| Recurring |
one_organization |
(a) The software failure incident related to the engine blowout on a Qantas A380 jet in 2010 was specific to Rolls-Royce. The incident was caused by faulty manufacturing processes at Rolls-Royce's Hucknall plant, leading to an engine explosion on the Airbus A380 aircraft [19430].
(b) There is no specific information in the provided article indicating that a similar software failure incident had happened at other organizations or with their products and services. |
| Phase (Design/Operation) |
design |
(a) The software failure incident in the Rolls-Royce engine blowout on a Qantas A380 jet was primarily attributed to design-related factors. The incident was caused by faulty manufacturing processes that led to components not conforming to design standards [19430]. Rolls-Royce knew about these design issues at least three years before the accident but failed to address them adequately. An initial investigation in 2007 did not understand the consequences of using parts that did not match the design specification, and in 2009, a potential risk was identified but not thoroughly investigated [19430].
(b) There is no specific information in the provided article indicating that the software failure incident was due to factors introduced by the operation or misuse of the system. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident related to the Rolls-Royce engine blowout on a Qantas A380 jet was primarily due to contributing factors that originated from within the system. The failure was attributed to faulty manufacturing processes at Rolls-Royce's Hucknall plant in Nottingham, where components did not conform to design standards [19430]. The ATSB report highlighted that Rolls-Royce missed several chances over a three-year period to fix the problem, indicating internal issues within the company's procedures and manufacturing staff non-adherence to those procedures [19430]. Additionally, the report mentioned cultural flaws at the Hucknall plant, where it was acceptable not to report minor deviations in parts, further emphasizing internal factors contributing to the software failure incident [19430]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was not directly related to non-human actions. The incident was primarily caused by faulty manufacturing processes and defective parts in the Trent 900 engines manufactured by Rolls-Royce. The ATSB report highlighted how components manufactured at Rolls-Royce's Hucknall plant failed to conform to design standards, leading to the engine blowout on the Qantas A380 jet [19430].
(b) On the other hand, human actions played a significant role in the software failure incident. Rolls-Royce missed several chances over a three-year period to fix the problem with the Trent 900 engines. The company knew about the defective parts as early as 2007 but failed to address the issue adequately. Additionally, cultural flaws at the Hucknall plant, where it was acceptable not to report minor deviations in parts, contributed to the incident. The ATSB report concluded that the manufacturer's procedures were ambiguous, and manufacturing staff did not adhere to those procedures, leading to missed opportunities to prevent the engine blowout [19430]. |
| Dimension (Hardware/Software) |
hardware |
(a) The software failure incident occurring due to hardware:
The incident involving the engine blowout on a Qantas A380 jet was primarily caused by faulty manufacturing processes related to the engine components, specifically the Trent 900 engines manufactured by Rolls-Royce. The ATSB report highlighted that components manufactured at Rolls-Royce's Hucknall plant in Nottingham failed to conform to design standards, leading to the engine explosion [Article 19430].
(b) The software failure incident occurring due to software:
The software failure incident was not directly attributed to software issues. However, after the incident, Rolls-Royce introduced software that would shut down a Trent 900 engine to prevent a repeat occurrence. This software implementation was a proactive measure taken by Rolls-Royce to address the hardware-related issues that led to the engine blowout [Article 19430]. |
| Objective (Malicious/Non-malicious) |
non-malicious |
(a) The software failure incident in this case was non-malicious. The incident was related to a faulty manufacturing process at Rolls-Royce's Hucknall plant in Nottingham, which led to components not conforming to design standards and ultimately causing an engine blowout on a Qantas A380 jet [19430].
The failure was attributed to ambiguities within the manufacturer's procedures and non-adherence by manufacturing staff to those procedures, as well as cultural flaws at the plant where it was acceptable not to report minor deviations in parts. This indicates that the failure was not due to malicious intent but rather a result of oversight, lack of thorough investigation, and procedural shortcomings within the company. |
| Intent (Poor/Accidental Decisions) |
unknown |
The software failure incident reported in the provided article [Article 19430] was not related to a software failure but rather to a manufacturing issue with components in Rolls-Royce's Trent 900 engines. Therefore, the incident did not involve poor decisions or accidental decisions related to software. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident in this case was not directly related to development incompetence. The incident was primarily caused by faulty manufacturing processes and defective parts in the Trent 900 engines manufactured by Rolls-Royce. The ATSB report highlighted ambiguities within the manufacturer's procedures and non-adherence by manufacturing staff to those procedures as contributing factors to the missed opportunities to address the issue [19430].
(b) The software failure incident can be attributed to accidental factors, such as the initial failure to understand the consequences of using parts that did not match the design specification, the missed opportunities to address the issue due to cultural flaws at the manufacturing plant, and the lack of investigation into the potential risks identified by a Rolls-Royce engineer in 2009. These accidental factors ultimately led to the engine blowout on the Qantas A380 jet in 2010 [19430]. |
| Duration |
unknown |
The software failure incident related to the Rolls-Royce engine blowout on a Qantas A380 jet in 2010 was not directly attributed to a software failure. The incident was caused by faulty manufacturing processes and defective parts in the Trent 900 engines [Article 19430]. Therefore, the concept of a permanent or temporary software failure does not apply in this case as the incident was not related to software failure. |
| Behaviour |
other |
(a) crash: The software failure incident in this case did not involve a crash where the system lost state and did not perform any of its intended functions. The incident was related to an engine blowout on a Qantas A380 jet due to faulty manufacturing processes in the engine components [Article 19430].
(b) omission: The software failure incident did not involve omission where the system omitted to perform its intended functions at an instance(s). The incident was more related to a manufacturing defect in the engine components that led to the engine explosion [Article 19430].
(c) timing: The software failure incident was not due to timing issues where the system performed its intended functions too late or too early. The incident was primarily caused by faulty manufacturing processes and the failure to address known issues with the engine components in a timely manner [Article 19430].
(d) value: The software failure incident did not involve a failure due to the system performing its intended functions incorrectly. The incident was not related to software directly but rather to the manufacturing processes of the engine components [Article 19430].
(e) byzantine: The software failure incident did not exhibit behavior characteristic of a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The incident was more straightforward in terms of the cause being related to faulty manufacturing processes and lack of proper investigation into known risks [Article 19430].
(f) other: The behavior of the software failure incident can be categorized as a manufacturing flaw leading to a critical engine failure on an Airbus A380 jet. The incident highlighted issues with quality control, adherence to procedures, and cultural flaws at the manufacturing plant, rather than a specific software-related failure [Article 19430]. |