It seems like the core error was in the inertial measurement unit: it would be a common cause between the reaction wheel failures and the failure of the despin burn.
Seems like the kind of thing one would have multiple of, along with voting, it should also contain a kalman filter. The software correcting the rotation should have been run in a tighter feedback loop so that it would stop making the problem worse.
Lots of these subsystems can be tested in a pure software simulator. Esp when it comes to faults.
Thinking about it further, the simulator should consume the logs from the existing system and map those logs from existing simulation runs, use a form of compressed sensing and pattern matching to figure out what is occurring just from the logs and previous simulation runs.
Lots of these subsystems can be tested in a pure software simulator. Esp when it comes to faults.