapshot state preserved by the impact showed definitively that the engine management system had been performing normally". It is entirely plausible for such complex software to fail and to mask its own failure from any monitoring devices. Indeed, the "masking" can be an essential ingredient of the accident (if it wasn't masked something would have noticed and raised an alarm, which/or someone would have noticed and recovered to a safe state).
Of course, none of what I write above is any kind of evidence that the FADEC caused the crash. But, imo, it is evidence that it can't be ruled out.
tucumseh, quoting from policy:
If validation procedures are to be carried out by an independent agency (in this case, Boscombe) MoD should secure adequate rights of access and use to design information and code for itself and its agents, while protecting the rights of the originators.
Presumably tucumseh hasn't quoted everything here because this doesn't fully substantiate what he wrote in #7861. In a way, the quoted paragraph is nugatory because if you're going to carry out "validation procedures" then you need "
adequate rights of access and use to design information and code". What's more interesting, I think, is the extent to which MoD was (or even is) required to facilitate that independent validation. For a time in the 90s it seemed to be a de facto policy for safety-critical avionics software but I wouldn't know whether it was ever formally required.