US$300 million Airbus plane requires “cold boot” remedy to bypass software bug
According to the European Union Aviation Safety Agency (or EASA), airlines flying certain models of the Airbus A350 are being told they have to completely power cycle the aircraft before it reaches 149 hours of continuous power-on time risk “partial or total loss of some avionics systems or functions,” according to a mandatory airworthiness directive.
In layman’s terms, the EASA is telling airlines they have to perform a cold reboot of affected A350s every six days of the aircraft operation. That seems comparable to a minor inconvenience like…rebooting your computer? Well in reality, performing a reboot of an aircraft’s system is anything but a minor decision.
You see, most commercial airliners like the A350 remain powered up and operational for weeks on end as they traverse around the globe. Considering the hefty price tags (Airbus priced its A350-900 at US$317.4 million, before discount) and operating costs of each aircraft, the health of an airline’s bottom line is very much dependent on its fleet being in service for as long as possible. Unless powered down for scheduled maintenance or technical reasons, it’s rare for an aircraft to be powered down completely whilest on the tarmac.
Bringing back a powered down aircraft like the A350 to an operationally flight-ready status can also take at least 30 minutes and longer, so it is common for airliners to be left powered on while parked at airport gates. This allows engineers and technicians to carry out routine systems checks between flights quicker, especially if the aircraft is plugged into ground power.
So why is EASA recommending airlines to reboot their A350s?
Specifically airlines operating the older versions of the Airbus A350-941 (including Singapore Airlines, Air France, and Lufthansa). The directive comes as a result of a known software bug that’s related to the plane’s internal timer that could potentially trigger some concerning side effects if not properly reset and resolved with a power cycle.
Depending on the affected aircraft systems or equipment, this condition, if not corrected, could lead to failures that ranged from “redundancy loss” to “complete loss on a specific function hosted on common remote data concentrator and core processing input/output modules”. Needless to say, that becomes a very unsafe flying condition.
The remedy for the A350-941 problem is straightforward, according to the airworthiness directive: install Airbus software updates for a permanent cure, which will require the plane to be taken out of service for maintenance and quality assurance testing.
Or switch the affected aircraft off and on again every 149 hours of continous power-on time.