They aren't particularly failure prone compared to any other given component, what accounts for the failures is the fact that there were a lot of them in use all of the time, and even momentary failings could result in catastrophe (IE the failure might not normally be considered a catastrophic failure mode for that particular model of AoA sensor). Hundreds of the planes were flying by the time it was grounded, and were operating on normal (continually busy) schedules.
edit, I will try to engage more with exactly what you are saying:
Mjolnir wrote: ↑Wed Aug 11, 2021 3:07 am
The processor itself could even be made redundant, leaving the only single point of failure being the port on the main computer.
I'll be up front with you and say this is flat out a bad idea. This would depend on the exact interface as to whether this is physically possible or not, for instance with ARINC-429 this would probably easily be physically possible. However this makes fairly broad and likely inaccurate assumptions as to the main mode of failure for a given computer. This would probably involve a hot backup configuration where if the main fake AoA sensor stops transmitting, the backup comes online. However, in the case where the main fake AoA sensor gets stuck transmitting erroneous data, or perhaps has some kind of short where it is pulling a transmit line low or pushing it high, this would bring the whole bus down due to a single failure (and wouldn't necessarily be all that unlikely compared to any other given failure). This also doesn't account for the possibility of the computers choking on values they didn't know how to handle, and both going down at the same time (since they are listening to the same set of sensors), then having to somehow re-negotiate who is the main computer when they reboot.
To be honest with you I think you are falling into the same trap as the nontechnical (IE not embedded software engineer) Boeing managers probably originally did. They mostly likely pretty much said 'why cant we just use the existing angle of attack sensors to fix the angle of attack' or something along those lines, then got defensive when their idea was not received well and continued to defend what they were suggesting. You are suggesting something that is physically possible but would not necessarily significantly improve the situation.
In general aerospace computers are extremely hardcoded and not really friendly to any given changes, but also are generally extremely reliable at doing exactly what they were originally intended to do pretty much forever. Trying to work new things into that system without fairly carefully checking (and re-working if needed) pretty much every part of the rest of the system to make sure it will still perform correctly is what killed hundreds of people to begin with. In other words, implementing this idea correctly does not substantially save on costs compared to just bringing whole new computers in, because in any case changing the system in any substantial way (and this is pretty substantial change in how the plane behaves) necessitates a lot of work to make sure the whole thing will still work as intended and not suddenly decide to bash itself into the runway and explode. Its not like they couldn't have run their existing software on new computers, they just would have had to do a re-analysis/re-work on par with implementing this other idea correctly instead.
There isn't really any way of knowing if your idea would have worked perfectly and saved a lot of peoples lives, or simply would have been perhaps somewhat less failure prone but otherwise still killed roughly the same number of people before the jets then get grounded anyways. The only way to figure that out would be working at Boeing so you have access to all of the information on the design, doing a detailed analysis of the whole system with a bunch of other engineers to figure out what it would probably do, or alternatively just saying yolo and trying it and seeing what happens (as they did with the original MCAS system).