FMECA, really, but we use the French translation, AMDEC. The aero industry also relies on various best-practice databases that are essentially the result of every aircraft failure investigation done by national or international agencies like the FAA. Those exist for every field of engineering. For example there are entire tomes on the specific types of welds and riveting you shouldn’t use in specific applications, complete with the contexts where failures were observed, and the effects.
Those databases are probably the main reason the industry is super-conservative. If we don’t have a lot of RETEX on a technology or a process, it’s harder to certify and so we only use a new technology when there’s an actual will (and the money to back that will) coming from very high up. That’s also why it’s so hard for new companies to enter the business, and why COMAC doesn’t have foreign customers.
Yeah, that’s pretty insane from where I’m sitting. Speaking of dependencies, we don’t care for them too much. Whenever we release software, all the source code is archived independently of any repository, and we CRC everything for good measure. We even archive the toolchain we used to build a specific release. Everything is traced. Rebuilding a binary involves checking the result’s CRC against what’s been archived.
Such binaries are considered components, same as nuts and bolts. They get a serial number. That, and their CRC, is typically listed on the BOM for a calculator. And you can’t update it without taking the whole system apart. Forget OTA updates or BIOS tools to re-flash the firmware, the only route is usually a test fixture with a JTAG probe and it’s not something you do without lots of people being in the loop.
4 updates a week ? Besides development builds that never fly outside simulation, I haven’t had to update flight software 4 times in my entire career : you release, and you’re done. Next project. Sometimes a plane might get a “mid-life update” that might require new code here or there, but everyone does their best to try and avoid that, because a software update is very expensive. It’s sometimes easier to add a separate calculator for new functions than to modify something that works. All our git repos end with a single final release.
But hey, at least we don’t have to worry about bug reports and having to work overtime to push out a half-assed patch that will need its own patch the next day