Aerospace still uses traditional waterfall processes (usually called the 'V' lifecycle in the industry because if you put a 90 degree bend in the waterfall it looks like a V).
The flow of responsibilities is strictly hierarchical. If Boeing specified to to their outsourcers that the software should have read from two sensors, then the outsourcer would be 'in the wrong' if they didn't implement that. With a strict interpretation of the rules Boeing doesn't necessarily have to check their outsourcer's work (In Safety-Critical the outsourcer has not just a commercial but also a moral obligation to perform all actions with competence)... But at the same time, because Boeing retains overall responsibility for its products no matter who it subcontracts to, it would be a mistake to not double check the work.
So to at least some extent (at least with moral-tinted glasses), it doesn't actually matter whether or not the fault was introduced by the subcontractor or not. Boeing is responsibility either way, Answering your question only tells us if the subcontractor is also at fault.
It's very important to note that in the Aerospace world, the subcontractor's moral duty only requires them to do exactly what they're told to do (assuming that the subcontractor was only reponsible for software design and not systems design). If Boeing told them to use one sensor, then the subcontractor has done nothing wrong if they failed to notice that this was fundamentally unsafe.
This is not entirely true anymore. Many aerospace organizations attempted to move to less rigid/structured development process (e.g. wishing to become more agile) to attempt to "move fast and break things".
This trend actually has lead to an decrease in software quality and more quality escapes.
The larger aerospace manufacturers have mostly stuck with more structured process for safety/mission critical process, but around the edges (e.g. other systems running on aircraft), less structure and faster turnaround/more "testing in the field" is happening.
There was always the "skunk works" type of teams in aerospace organizations who worked with a lot less guardrails as well.
Source: worked for an avionics company previously.
The flow of responsibilities is strictly hierarchical. If Boeing specified to to their outsourcers that the software should have read from two sensors, then the outsourcer would be 'in the wrong' if they didn't implement that. With a strict interpretation of the rules Boeing doesn't necessarily have to check their outsourcer's work (In Safety-Critical the outsourcer has not just a commercial but also a moral obligation to perform all actions with competence)... But at the same time, because Boeing retains overall responsibility for its products no matter who it subcontracts to, it would be a mistake to not double check the work.
So to at least some extent (at least with moral-tinted glasses), it doesn't actually matter whether or not the fault was introduced by the subcontractor or not. Boeing is responsibility either way, Answering your question only tells us if the subcontractor is also at fault.
It's very important to note that in the Aerospace world, the subcontractor's moral duty only requires them to do exactly what they're told to do (assuming that the subcontractor was only reponsible for software design and not systems design). If Boeing told them to use one sensor, then the subcontractor has done nothing wrong if they failed to notice that this was fundamentally unsafe.