Assessment of Possible Reasons for Boeing 737 Max 8 Crashes and AREA-42 Safety Case

The learning outcomes that are assessed by this coursework are:

LO1 Critically evaluate the current taxonomies of CSs including international standards

LO2 Learn how to specify expandability properties of systems

LO3 Know and evaluate methods for developing dependable systems

LO4 Critically evaluate the use of formal methods in the life cycle of CSs

Your marked coursework and feedback will be available to you on Fri 10th July 2020

If for any reason this is not forthcoming by the due date your module leader will let you know why and when it can be expected. The Associate Professor

Student Experience ([email protected]) should be informed of any issues relating to the return of marked coursework and feedback. Note that you should normally receive feedback on your coursework by no later than 20 University working days after the formal hand-in date, provided that you met the submission deadline

When completed you are required to submit your coursework via:

Turnitin through an assignment submission portal on Blackboard If you need any support or advice on completing this coursework please visit the Student Matters tab on the Faculty of Computing, Engineering & Media Blackboard page.

Late submissions will be processed in accordance with current University regulations which state: “the time period during which a student may submit a piece of work late without authorisation and have the work capped at 40% [50% at PG level] if  passed is 14 calendar days. Work submitted unauthorised more than 14 calendar days after the original submission date will receive a mark of 0%. These regulations apply to a student’s first attempt at coursework. Work submitted late without authorisation which constitutes reassessment of a previously failed piece of coursework will always receive a mark of 0%.”

These include plagiarism, cheating, collusion, copying work and reuse of your own work, poor referencing or the passing off of somebody else’s ideas as your own. If you are in any doubt about what constitutes an academic offence or bad academic practice you must check with your tutor. Further information and details of how DSU can support you, if needed,

The Boeing 737 Max 8 aircraft were grounded after two fatal crashes in October 2018 and March 2019 leaving respectively 189 and 157 people dead. In both cases pilots struggled to control the aircraft after it began nosediving.

An automated safety system - known as the Manoeuvring Characteristics Augmentation System (MCAS) - was implicated in both crashes. Reports and information on the MCAS system:

• Indonesian final crash report

• Ethiopian preliminary crash report

• Boeing 737 Max 8 MCAS system

Provide an assessment of the possible reasons for the crash in the light of what we discussed in the module. If possible use the material on the Boeing 737 Max 8 MCAS safety system. You are free to use other material you are able to find, also things which may be published till the end of the submission period.

Produce a safety case for AREA-42 when no failures occurs. The following components should be discussed:

• System design and scope

• Safety requirement

• Human factors

• Safety analysis and validation

• Safety argument (textual or in form of GSN)

b) Produce a safety case for AREA-42 when failures occurs. The following components should be discussed:

• System design and scope

• Safety requirement

• Fault tolerant techniques employed

• Hazard/risk identification and analysis

• Human factors

• Root cause analysis

• Hazard control/risk reduction measures

Note: first identify potential hazards/failures for AREA-42 and use fault tolerance techniques to design AREA-42 that meets the safety requirements in the presence of these identified failures.

When the insulin pump is in automatic mode, the software periodically determines (using the blood sugar level readings) the dose of insulin that should be administered to the user. This is the functionality provided by the insulin pump software which is considered to be a safety critical system. Therefore it is crucial to examine the algorithm (see Annex A, also available from blackboard) that performs this task and produce a safety argument, in order to determine that it is adequately safe. You are required to deliver

• Produce a safety proof analysis, i.e., check whether the algorithm can reach unsafe state(s).

• If you discovered that unsafe state(s) could be reached, describe an appropriate modification to the algorithm.