"<i>Nats said the failure was due to “an extremely rare set of circumstances” with two identically named but separate waypoint markers outsidethe UK’s airspace </i>"<p>Sounds like a fairly common error case to check for although they say that it never happened before.<p>ID collisions are always something to check for, not least when the data are user inputs.
Having read the actual report... insufficiently rigorous validation of inputs leads to discovery of corner case.<p>They could have probably found this sooner with either fuzzing or perhaps some sort of digital twin model.<p>Finally, there's no exit clause to reject a flight plan from an "upstream"? That is a worry.
If there's two waypoint markers that are named the same, how did the flight control and/or plane software know which one is being referred? Assuming closest, it would have had to special case for it already, no?<p>e.g. if I want to drive to Springfield, it needs to know which one out of 67 I'd like to go to...
Link to the report from NATS (PDF) <a href="https://publicapps.caa.co.uk/docs/33/NERL%20Major%20Incident%20Investigation%20Preliminary%20Report.pdf" rel="nofollow noreferrer">https://publicapps.caa.co.uk/docs/33/NERL%20Major%20Incident...</a>
My current project involves processing flight plans. I believe the company even helped build part of NATS. There must be something else going on to crash the whole system.<p>We get so many invalid flight plans from third parties (e.g., ForeFlight) that the system would never be up if we didn’t mark them as invalid and move on to the next.