Cool, that's good to know, thanks. What's your background on this that makes you qualified to answer with certainty? Also what are political reasons for no phones on flights?
Background in electrical engineering, presently in robotics research, and a strong interest in avionics. The concerns that commercial aircraft face are shared with basically every other self-propelled electromechanical system (planes, cars, robots, spacecraft). Insufficient care in hardening these systems has resulted in (likely) fatalities before - evidence suggests that at least some of Toyota's "unintended acceleration incidents" were caused by cosmic-ray upsets in ECUs that weren't sufficiently redundant. Note that upsets are well enough understood for SpaceX to fly using redundant aerospace processors rather than the traditional radiation-hardened processors.
The political reasons are that no one wants a plane full of people talking on their phones and further distracted from listening to the safety briefing and flight crew instructions. Airlines don't want it and passengers don't want it. People do want network access on planes, which is widely available albeit slow. The only sincere technical concerns involve legacy radio equipment (ILS and glideslope), but I'm not aware of any demonstrated interference issues. Plenty of cases of interference from someone parking a large truck or 747 in front of the ILS antenna, though.
Cool, thanks for that. I really appreciate your time on this. It's rare to find a real expert amongst all the speculators (of which for most topics I am one) here. :)
How many redundant processors do you need per one "effective" processor you can count on for a typical SpaceX launch?
The simple answer is you need at least three to identify and recover from a single failure, five for two simultaneous failures, and so on (generally assuming failures can be recovered from automatically by rebooting the failed controller). Depending on the planned exposure, you can estimate the probability of upset events and thus the likelihood of multiple failures within the failure->reboot time interval and pick the number of computers accordingly. Radiation exposure depends on altitude - low-earth orbits outside of the Van Allen belts are fairly low due to protection from the Earth's magnetic field, while trips to other planets must be more hardened (either via shielding, significantly greater redundancy, or rad-hard circuit design).
The most difficult part, historically, is ensuring no single point of failure in a redundant system. Put three computers on a single bus, and it's likely each of the three bus transceivers could cause a complete system failure (so you've tripled the failure rate). In some systems like aircraft FBW, each of the controllers has its own connection to the actuators and its own actuator. The computers are connected to each other to detect if each other have failed, but as a fallback the control surface and actuators are designed so that two good actuators can physically overpower a bad actuator, and this ensures that the mechanical coupling doesn't become the failure point.
Thanks this is really interesting. It makes sense about how to calculate how many processors you'd need based on the time and upset frequency. Really appreciate your answers! :)
The political reasons are that no one wants a plane full of people talking on their phones and further distracted from listening to the safety briefing and flight crew instructions. Airlines don't want it and passengers don't want it. People do want network access on planes, which is widely available albeit slow. The only sincere technical concerns involve legacy radio equipment (ILS and glideslope), but I'm not aware of any demonstrated interference issues. Plenty of cases of interference from someone parking a large truck or 747 in front of the ILS antenna, though.