Continue to Site

Eng-Tips is the largest engineering community on the Internet

Intelligent Work Forums for Engineering Professionals

Register Log in
  • Congratulations waross on being selected by the Eng-Tips community for having the most helpful posts in the forums last week. Way to Go!

Boeing 737 Max8 Aircraft Crashes and Investigations [Part 6] 17

Status
Not open for further replies.
Sparweb

Sparweb

Aerospace
May 21, 2003
5,137
This post is the continuation from this series of previous threads:

thread815-445840
thread815-450258
thread815-452000
thread815-454283
thread815-457125

This topic is broken into multiple threads due to the length to be scrolled, and images to load, creating long load times for some users and devices. If you are NEW to this discussion, please read the above threads prior to posting, to avoid rehashing old discussions.

Thank you everyone for your interest! I have learned a lot from the discussion, too.

Some key references:
Ethiopian CAA preliminary report

Indonesian National Transportation Safety Committee preliminary report

A Boeing 737 Technical Site

Washington Post: When Will Boeing 737 Max Fly Again and More Questions

BBC: Boeing to temporarily halt 737 Max production in January
 
Replies continue below

Recommended for you

Sort by date Sort by votes
and an appreciation from the audience...

Dik
 
Upvote 0 Downvote
My favourite quote from the above article:

N.T.S.B. said “there should be confidence in the integrity” of its participation in the initial investigation of the 2009 crash said:
insisting that its work was always “independent, transparent and free from bias[/b].”]
Click to expand...

The B.S. meter is hitting the red line of that. It is pretty damn impossible to be completely to ever "“independent, transparent and free from bias" let alone ALWAYS be spot. At best complete arrogance, at worse actively covering up past mistakes. Likewise their refusal to participate doesn't suggest transparency.

Hey. Maybe NTSB is beyond reproach and have performed perfectly. (Unlikely given the recent issues) But even so in the current climate they need to rebuild the trust of the international community for their own benefit.
 
Upvote 0 Downvote
The h*ll of it is that they know that, but voice it anyway. It further detracts from their credibility.

Dik
 
Upvote 0 Downvote
Sounds like NTSB's 2009 report is pining for the fjords.
 
Upvote 0 Downvote
Sidney Dekker said:
Post-accident manufacturer recommendations that, in effect, tell flight crews to mistrust their machine and to stare harder at it not only mismatch decades of human factors and automation research, but also leave a single-failure pathway in place.
Click to expand...

Wow, the contempt is palpable. This report is an informative and entertaining read. There is a significant degree of disgust expressed by the author almost everywhere with the system design's fault tolerance, which was exposed in this case.

New York Times; Feb. 6 said:
In (...) the 2009 crash, which involved a 737 NG, Boeing’s design decisions allowed a single malfunctioning sensor to trigger a powerful computer command, even though the plane was equipped with two sensors. (...) the company had determined that if a sensor failed, pilots would recognize the problem and recover the plane. But Boeing did not provide pilots with key information that could have helped them counteract the automation error.
Click to expand...

This sounds strangely familiar!

 
Upvote 0 Downvote
It's seems they have been getting away with this single sensor onto primary flight controls automation for 20 odd years.

You can see why the design shop could do very little about it with the max even if they thought it was stupid.

O well I am sure they have saved several million over the years by doing so. Many bonuses which can't be reclaimed will have been paid. More than likely the originator of this practice is now dead through old age.

Running estimated cost of the max grounding is 19 billion $ to Boeing alone. Now production is shut down the are now starting to calculate the cost to the economy and third party suppliers. I have a gut feel it will end up in the region of 50 billion after it's all sorted out all in.

And now Boeing needs to produce at least two clean sheet designs in the next 10 years and start thinking about a 737 replacement clean sheet.
 
Upvote 0 Downvote
H'mm wonder if they only had one clock on the space rocket....

And only one sensor to say if the service module is still attached....
 
Upvote 0 Downvote
Alistair_Heaton said:
It's seems they have been getting away with this single sensorIt's seems they have been getting away with this single sensor onto primary flight controls automation for 20 odd years. onto primary flight controls automation for 20 odd years.
Click to expand...

From what I can see it is all part of the grandfathering process that going on since 1967 so potentially over 50 years. From something I read the flight computers still used are Intel 80286. That computer processor is from 1982!!

Having two separate completely independent flight computers reading separate sensors, processing separately and outputting separately is great redundancy when the pilot is the one in control and is simply wanting reliable data. Shoehorning autopilot or even worse flight envelope protection that can't be readily turn off onto is far from ideal.
 
Upvote 0 Downvote
It's not though


Along with speed trim system it was new to the Ng.

The Ng has a raft of things that were duplicate systems that were condensed down to single.

It used to have two motors on the trim stab jack screw. One was only for the pilots electric trim and the other for aircraft systems input.

Radalt would have only needed to be used by the autothrust when autolanding was required which again was new to the NG.

The 500's are apparently bullet proof and everyone knows how they work and how to deal with there vices. NG is a completely different aircraft system wise.
 
Upvote 0 Downvote
The use of the 80286 is apparently because after that the processors went multi threaded and it's exponentially harder to certify the system if it's multi threaded software.

I don't have much of a clue to be honest on the system software and hardware certification. All I know is that there are two standards. One is for when failure means nobody dies. And second one is for catastrophic. Boeing so far because the pilot was argued to be always to be able to spot an issue and solve it in 3 seconds has gone for the none catastrophic certification.



You will more than likely understand it better than I do.
 
Upvote 0 Downvote
Threading isn't processor, it's software. You could still run single thread software on new processors if you wanted to. There were/are newer processors that are still single core.
 
Upvote 0 Downvote
Nevertheless, unless the 286 is being overtaxed, using such a processor might actually be safer, since it's an orders of magnitude simpler design, and therefore, simpler to test and validate. Today's processors could go through years of testing without necessarily even verifying that all possible "stuck-at" faults can be found.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! faq731-376 forum1529 Entire Forum list
 
Upvote 0 Downvote
Weren't there reports last year that there was evidence the 286 was being overtaxed during simulations/testing? I recall seeing articles that, while the 286 was perfectly adequate in previous iterations, the addition of MCAS and other software appears to be pushing it beyond it's limits.

Not sure what the outcome of those reports was, since they haven't changed processors yet.

Example Article
 
Upvote 0 Downvote
Nevertheless, it's a well-qualified part with literally millions of hours of actual reliability data.

We used to source metal-gate PMOS telecom parts until we decided to screw the pooch that laid nearly golden eggs; we actually out-sourced everything but printing our own logo and part number on the parts and still made 90% margin, and our infinitely-wise GM forced last-time buys. The reason they were so profitable was that they, likewise, were fully qualified and had gobs of reliability history, which is often hard to come by.

These were 6-micron PMOS parts being built when 2-micron CMOS parts were already get a bit long in the tooth.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! faq731-376 forum1529 Entire Forum list
 
Upvote 0 Downvote
Quote said:
Weren't there reports last year that there was evidence the 286 was being overtaxed during simulations/testing? I recall seeing articles that, while the 286 was perfectly adequate in previous iterations, the addition of MCAS and other software appears to be pushing it beyond it's limits.
Click to expand...

I read similar, but I haven’t seen any concrete claims that the 80286 is actually underpowered and that it has anything to do with the failures.


 
Upvote 0 Downvote
Since I brought up the discussion of the use of Intel 286s, I just wanted to say that by no means was I suggesting this was inadequate for its task just because of its age. (I'm in no position to judge.) All I wanted to do was highlight just how much they have grandfathered keeping the same processing unit while still adding on additional software tweaks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Alistair_Heaton
  • Question
DHL 737-400 crash
Replies
11
Views
5K
3DDave
3DDave
Alistair_Heaton
  • Question
Boeing again pt2. 16
5 6 7
Replies
135
Views
29K
Alistair_Heaton
Alistair_Heaton
IRstuff
  • Question
Azerbaijan Airlines flight carrying 67 people crashes in Kazakhstan
2 3 4
Replies
63
Views
15K
LittleInch
LittleInch
GregLocock
  • Locked
  • News
Boeing again 47
21 22 23
Replies
441
Views
5K
Sym P. le
Sym P. le
dik
  • Locked
  • Question
Boeing 737 Max8 Aircraft Crashes and Investigations [Part 9] 2
6 7 8
Replies
155
Views
890
Alistair_Heaton
Alistair_Heaton

Part and Inventory Search

Sponsor

Back
Top Bottom