Data Integrity and Why is it Important.

Written By Dalton Pellerin

Data Integrity Over Features

In avionics, bad data is often more dangerous than no data at all. 

Modern avionics can show tons of information, anything from what the ground looks like below you, to exact temperatures of an individual cylinder head in the engine, and anything between. 

So, how do you know that you can trust what you are seeing?


Bad Data Rarely Fails Cleanly


With modern avionics becoming more and more about the 1’s and 0’s being passed between computers it can be hard to see a subtle failure in something. A sensor could be drifting a bit, failing or completely disconnected and it might not be readily apparent without looking at it physically. 

On the other hand, what you might suspect is a sensor failure could just as well be some electrical noise on the system that just needs to be cleaned up. Couple that with legacy wiring, or non-ideal installs and you have a magic soup of possibilities leading to bad data coming into your system. 

Most failures don’t look like a clean “sensor failed” message; they look almost like normal system ops.

Why More Sensors Aren’t Always the Answer


Adding more “stuff” to the screen or more sensors doesn’t help the situation either. Redundancy is nice and an often necessary part of aviation, but telling customers they need two exhaust gas temperature probes per cylinder is adding redundancy sure; it also adds more holes in the exhaust, doubles the cost of install, and means more parts to replace when they do start going bad.

What Trustworthy Data Actually Means

Pilots have to trust their systems and the information they see. Data being seen should be: 

  • Explicit: known good,  known bad, or intentionally unused

  • Predictable: same failure looks the same every time

  • Traceable: you can reason backward to the source of failure

Designing for Graceful Failure

There is a saying in the maintenance world, “if it's leaking then it's good.” While that can be true for mechanical systems with gaskets and other parts that can just wear down, we don’t want that for Draco.

Through software we’ve taken care of this to the best of our ability. Constantly checking incoming data for valid ranges, using known-zero behavior for unused sensors; if data coming in doesn’t make sense, we don’t average it out or guess. We toss it and Draco tells you something is wrong while still giving you the valid data it does have.

Graceful Degradation Beats Catastrophic Failure


Losing one probe shouldn’t corrupt everything else.

These aren’t Christmas lights we are talking about here. Systems like these should degrade cleanly, not catastrophically. Even partial data is better than bad data.

If the partial data both, makes sense (ie. not -1000°C for EGT in Florida) and is within a valid range, then Draco polls the sensors again and gets a more complete picture. This happens on the order of milliseconds so to the pilot, nothing went wrong.

However if one of those two things is incorrect then it gets flagged and lets you know something is wrong, without the entire system crashing down around you.

Trust Is the Foundation

In the end this means, less chasing phantom issues, faster installs, less “is it the engine or the monitor”, and more confidence in decisions made in flight.

Power, sensors, and software all matter and must work in unison with each other to have an effective avionics system. Trustworthy data, however, is the foundation that everything builds on.

We are building Draco not to impress on a spec sheet but to earn trust from pilots, flight after flight. 

-Dalton Co-founder/Software Engineer


Dalton Pellerin
Next

How is Atmos Tackling Power Management?