I have been a Software Developer and Analyst for 38 years. I understand well the basics of system design. One of the first Principles taught in Computer Science classes is now an old adage: "Garbage in - garbage out". The Corollary is: that all software should be carefully tested using many input values, especially 'out-of-bounds' inputs - data that is unusual, unexpected, or considered "impossible". From this principle and corollary comes the Requirement: that any inputs, including those 'out-of-bounds' must never lead to a catastrophic outcome... Although MCAS is a wonderful and perhaps necessary software system, it appears that MCAS may not properly deal with some cases of faulty inputs. If this is the case, then there is a very serious flaw in the software. If this is the case, then Boeing must make public a full explanation of the role of the MCAS software in theses crashes, rather than just blame a faulty sensor or say it was 100% pilot error... My confidence in the previous generation, Boeing 737 NG, is solid. However, I don't expect to fly any 737 MAX (model 8, model 9 or model 10), without knowing two things: a) final and complete determination of the causes of the two recent 737 MAX crashes, and b) all of the system software has been thoroughly analyzed, fixed and tested... I have always had confidence that that US airlines care about passenger safety. However, that confidence will be permanently DESTROYED if another 737 MAX crashes before adequate understanding and resolution of this tragedy.
... View more
