> I just disagree that multi-module consensus is a reliable form of EDAC.

I wonder why you disagree about this? The only reason I can thing of is: - same sw with same hw with same lifecycle would probably have the same issue. (vendor diversity would fix this) - The consensus building unit is still a possible single point of failure.

Any other reasons you might doubt it as a methodology? It seems to have worked pretty well for Airbus and the failure rate is pretty low, so... It obviously is functional.

Modern units I'm sure have ECC, AND redundace as well.

▲

skylurk 2 days ago | parent [-]

Yes exactly, birds of a feather fail together... an A380 has three primary flight control computers, but still carries another entirely dissimilar set of three flight control computers as backup.

	▲	RealityVoid a day ago \| parent [-]
		Well, the diversity would cover the issue with random HW failures, not the case your SW has a bug in it. As to the SW, they _sometimes_ have vendor diversity. Regardless, there are multiple fronts you need to tackle to have high reliability so you should use all techniques at your disposal.