FAA: The Boeing 737 MAX Would Have Crashed...A Lot
"Mercedes Streeter" (smart)
12/11/2019 at 13:47 • Filed to:
Planelopnik
|  2
|  33 |
After the 2018 Lion Air crash the FAA conducted an internal review. Their findings projected 15 more fatal crashes over the life of the MAX fleet unless fixes were made. And yet, they were still allowed to fly and a second plane crashed not long later.
Assuming Boeing never fixed MCAS, that would be a catastrophic crash every 2-3 years, with a staggering total death toll. And considering this report was released before the Ethiopian crash, the actual number could be higher.
From Boeing:
In a statement, Boeing said the analysis determined that an emergency notice with instructions for pilots “sufficed to allow continued operation of the MAX fleet until changes to the MCAS software could be implemented.”�
Meanwhile, it’s projected the MAX planes won’t be flying again until into 2020. Of course, all this isn’t helping confidence in the FAA. It continues to baffle me all this has happened in the first place. Reminds me of the cargo door catastrophes from early widebodies..
Source
Another
One More
DISCUSSION (33)
SBA Thanks You For All The Fish
> Mercedes Streeter
12/11/2019 at 14:01
| 2
|
Thanks for posting this.
Being an embedded system design guy with Safety Engineering, Embedded Software and Aerospace on my resume.... this whole episode makes me sick.
The design flaws, even in the basic implementation of MCAS, were endemic and catastrophic. I’d LOVE to meet the Engineering Program Manager that oversaw this software implementation... Like who the Fv(k does Safety Critical Software design with no feedback loop and no error checking?!???
And, that CEO? Why does that wanker even have a job?
“Like who the Fv(k does Safety Critical Software design with no feedback loop and no error checking?!???”
Almost everyone I've met who works in autonomous cars.
SBA Thanks You For All The Fish
> For Sweden
12/11/2019 at 14:11
| 3
|
Even if you were dumb enough to do an
“IF AOA_Exceeds_Limit
THEN Nose_This_Whore_Down”
based off a SINGLE AOA input, with no error checking, wouldn’t you at least put a flag in there to the effect:
IF Nose_This_Whore_Down_Count > 3 AND
AOA_REMAINS_STUCK
THEN STOP DOING WHATEVER THE FUCK IT IS I’M DOING... BECAUSE IT SURE AIN’T WORKING.
The fact that it ran through the routine a dozen or more times in Lion Air, to no effect, is just completely brain-dead. Who wrote this code? Was there somebody NOT still in junior high involved
?
“
My family won’t fly on a 737 MAX. It’s frightening to see such a major incident because of a system that didn’t function properly or accurately.
”
-Adam Dickson, Boeing engineer of thirty years
I find it crazy that these engineers recognized the issues, and didn’t feel compelled to tell anyone outside of Boeing. People at this company have blood on their hands.
The Gen Z autonomy people don't believe in things like human-defined functions
At a MINIMUM, as soon as the Lion Air FDR data was extracted SOMEBODY should have raced to the code archives... traced the FMEA path for a Stuck AOA.... and kicked in Douchebag Dennis’ door in the Exec Suites and said
“We Need to Ground This Damn Thing. Right Now.”
It’s bad enough that the first 150 died needlessly, but to sit there for months blaming the pilots until a SECOND one went down? Geezus H. Kryst. This company is completely untrustworthy.
The real question o
n my mind is “What other code modules did the idiot summer intern work on?”
That’s what gets me, too. Like, we live in the age where planes have redundant basically everything. So why deviate from the norm, especially on such an important system?
The penultimate Lion Air flight experienced MCAS issues, but the pilots of that flight disabled the trim wheel motors to stop it. Sadly, that workaround never got passed to the subsequent pilots...
You should talk to more SV software types. Where “what can go wrong”
isn’t asked
We used to joke that “quality embedded systems design” was a lost art— but it’s suddenly no longer funny.
Any competent design review NEVER would have let the Summer Intern check this code module into the production build.
Two things:
Who wrote this code?
Some one in India with no experience making 15 bucks an hour.*
Please, please, please tell me somewhere in code Nose_This_Whore_Down exists.
*Only kinda joking.
I have a buddy who is a
commercial airline pilot. He told me about the runaway trim check. He was convinced that proper training on runaway trim would have averted both crashes. His training was such that if you pull on the stick in that manner and don’t get the desired result it is an auto default to a runaway trim scenario.
RamblinRover Luxury-Yacht
> For Sweden
12/11/2019 at 14:41
| 1
|
latent error multiple levels deep
? what’s that
IF Boeing’s CEO had any sense, they’d have said, right at the start of the debacle, “you know what, we should have re-certified the thing. And, now we will. We will re-design the flight controls, add three redundant AOA sensors and commit to re-train flight crews worldwide. This will never happen again.”
Instead, they will half-ass it until nobody trusts them. Ever.
United finally bailed and ordered 50 A321XLR the other day to replace 757s. This is going to hurt Boeing for decades.
I know a bunch of 737 pilots and they all started with “blame the poor pilot training in Asia or Africa...”. They are quieter in their defense of Boeing now.
My retort is always, “you know what, maybe the training isn’t as good, but airlines worldwide know one thing for certain— if those pilots had strapped into Airbus A320s that morning, rather than 737MAX, there are 350 people who’d still be alive today....”
Actually, there was a rumor (Oh, man, I hope it’s not true) that this was sub-contracted out to some offshore firm. Sigh. You’d have thought that at least the company building those flight computers would be involved... but I think part of the whole Whats-Wrong-With-Boeing scenario was outsourcing everything. That certainly bit them on 787 and it could be what happened here.
It’s just sad that no senior design oversight was applied. This is just a brain-dead implementation of this function.
Yeah, I think sensory overload was a factor. You had ALL SORTS of alarms going off (STALL!! Terrain!! Air Speed !!!) and a lot of confusion.
If you knew going in the AOA was stuck, you might have a fighting chance, but realistically you only had 40 seconds— and the least bit of confusion would have slowed you down. Seriously, that’s not even enough time to flip through the QRH
I’m not sure all the cocky US pilots would stand a chance if they were dropped into this one cold.
Textured Soy Protein
> Mercedes Streeter
12/11/2019 at 14:57
| 1
|
The thing that baffles me the most about this whole mess is the MCAS was a whole new flight control system that Boeing didn’t even tell airlines and pilots about.
That could be what the Lion Air pilots of the previous
flight figured. Plane keeps diving by
itself? Kill the trim motors so it can’t do that.
I have this sort of safety count enabled in a routine to run a stepper motor for a yarn winder. Mine simply sets a run timer that is reset by the hall-effect
counter sensor
t
ripping. If the sensor doesn’t trip, the timer runs out, the stepper stops, and the program throws an error. Why this shit would just *keep trying* is beyond me...
It might. Designing the plane properly in the first place would definitely have avoided both crashes though.
Exactly. This is a fundamental “Embedded Systems 101", especially with Asynchronous Interrupt control inputs in play.... You may not even “know” in the routine why you are falling through it. But in safety-critical applications you sure as hell better keep track if “you’ve been here before and before and before”.
YOU ALWAYS put in a watchdog time-out
and usually a “have I been here before” flag. The idea that you’d fall through that routine, DOZENS, of times when you could be sending people to their deaths? It’s just unthinkable.
BTW, did you really boost a 4.2 Audi motor? Which one? (ABZ, AUX or later?)
Boeing has been sucking its in house engineering dry for years. It was only a matter of time.
Funny when I interviewed there decades ago it was clear they had way too many engineers— there really wasn’t enough interesting work for everybody.
I guess the McD merger fixed THAT problem...
From what that engineer is saying, they all knew it was fucked and were actively hiding it from the FAA. Super sketch.
Sadly(?) the 4.2t referenced in my name is a diesel 4cly, not a finicky German v8 ;)
ttyymmnn
> Mercedes Streeter
12/11/2019 at 16:21
| 2
|
It continues to baffle me all this has happened in the first place.
It happens when
the bottom line and return for shareholders outweighs decades of best practices. And the FAA, or Boeing engineers in place of the FAA, signed off on all of it. One of the biggest problems with the FAA is that it has a dual role of both policing and promoting the aviation industry. Those two roles should be mutually exclusive.
When the MAX returns to the sky, it will likely be an extremely safe aircraft. The trouble is, all the testing they are doing now should have been done before the MAX ever left the ground.
I don’t know if I would say United bailed on the MAX, because they still have around 150 on order that haven’t
been delivered yet
SBA Thanks You For All The Fish
> AlfaCorse
12/11/2019 at 16:53
| 0
|
Nah, it’s bigger than that.
United has been firmly committed to Boeing for their mainline mid-size and up routes (757-767-777-787 now that 747s retired
). Those 757 and 767s are very long in the tooth and due for replacement. What was supposed to happen was that Boeing was to announce the New Mid-Market Aircraft (NMA) to fill that hole occupied by the 757 and 767s today. And, United, with a fleet of those old planes, was to be the launch customer for the NMA, presumably eventually to release as the 797.
Airbus had
been wooing United for several years
to buy (and take delivery sooner) the latest 321XLR with geared turbofans for that mission profile
. United HAD been holding off to be the launch customer for the Boeing NMA. With the announcement of the first 50 A321XLR sold to
UAL, it’s likely to be the first of many orders Airbus books in the category.
Having United
capitulate is a terrible leading indicator for Boeing in 2030... Since a lot of other airlines (Delta for one) have many 757/767 on their books looking for a replacement. United just legitimized the A321XLR as that plane... for a decade or more to come.
It’s bad for customers too, since a lot of 767s (twin aisle) are about to get replaced with long, skinny single-aisle A321XLRs. The NMA was supposed to be a breakthrough, efficient, twin-aisle. Ouch.
Oh yeah I don’t disagree with any of that, I thought you meant more that United was bailing on the MAX rather than bailing on Boeing for the NMA.
SBA Thanks You For All The Fish
> AlfaCorse
12/11/2019 at 18:19
| 0
|
Nah. Like SWA, UAL is probably stuck waiting it out on the MAX— and the airlines will get a big check-and-discounts-for-future-purchases to make up for their pain.
I just meant that the A321XLR purchase represents
the floodgates starting to open for airlines replacing 757/767 in their fleets. That was Boeing’s to lose... and they lost it. Those are big $$ purchases and will keep Airbus lines moving for at least 15 years.
A321XLR seems like it will be an awesome
plane, and it already has quite the headstart on the NMA.
I wonder if it better if
Boeing just focuses resources on what will eventually replace the 737MAX
. I don’t know how much
longer
airlines will be patient for the NMA while
flying 30 year old 757s or 767s
when the A321XLR is available to order. Even if announced as the 797 today, the NMA
would still have
years before the first airline deliveries.
SBA Thanks You For All The Fish
> AlfaCorse
12/11/2019 at 18:46
| 0
|
Yeah, the window is pretty much closed for NMA
in my opinion. They will be playing catch-up with XLR for a decade.
Worse, Boeing has huge issues with 777X. Maybe they shouldn’t have laid off all those engineers?
The irony is that 2021 will probably be a banner year for Boeing-- they’ll eventually get the MAX flying and shipping... and clearing that backlog will be very, very lucrative. BUT, they’ll have sacrificed near term profit for a long-term weaker market position... again. It’s sad, but I don’t feel too sorry for them, given what’s clearly a broken culture.
https://medium.com/crash-investigators/faulty-pitot-tubes-could-lead-to-a-conviction-for-airbus-in-france-5fa5344936d0
airbus is just glad folks forgot about their pitot tube problem
pip bip - choose Corrour
> Mercedes Streeter
12/12/2019 at 03:12
| 0
|
truly scary
