Economic pressures are driving many commercial and governmental operators within the aviation system toward purchase of COTS products. Although these products may have a favorable cost-to-performance ratio, they may not have been subject to the verification and validation rigor required to maintain safe, dependable operation of the aviation system. Examples include microprocessors (from PC industry), operating systems (e.g., Windows and LINUX), and graphics processors (from video game industry).
The effect of a manufacturer’s changes to aviation COTS can be summarized by specific difficulties:
- Forced modifications
- Interoperability among COTS products
- Counterfeit parts that are vital to the computer industry is expected to reach record high levels
Airworthiness is the primary safety characteristic of any aircraft. A forced modification is one that is caused by the change of form, fit, interface, function, mission characteristic, or supply of the item. When supply is affected, the acquirer must support the discontinued item or find a replacement. The latter may force a modification. More common in aviation COTS is an FAA-directed change to an item called an airworthiness directive (AD) FAA, 1996). The manufacturer has two choices in implementing the AD: Discontinue the product or make the required change. The user of the item also has two choices: Get a replacement product, if available, or make the changes required by the directive. But there is no requirement for the government to change its COTS items to accommodate an AD. In such cases, the item becomes government-unique. Because the government self-certifies, it is not uncommon for non-FAA-certified government aircraft to not make AD-directed changes. Non-FAA-certified aircraft (military and other federal agency-owned aircraft) are a significant segment of aviation.
Corroborating sources and comments
From 2001: http://www.faa.gov/aircraft/air_cert/design_approvals/air_software/media/AR-01-26_COTS.pdf
Federal Acquisition and Streamlining Act (FASA) of 1994 initiated by the Department of Defense (DoD). It was the intent of this legislation to encourage the utilization of the best available dual-use non-development COTS products from commercial/industrial suppliers in lieu of conventional Mil-Spec components to the maximum extent practicable.
Electronic parts are responsible for about two-thirds of problems in U.S. space and missile defense programs when those programs encounter difficulty—and almost all do–according to a recent report from congressional auditors. A June report from the Government Accountability Office looked into 21 major Defense Department and NASA programs and found that materials were responsible for only about 21% of the problems, while mechanical parts made for roughly 15%. “Parts quality problems reported by each program affected all 21 programs we reviewed at DOD and NASA and in some cases contributed to significant cost overruns, schedule delays and reduced system reliability and availability,” the GAO told the House’s security and foreign operations oversight subcommittee. Aerospace Daily & Defense Report (ASCII) – Aug 08, 2011.
These figures are just as applicable for Civilian Aerospace. Electronic and electrical issues are the number one problems even for a mechanical system as they are usually controlled by electronics in some way. Once the military transitioned away from the MIL Standard compliant components to Industry Standards we had to also transition. Reliability decreased as the stress screening and requirements for the Mil Std where more severe than the industry standard leaving us with considerably more infant mortality and tolerance issues we did not have with the Mil Std components.
From 2000: Lessons Learned in Developing Commercial Off-The-Shelf (COTS) Intensive Software Systems http://www.compaid.com/caiInternet/ezine/COTS-lessonslearned.pdf
“If you have a safety-critical system, you don’t want state of the art COTS; you want mature components.” When there are a number of COTS components, the issue of incorporating new versions becomes a major concern. The greater the number of components, the greater the number of version releases, each potentially coming out at different times. The problem of keeping up with these releases is greatly compounded for safety-critical systems that must remain in continual operation. With a safety-critical, continuously operating system, it makes sense not to upgrade but to freeze the configuration for a number of years, after which the entire system will be replaced. With this strategy, the concern shifts to supportability because vendors will stop maintaining a product version after a period of time.
The number of counterfeit parts that are vital to the computer industry is expected to reach record high levels as the semiconductor industry enters “a phase of accelerating growth,” according to an analysis of trends conducted byEl Segundo, Calif.-based information and analytics provider, IHS. Up to 10% of all worldwide technology products are expected to be counterfeit, while the Bureau of Industry and Security of the US Department of Commerce has reported a rise in counterfeit incidents sequentially each year.