Dependable flight control system by data diversity and self-checking components

J. Christmansson, Z. Kalbarczyk, J. Torin

Research output: Contribution to journalArticlepeer-review


This paper proposes a principle for the tolerance of software design faults in a Flight Control System. The system is considered on two levels: (i) the entire system in which N-copy programming is applied, and (ii) the individual Guidance and Navigation Computer (GNC), which is a self-checking component. The performances of data diversity (N-copy programming) and the traditional design without diversity (multiple computation) were compared in an experiment using fault injection with a method based on mutation testing. The best performances for N-copy programming and multiple computation were 95.5% and 66.6% correct results, respectively. However, the reliability improvement introduced by the N-copy programming is application-specific. The N-copy programming alone is not likely to fulfil the safety requirements and therefore each GNC of the Flight control System is regarded as a self-checking component. A pessimistic and an optimistic analytical estimation of the enhancement introduced to each GNC by the self-checking component showed that the MTTF (Mean Time To Failure) increased by two times and nine times, respectively.

Original languageEnglish (US)
Pages (from-to)207-222
Number of pages16
JournalMicroprocessing and Microprogramming
Issue number2-3
StatePublished - Apr 1994
Externally publishedYes


  • Data diversity
  • Markov modelling
  • Self-checking
  • Simulation based fault injection
  • Software design faults

ASJC Scopus subject areas

  • Engineering(all)


Dive into the research topics of 'Dependable flight control system by data diversity and self-checking components'. Together they form a unique fingerprint.

Cite this