* Posts by nariman

2 posts • joined 10 Aug 2018

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

nariman
Boffin

Re: Hey software, get the fuck out of the way!

Yes, quite.

I mean, I haven't worked in safety critical systems design, just kernel software and real-time systems in general, but one of the first questions during say a design review for a safety critical system might be "what if the inputs are total rubbish".

I mean we go to such extreme lengths for web forms.

If a subsystem has the capability to override the pilot and cause death (i.e. nosedive the plane, which seems to be the primary purpose of the sytem, in effect) then surely it has to be n-modular redundant and voting and all that high brow aerospace/aviation gubbins?

No?

So reawakening some of my degree from a long lost part of my brain it seems like the IEC 61508 standard has an automotive flavour "ISO_26262" (which I am using here to prove that there is at least a pretty obvious step at which this should have been identified as an issue). Clearly the aviation standards will be more exacting (right?).

https://en.wikipedia.org/wiki/ISO_26262#Parts_3-7:_Safety_Life_Cycle

Bullet point number two (after "identify the item and its requirements"):

"A comprehensive set of hazardous events are identified for the item."

Is "bogus input from a single sensor with no validation" not a "hazardous event" given that the direct consequence is nosediving?

Hindisight etc. Icon for sarcasm.

Spec-exec CPU bugs sweep hacking Oscars – and John McAfee’s in there like a bullet

nariman

Well done all!

But more importantly, when are Jann Horn, and Anders Fogh co-authoring a paper so they can shoehorn i"Fogh-Horn" in as a name for an exploit or technique?

Biting the hand that feeds IT © 1998–2019