737 Max

Member
Joined 2016
Paid Member
It's beyond amazing how many intricacies and extremely hard/complex problems we package into the word "just". ;) Any time I hear the word the alarm klaxons in my head go off.

So, yes, it's *just* a software problem in this case. Just.

+1000!

I once worked for someone who's kept saying "it's just a bit of code" every time they added weeks worth of new features to a product...
 
Quote:
So Boeing produced a dynamically unstable airframe, the 737 Max. That is big strike No. 1. No, the aircraft was not inherently unstable. In normal flight attitudes and up to high angles of attack, the aircraft behaved normally. The change in CofG, moment and thrust vector caused by the change of engine type meant that the aircrarft handled differently than the previous models.

Boeing then tried to mask the 737’s dynamic instability with a software system. Big strike No. 2. No, they introduced a system to provide similar handling characteristics as the predecessor aircraft when at an unusual flight attitude. The system was also meant to aid the flight crew and move the aircraft away from a dangerous flight condition - not to hide something.

Finally, the software relied on systems known for their propensity to fail (angle-of-attack indicators) No, No, No. Angle of attack *sensors* not indicators. They are sensors not 'systems'. They do not have a propensity to fail. The Goodrich 0861HB for example has a real life MTBF of around 20,000FH.
and did not appear to include even rudimentary provisions to cross-check the outputs of the angle-of-attack sensor against other sensors, or even the other angle-of-attack sensor. They did - but you had to pay for it as an 'optional extra'. (I don't agree with their decision because it could have been the barrier that prevented the accidents)Big strike No. 3.

I suggest the author reads and understands the basics of aircraft engineering, flight stability and control systems if he wants to publish 'informed criticism'. The Jeppersen series of books would be a good place to start. Then perhaps move up to something like 'Aircraft Dynamics and Automatic Control' by McRuer, 'Flight Dynamics' by Stengel and move into 'Flight Dynamics Principles: A Linear Systems Approach to Aircraft Stability and Control' by Cook.



The contribution of the design to the accidents is only one facet of the overall cause. The 'real experts' did not solely cause the accidents.

You have posted a very eloquent and well written response to a very ill informed individual.

Thank you.

John
 
I don't think so. It just seems pedantic to me.
Do we at least all agree Boeing is to blame here? Surely that's beyond reasonable doubt?

The short-cut redesign to allow bigger engines led to an MCAS system based on one AOA sensor/indicator (sindicator? ;) ). This system was inherently dangerous and led to the deaths of 346 people.
 
I don't think so. It just seems pedantic to me.
Do we at least all agree Boeing is to blame here? Surely that's beyond reasonable doubt?

It was very accurate. Lowering the engines to maintain the ideal thrust vector, we'd be seeing more failures due to runway debris.

Allowing any safety system creator to self certify is an issue.

Having safety features as optional equipment is not an issue...it is sheer stupidity. Imagine seat belts, brakes, and airbags as optional.

Unless of course, you are folding parachutes for a living. Being required to jump every week with one of your folds chosen randomly from a pile is amazing incentive.

Jn
 
dynamically unstable airframe
I'm not defending the wording. I'm not an aircraft engineer so I'm not familiar with the correct terminology. What I do understand is that the change in dynamic response of the aircraft, during steep ascents, caused Boeing to introduce MCAS. So Boeing believed there was a problem in this part of the flight envelope (again, sorry I'm not using terms I am familiar with). Perhaps the author should have used a less sweeping description for this.

I have heard several times including experienced comments in this thread that AOA sindicators have a reputation for giving false readings. Both Lion Air and Ethiopian showed big errors.

The MCAS used a single sindicator to judge whether to trim the nose down. Single point of failure. I understood this to be a universally accepted aircraft safety no-no.

I don't know anything about the author but his complaints seem basically right albeit he used "loose" language.
 
Having safety features as optional equipment is not an issue...it is sheer stupidity. Imagine seat belts, brakes, and airbags as optional.
I can't get my head around this at all. I can only imagine that Boeing did not consider this safety option as adding any significant safety at all. But then, why offer it as an expensive option - except perhaps as a cynical money grab - but that would be more cynical than even I could believe.
 
I don't think so. It just seems pedantic to me.

Perhaps you'd share your expertise on the subject of aircraft systems and enlighten us all?

You may think it pedantic that I picked up on the usage of the terms 'system' and 'indicators' but stop and have a think about whatever field it is that you excel in - you can tell when someone is using terminology incorrectly and doesn't have a true understanding of the subject matter.

Do we at least all agree Boeing is to blame here? Surely that's beyond reasonable doubt?

No, not at all. Has it yet been disclosed who actually wrote the flight control software - not all aircraft manufacturers develop their own for every model, and there are several large manufacturers of AFCS.

Boeing Commercial Electronics (Their in-house avionics design unit) was dismantled back in 2003 and just 9 months ago they stood up the replacement unit 'Boeing AvionX', and I quote Boeing: "The new business unit is focused on the development and production of avionics systems for navigation, flight controls and information systems".

So ask yourself, who produced the flight control system software during the period when Boeing outsourced their Avionics unit?

Again, there are so many layers to these accidents that a single attribution of blame is just too simplistic.
 
Member
Joined 2014
Paid Member
Here it gets tricky. Could the pilots have recovered and returned to base? On this thread we have been told yes. A major accident is an unfortunate stack up of errors and until the final report comes in next year we might not know how many are stacked there.


Not saying Boeing do not have to get their house in order, but that its not as simple as 'totally Boeings fault'.
 
www.hifisonix.com
Joined 2003
Paid Member
+1000!

I once worked for someone who's kept saying "it's just a bit of code" every time they added weeks worth of new features to a product...

We used to call that 'creeping elegance'

Its one of the reasons in the auto industry you have a design freeze date. If you don't, the project will never get started.


I agree with your 'its just a bit of code' - people have no idea how complex these things are. I don't know of course, but I can only suspect that there are thousands or 100's of thousands of lines of code (C+ perhaps?) to run the flight control system.
 
Writing and managing software is something I happen to know a lot about. Complexity in software is cheap to create and almost invisible to see. "Emergent behaviour" is another term sometimes used instead of the more accurate "unforeseen side-effect". ;)

Anyhow, this reminds me that a couple of weeks ago I was in a major brand car rental office in Hamilton, Canada. I needed to get internet access so they let me sit at one of their PCs. It was running Windows 95. I kid you not.
 
www.hifisonix.com
Joined 2003
Paid Member
On the Typhoon program all code had to be written in Ada. For one units processor there was no Ada complier, but Ada had to written and was and was hand compiled....

The mind boggles.

I am remembering how Toyota was dismembered in a US court a few years ago for crappy software . . . and the mind boggles just as much. You’d think people would learn from stuff like this.