The paper "Airborne Software" is a great example of a report on design and technology. An aircraft like the Airbus 320 runs in a fly-by-wire system, meaning that software controls most of its vital functions. However, because the airplane cannot tolerate the failure of its fly-by-wire software, its system reliability requirement is a failure rate of 10-9 per hour. The approved failure rate means that the system can stand at most one failure in 109 hours. In other words, the system can fail at most once in over 100,000 years of operations.
When a system has ‘ ultra-high reliability’ , it means that it has at most one failure in 109 hours (Atlee 2009, p. 499). The use of fly-by-wire saved weight, improved aircraft handling, increased reliability, and reduced maintenance cost (Helfrick 2007, p. 167). Boeing’ s philosophy in cockpit design is to make similar layouts on similar aircraft and in this case, the Boeing 777 layout is similar to that of another long-haul like B747 or 400. Although the B-747 and 400 is a conventional, assisted, mechanical-controlled aircraft, that plane, and the Boeing 777 fly virtually the same (Helfrick 2007, p. 167). Envelope Protection The Boeing 777 fly-by-wire system employs ‘ envelope protection’ which is a feature of the artificial-feel system that provided increasingly greater force when the aircraft is pushed to its limits.
Unlike ‘ envelope limiting’ which will not permit maneuvers beyond the limits of the aircraft, a pilot using an envelope protection system can cause maneuvers beyond the limits of the aircraft but is dissuaded by increasing reveres force. Since the system is controlled electronically, there is an opportunity to incorporate system control expansion and envelope protection features that would have been problematic to provide in a conventional mechanical system (Spitzer 2007, p. 43). The B777 Primary Flight Control System has made full use of the capabilities of this architecture by including features like bank angel protection, turn compensation, stall and over-speed protection, pitch control and stability augmentation, and thrust asymmetry compensation.
However, it is important to note that none of these features restrict the action of the pilot. The B777 design utilizes ‘ envelope protection’ in all of its functionality rather than ‘ envelope limiting’ . Envelope protection deters pilot inputs from exceeding certain predefined limits but does not prohibit it.
Envelope limiting prevents the pilot from commanding the airplane beyond the set limits. For instance, the B777 bank angel protection feature will significantly increase the wheel force a pilot encounters when attempting to roll the airplane past a predefined bank angle. This acts as a prompt to the pilot that the airplane is approaching the bank angle limit. However, if deemed necessary, the pilot may override this protection by exerting a greater force on the wheel than is being exerted by the back drive actuator.
The intent is to inform the pilot that the command being given would put the airplane outside of its normal operating envelope, but the ability to do so is not precluded. This concept is central to the design philosophy of the B777 Primary Flight Control System (Spitzer 2007, p. 43). Real-time Fault Tolerance Systems The B777 also makes extensive use of a local area network or LAN, for avionics as well as for the in-flight entertainment system. Because the Boeing 777 comprises 66 distinct systems, communications between systems and the components of the system present huge tasks.
The major function of airborne digital communications systems is to transmit a number of data signals on a single wire or ‘ multiplexing’ .