An MTBF of one billion hours?
I'd be surprised to see anything that can achieve that. 114 thousand years? Simple corrosion is likely to have occurred in that time... Even if I carved the thing from stone, or cast it in concrete, it would be gone...
If the airline industry really has MTBF requirements for electronic equipment that are that long, then they are fooling themselves if they think they actually have any piece of equipment that can achieve those figures, or that it can be achieved by simple redundancy.
I'd be interested to see the source of those figures.
At first sight this all might appear to be in the realms of fanatasy but it is easily achievable Captain and we have been doing so for the last 40 years or more. And we are most certainly not fooling ourselves.
The first port of call is EU Certification Specification 25 (Large Transport Aircraft) paragraph 1309. Equipment, Systems and Installations. Sub para (b) states The aeroplane systems and associated components, considered separately and in relation to other systems, must be designed so that -
(1) Any catastrophic failure condition
(i) is extremely improbable; and
(ii) does not result from a single failure;
(The above rule is identical to the American one.)
Extremely improbable = 1 per 1,000,000,000 flight hours.
Complaince with is rule is demonstrated by performing rigerous
system safety assessments the guidance and source material for which is contained in
SAE ARP 4761 Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment
SAE ARP 926B Fault/Failure Analysis Procedure.
MIL-HDBK-217F Reliability Prediction of Electronic Equipment
MIL-HDBK-338B Electronic Reliability Design Handbook
Needless to say simplex systems are not acceptable and unlikely to achieve the required safety targets. So simple redundancy is achieved by employing triplicated systems. If you have duplicated system and one goes wrong how do you know which is the defective one? With triplicated systems voting takes place, two say one thing the third say another go with the two. And an MTBF of a billion hours can be easily met with triplicated systems. If each has an MTBF of 1,000 hours. Then it’s a case of System 1 and System 2 and System 3 failing simultaneously or near simultaneously which when approached via the methodology of logic gates gives 1,000 x 1,000 x 1,000 = 1,000,000,000; and that is how we do it.
Given the above you can begin to understand why everybody is getting very exercised about the Boeing Dreamliner. Expections and practise are currently at odds with each other.
EFBs have been around for 10 years or more but until recently have been part of the onboard systems. Its only software after all that functions as part of an existing Display Screen. And yes iPads are being used for EFBs and I agree with you about the security issues. Corruption of a vital check list could be pretty distasterous - - - !
Hope this helps.