Ron A. writes:

Garmin needs to wake up! To have out-of-bounds sensor inputs reboot the
system continuously, especially something as unreliable as fuel sensors, is
horrible system design.

It implies that the system was designed by desktop programmers,
instead of people with experience building mission-critical computer
systems. I guess people will have to die to get bugs fixed.

There is never any excuse for a safety-of-life computer to reboot,
short of a power interruption.

What do you want to bet that there is a bunch of other safety critical,
software driven devices that are prone to this?

Unfortunately, there are probably a great many of them, including
anything built by Garmin.

Think about this for a second. What if there was some unexpected
transmission from a GPS satellite due to an incorrect software load to the
satellite that caused the G1000 to reboot continuously. Now extend that.
Take your Garmin portable GPS out to save your butt and it ALSO includes the
deficient algorithm and continuously reboots. Scary. I would bet the
portables share quite a bit of logic and decision trees with the panel
mounts.

Probably. And you can bet that nobody is verifying the generated
binaries bit by bit, the way people used to verify safety-of-life
software in the old days. If it compiles without errors, it's ready
to ship!

--
Transpose mxsmanic and gmail to reach me by e-mail.