[ohadron]

Even assuming quadruple redundancy, seven nines uptime and resilience to extreme conditions and cosmic rays, this looks way way bigger than it should be.

One explanation could be that the certification process for anything aviation related is so expensive and slow that we're actually looking at tech from 15+ years ago.

[lbriner]

If you mean physically bigger than it is certainly true that avionics, like automative, uses larger components with higher ratings and avoids a lot of high pitch integrated circuits. This makes things easier test and likely to be more reliable. It also means you might have a single euro-card just to handle the input from a single airplane sensor even though in the non safety-critical world, we would easily mux them onto a single interface.

[RL_Quine]

Like in medical gear, avionics also has a lot of redundancy and "useless" circuitry to allow for assurances. I've opened some hardware designed for unsafe environments that was absolutely packed with fuses, for seemingly no purpose other than to assert that limits were being followed in the design. I don't imagine avionics is any different, but I've only seen the inside of 60s-70s aircraft gear.

[jareklupinski]

I love the hardware/software analogy of a fuse to an assert statement; going to remember that while writing tests :)

[Veserv]

Seven 9s for system failure would be horrific. There are ~30-40 million flights worldwide yearly [1], so that would result in 3-4 system failures of life-critical avionics yearly. As far as I am aware, malfunctioning software has not been implicated in any commercial airline fatality in nearly 30 years since the modern standards were adopted, and correctly functioning, though unsafe, software has only been implicated in the 737-MAX crashes. By that standard we have reasonable empirical evidence to conclude that the prevailing rate of system failure is at least 100x better at nine 9s.

[1] https://www.statista.com/statistics/564769/airline-industry-...

[p_l]

Big replaceable components that can be serviced easily without special tools so long as no board-level fixes are necessary - and enough customization done at low enough numbers you don't build single board stuff for it, you build bigger reusable modules connected by common buses.

[seanc]

I work in telecommunications, back in the 90's fibre optic transport for plain old telephone service. Think back to how reliable your phone was before VOIP.

Then we hired a guy from an Aerospace company and he thought we were a bunch of reckless cowboys who didn't care a thing about quality.

[EricE]

The first time we had a VOIP system going into a new building in the mid 2000's I went into one of the closets and just disconnected one of the pairs of a fiber pair.

The IP redundancy didn't work :p I forget what the excuse was; my position is stuff happens and when I break random connections in redundant PBX systems they still work. Ugh.

[Jayschwa]

> this looks way way bigger than it should be.

I worked on the software for one of these A350 server blades nearly a decade ago, and I held the same belief at the time. There's some adage that system complexity grows to fill the organizational bureaucracy overseeing it, and that is my best explanation for the bloat. My employer (a contractor of Airbus) had offices in France, India, and the United States. Naturally, each office had to be in charge of their own separate blade(s), even if it was probably not optimal in terms of the overall system design to partition it that way.

[lm28469]

This isn't Uber or Tesla, they don't move fast and break things here.

[ohadron]

They sure do move fast - almost supersonic. But yes, they're really trying not to break things.

[chrisseaton]

That's not why the person you're replying to means - 'move fast' means developing fast.

[sbarre]

They move fast and apparently also way overhead.

[scoopertrooper]

Well, maybe OP’s head.

[sbarre]

Yes that was the joke.

[rsynnott]

Development of the plane type had started by, at latest, 2004, so, er, yeah.

It probably also reuses quite a lot from older planes; in that industry "if it ain't broke" is particularly relevant.

[alksjdalkj]

Could be wrong but I think there's a lot of equipment for things like radios, radar, sensors, etc. that makes it look like there are more servers than there actually are.