
How Airbus is debugging the A350 - hencq
http://www.businessweek.com/articles/2014-02-13/how-airbus-is-debugging-the-a350#p1
======
ChuckMcM
I am impressed they have a distributed CAD/CAM system which lets them share
the schematics of the planes construction with all the partners. "Source Code
Control" in the 3D CAD space was abysmal, got better in the 3D digital feature
space as studios created systems for asset management, and it seems to be
solidly implemented by Airbus here : (video link:
[http://videos.airbus.com/video/dc6bd25e7f3s.html](http://videos.airbus.com/video/dc6bd25e7f3s.html))

~~~
nether
> "Source Code Control" in the 3D CAD space was abysmal, got better in the 3D
> digital feature space as studios created systems for asset management, and
> it seems to be solidly implemented by Airbus here

I doubt that when technical drawing "versioning" predates CAD by decades, in
the form of drawing release/review and configuration management (CM) groups
that were highly organized by WW2. This was then implemented by packages like
ENOVIA, SolidWorks PLM, which facilitate the review/signoff process to be
paperless, but it is basically the same. This is completely different from the
entertainment industry, which doesn't care about part compatibility, analyst
reviews (stress, aerodynamics, weights, etc.), not to mention the nature of
CAD data (rife with engineering metadata on assembly hierarchies, dimensions
with tolerances, materials) being very different from the "looks good"
graphics of entertainment/art.

~~~
ChuckMcM
My take on it has always been that 'drawings' (in the draftsperson meaning)
were essentially the archive format of designs. So while you could look
through a list of change orders in a drawing, _seeing_ what that change was,
or more commonly not seeing it, has been the challenge. Boeing made a big deal
about this when, as a Sun customer in the '80s, Sun helped them put basic
drawings online as living models/schematics.

I would agree its less impressive if everyone is forced to used the same CAD
package. The video did not state whether or not that was the case.

------
jbapple
Airbus has been one of the success stories commonly told by the static
analysis community:

[http://www.astree.ens.fr/](http://www.astree.ens.fr/)

(Here I mean
[https://en.wikipedia.org/wiki/Static_program_analysis](https://en.wikipedia.org/wiki/Static_program_analysis)
, not
[https://en.wikipedia.org/wiki/Static_analysis](https://en.wikipedia.org/wiki/Static_analysis)
)

~~~
blah32497
I'm fairly ignorant of the details of static analysis, but why is it being
done on programs written in C?

Shouldn't they use languages specially suited for this kind of analysis?

I remember learning that stateless programing (ie. functional programming)
makes this kind of analysis several orders of magnitude easier since it
eliminates coupling and control flow dependence. Yet I've never heard of
critical software being written in Haskell or whatever.

~~~
rwallace
When you're writing safety-critical code, what you want above all else is
_lack of surprises_. Sure, C has pitfalls, what language doesn't? But we know
what the pitfalls are. We have decades of experience in avoiding them. The
toolchains are mature and very well tested. The source code maps fairly
directly to the hardware. You don't have to put your trust in esoterica like
trying to find a garbage collector that claims to be able to meet real-time
constraints and then trying to understand the edge cases in the analysis on
which that claim is based.

It's okay to have bleeding edge technology in the ancillary tools like the
static analyzer. But for safety-critical work, you don't want bleeding edge
technology in the language in which you're writing the actual code.

~~~
cpeterso
Also, a straightforward mapping from source code to machine code is important
for auditing generated code.

------
pmr_
Given for how long we have been developing airplanes and even planes in almost
the same size as the A350 the lack of a somewhat standardized development
process astounds me. Did newly developed planes used to be less safe and were
more problems worked out during actual use? Or did they just not have as many
problems to begin with due to less automation and sturdier but heavier
materials?

~~~
Serow225
Having worked in the flight test industry in a 'prior work life', nothing that
this article describes sounds especially interesting or novel. I think what
happened is that when the planes started getting technologically intense and
at the same time the development team became highly distributed
(geographically and contracted), there was a period of time where things 'got
out of control' in that a) the design/simulation tools didn't have good
capabilities for dealing with this level of distributed/revisioned work b) it
was more important to 'get the job done' than making sure that everyone used
the same exact toolchain and was working on the same version of the model etc.
Eventually this caught up with them and they experienced some significant
issues (like the wiring snafu the article mentioned, and I also recall another
issue where fuselage parts wouldn't mate up), which finally made the industry
pull back and get serious about fixing these design tool/practice issues.

------
rqebmm
So if I'm following this correctly, Airbus's breakthrough design philosophy is
to use distributed version control to facilitate iterative construction with a
heavy emphasis on integration testing?

------
brownbat
The megastructures documentary provides a pretty captivating look at
construction:

[http://www.youtube.com/user/megadocumentary1](http://www.youtube.com/user/megadocumentary1)

~~~
chockablock
Link is to doc on A380 not A350.

------
todd8
Imagine the difficulty in debugging modern CPUs. Remember the floating point
problems Intel had? There are far too many possible edge cases to be confident
that testing alone will reveal them. Consequently, both Intel and AMD use
formal proof methodologies to verify the correctness of their processors. I
know that AMD uses (or used to use) the work of Boyer and Moore for validation
of their designs. Intel uses it own prover. [1]

[1] Fifteen Years of Formal Property Verification in Intel by L Fix, 2008
[[http://www.cs.ucc.ie/~herbert/CS6320/EXS/LimorFix%20Intel%20...](http://www.cs.ucc.ie/~herbert/CS6320/EXS/LimorFix%20Intel%20FM.pdf)]

------
jreichhold
This is nothing new and isn't different from Boeing in anything they mentioned
in the article. Yes the 787 had issues, but the same types of testing
occurred. The 787 was fundamentally different from previous Boeing aircraft
with lots of primary components made by subcontractors. Lack of rigor and
believing things would just work (too optimistic) from what I have heard on
the outside.

Iron birds, flight tests, etc are the requirements from the certification
authorities. I.e. this is a fluff piece acting as journalism where the title
and conclusions don't match the data.

~~~
Uchikoma
To me, not being an expert, the article mentioning a lot of rigor and
thoroughness to not run again into the A380 problems, this

"This is nothing new and isn't different from Boeing in anything they
mentioned in the article."

contradicts this

"Lack of rigor and believing things would just work (too optimistic) from what
I have heard on the outside."

~~~
jreichhold
This is an article with no attempt to understand the state of the art outside
of what Airbus wanted written and is PR spin. Most of the techniques here were
used in the 737NG program in the late 90s

~~~
Uchikoma
So your answer in this discussion is "PR spin. PR spin."

------
ajcarpy2005
A good fiction book for those interested in aircraft engineering, testing,
maintenance, root cause analysis after problems, etc. is "Airframe" by Michael
Crichton.

------
ninjazee124
Anyone know how they built their 3D graphic page?

[http://images.businessweek.com/graphics/airbus-a350-3d-graph...](http://images.businessweek.com/graphics/airbus-a350-3d-graphic/)

How did they go from the Trimble/Sketchup A350 model to showing the model in
the browser in "3D"?

~~~
kalleboo
No idea, but it put this in the Javascript Console...

    
    
       Recommended listening: 
        http://youtu.be/AjzcdvF3gDc?t=3m48s 
        http://youtu.be/mGF_0AcHaGs 
        http://youtu.be/kn6-c223DUU 
        http://youtu.be/eF-4Cr9Iy_8
    
    

edit: further investigation looks like they're using
[http://threejs.org](http://threejs.org) loading a COLLADA-format file (that
can even be QuickLooked on my Mac somehow)
[http://images.businessweek.com/graphics/airbus-a350-3d-graph...](http://images.businessweek.com/graphics/airbus-a350-3d-graphic/models/airbus-a350-900-repos.dae)

~~~
jonalmeida
I love easter eggs like this. I'm going to start checking the JS console for
every website from now on..

------
aragot
Re: "Derisking"

Can someone explain me whether/how Agile methodologies would be applied to an
Airbus project? I'm asking this because I can't always explain how to do Agile
when people pretend there are a lot of reqs, so an industrial project would be
a good example to try it on.

~~~
Spearchucker
Not realistic. Agile has many very good practices, but the ones that are
missing are exactly the ones needed when you have a zero bug tolerance. You
mention derisking - creating a proof of concept (a short sprint that proves
you can do something you're unsure about) is one way of eliminating risk.
Agile however, includes no practices for identifying, analysing and managing
risk. Similarly, absolute reliability requires upfront design, and
documentation. See
[https://www.wittenburg.co.uk/Entry.aspx?id=99bb5987-e08d-4e8...](https://www.wittenburg.co.uk/Entry.aspx?id=99bb5987-e08d-4e81-974d-daa5e07c0d5f)
.

------
tankenmate
I posted this story over the weekend and it didn't get traction. So my
question is, what is the lag threshold to when it becomes a new submission?

~~~
kristianp
This story has an extra "#p1" at the end of the link, which defeats HNs
duplicate detection. The submitter probably did it accidentally, by going to a
different page of the story and then back to page 1.

~~~
tankenmate
Well I'm glad it did slip by the detection; it meant more people got to see
the article.

