Software Bug in F-35 Radar Causes Mid-Flight System Reboot

Reader Lisandro writes: The F-35 Fighter jet can't seem to catch a break. An advanced AN/APG-81 AESA F35 radar system has been found riddled with a software bug that causes it to degrade and stop working. The solution? Rebooting the system while in the air.

Major General Jeffrey Harrigian, director of the Air Force's F-35 integration office at the Pentagon, was quoted as saying "radar stability - the radar's ability to stay up and running. [...] What would happen is they'd get a signal that says either a radar degrade or a radar fail - "something that would force us to restart the radar." The issue was spotted in late 2015, and thankfully, it was caught during the testing period. The software version "3i" is affected. An update aimed to resolve the bug is expected to be delivered to the US Air Force by the end of March.

Only the radar system needs rebooting

[wonkey_monkey]

Software Bug in F-35 Radar Causes Mid-Flight System Reboot

Alarmist headline.

First of all, the bug doesn't cause a reboot. It requires a reboot to put the radar back into a useable state.

Secondly, it is only the radar system that needs rebooting.

Re:Classic memory leak.

[gtall]

As others below have mentioned, it is very difficult to formally verify large complex systems. However, it is made even more complex in that there aren't enough research results to cover such a system in its complexity. Also, computer scientists tend to think the world revolves around their code, so if they get that correct, then the system will run correctly. The real world isn't like that, and it is not all captured in software, much of the system is hardware. Trying to capture the correct interaction between hardware and software is very, very hard...and it isn't clear that even if you could that you could verify the result before the universe dies.

Re:Nothing to see here

[dywolf]

actually "rebooting", ie, flipping the power switch or circuit breaker, isn't at all uncommon on avionics equipment on military aircraft.
we aren't talking about typical computers that go through a boot process anyway. this is ruggedized equipment that largely lacks any thing resembling an operating system or RAM or much else a typical Slashdot reader would be familiar with.

anyone who's spent any time working on military aircraft as a maintainer, particularly the avionics systems, knows that inflight glitches are not at all infrequent. and when they pop up on the Master Caution* or elsewhere, often the first corrective action the pilot takes is to power cycle the specific piece of equipment. most every system is on its own breaker, and pilots are trained in what can and what cannot be power cycled in flight. the majority of the time, that's enough to fix the glitch.

and typically the first thing that happens when the pilot returns is a rep from each of the main work shops (avionics, flightline, airframes, ordinance, life support) meets him as he is exiting his aircraft, in order to ask if any gripes came up during the flight. this way they can get a jump on it before the pilot even gets back to the maintenance control to write the maintenance order describing the glitch.

there a thousands of wires, with hundreds of connectors, each connector a cannon plug consisting of several dozen pins, any one of which could have gotten slightly bent (or even broken) upon reconnection, making an imperfect electrical connection or faulty data bus signal (depending on system). Or a wire may fall out of the backend of the pin from a faulty installation of the retainer of the cannon plug. or the plug itself may be not quite fully seated; you'd think it would be easy, but there's a reason we have cannon plug pliers (aka "bi*ch grips"). There's also millions of solder joints and splices that can fatigue from vibration. sometimes a contact simply gets dirty cause oil or grease (we wipe everything constantly, but still happens).

(*speaking of PITA to maintain: due its nature, being tied into EVERYTHING (hundreds, sometimes thousands, of feet of wiring, depending on aircraft type), the Master Caution Panel (MCP) itself is often the actual point of failure, throwing false indications. one of the first things we frequently did in tracing a gripe was to first eliminate the MCP itself)