Facing Sharp Questions, Boeing CEO Refuses To Admit Flaws in 737 MAX Design (seattletimes.com) 413
A reader shares a report: In a tense and steely news conference, his first since two deadly crashes of 737 MAX airplanes, Boeing Chairman and CEO Dennis Muilenburg faced sharp questioning but refused to admit flaws in the design of the airplane's systems. "We have gone back and confirmed again, as we do the safety analysis, the engineering analysis, that we followed exactly the steps in our design and certification processes that consistently produce safe airplanes," he said. "It was designed per our standards. It was certified per our standards."
In the case of the MAX, those processes certified as safe a new flight-control system that was triggered on both the Lion Air and Ethiopian crash flights by a single faulty sensor and then engaged repeatedly to push the nose of each airplane down. Boeing is currently flight testing a software redesign of this system -- Maneuvering Characteristics Augmentation System (MCAS). Yet Muilenburg would not concede that there was anything wrong with the original MCAS design, saying only that the system is being "improved" with the software redesign. He said airplane accidents are typically due to "a chain of events," and that "it's not correct to attribute that to any single item."
In the case of the MAX, those processes certified as safe a new flight-control system that was triggered on both the Lion Air and Ethiopian crash flights by a single faulty sensor and then engaged repeatedly to push the nose of each airplane down. Boeing is currently flight testing a software redesign of this system -- Maneuvering Characteristics Augmentation System (MCAS). Yet Muilenburg would not concede that there was anything wrong with the original MCAS design, saying only that the system is being "improved" with the software redesign. He said airplane accidents are typically due to "a chain of events," and that "it's not correct to attribute that to any single item."
frosty c6bummer psot (Score:4, Funny)
It was pilot error!
Re: (Score:3, Funny)
The Steve Jobs of planes: "They were holding the control yoke wrong"
Re: frosty c6bummer psot (Score:5, Insightful)
You mean, as the CEO of a company...
...a company without a moral compass, and as a thoroughly despicable human.
You repeat yourself.
Re: (Score:3)
It bears repeating.
Re:frosty c6bummer psot (Score:5, Interesting)
It was pilot error!
Actually.. Boeing has at least admitted that it was pilot training... Boeing didn't properly document the feature and pilots where not properly trained as a result. Remember, the aircraft IS still flyable, a fact that is proven by the events leading up to the first accident, where the day before the aircraft that crashed had the identical malfunction, and the pilot who happened to be sitting in the jump seat figured it out, popped the trim system breaker and they landed safely.
This tells me that this was, at most, a training issue. The pilots didn't have enough time to diagnose and work around the problem because it wasn't something they where trained to catch right away. If one pilot was able to figure out a solution all on his own, safely flying though this issue is possible.
So I don't blame the pilots for making a mistake, even though they could have flown the aircraft with the malfunction, they where not told how so they didn't make a mistake, they just ran out of time before they could figure out what to do.
Re: frosty c6bummer psot (Score:2)
Re:frosty c6bummer psot (Score:5, Informative)
Sure. As long as you admit that the training issue is that pilots were told they didn't need to retrain if they were certified for the 737 and were told it has exactly the same flight characteristics. This makes Boeing culpable for that "training issue.". The MCAS system was not documented in the flight manual.
They only won't directly admit fault, because it will be used as evidence in all the lawsuits.
Re: (Score:2)
Re:frosty c6bummer psot (Score:4, Interesting)
The plane is flyable with this fault...
Multiple faults, actually, including the stubby landing gear, the poorly positioned engines causing unwanted lift, the lack of sensor redundancy, the murderous control algorithms, and it goes on. Really, the 737 Max is a junk design and should be junked, along with the evil people who foisted it off onto an unsuspecting public.
Re: (Score:3)
I think that, with the circumstances surrounding the loss of 2nd hull due to this (as well as some alleged 'near misses'), the advice of 'just pull the trim breaker' is rather discredited.
Re:frosty c6bummer psot (Score:4, Interesting)
Please note that the fallback mode for a trim failure in an MCAS - equipped 737 is identical to a non-MCAS equiped 737; Pull the trim motor breaker and trim the aircraft manually using the trim controls.
I see anonymous trolls repeating this talking point all over the internet, however there is an obvious issue: with the electric trim control disabled, and flying near cruising speed, human fingers are not strong enough to move the elevator trim wheel.
Re: (Score:3)
This article is about the 737, not a modern commercial aircraft. The black wheels mounted on the left and right sides or the center console are physically, not electronically, connected to the flight surfaces. With the electronic trim breaker shut off, the difficulty of turning the cranks absolutely is a result of air pressing on the outside of the plane.
The thumb switches are electronic, but if you pull the circuit breaker to stop MCAS from trying to murder you, the thumb switches stop working.
Re: (Score:3)
Re:frosty c6bummer psot (Score:5, Insightful)
Issue being that this is a design problem, not a pilot training problem if your description proves true in investigations. This is because two pilots are far too busy trying to keep the aircraft from nosediving into the ground to be able to troubleshoot the problem in time.
The extra pilot could do it because he had nothing else to do but troubleshoot, and sitting behind them he could very easily see what was going on with trim wheels.
This sort of a thing could be labelled a "pilot training problem" in 1960s. There's a reason why a lot of planes crashed back then compared to today. Today, this sort of a problem is considered a design error, because the system as a whole is not safe enough for modern civil aviation. The sum of the issues leading to the failure is the following: system that isn't immediately obvious to the pilot + system lacks backups for critical components + system is mission critical and can cause a rapid and unavoidable crash + insufficient pilot training.
Better pilot training will not correct for other issues, such as lack of critical component backup or system failure's obviousness to the pilot in event of a critical malfunction.
Re: frosty c6bummer psot (Score:3, Interesting)
There are videos on-line that show that it is almost impossible to retrim the plane manually when the plane is flying at higher speeds and if the misstrim is too large. Combine this with a high-stress situation and you have an accident waiting to happen on your hands.
Re: (Score:3)
I agree, and would add that to assume that they are going to know that it is a runaway trim issue in time to prevent it being an unrecoverable situation is specious at best. There was no proper warning system in place, and there would be the stall warning going off which they would assume is the root of their problems.
Re:frosty c6bummer psot (Score:5, Insightful)
No, it was not pilot error. The pilots did all of that, they turned off the electric trim, They tried to manually trim. They could not, because it was aerodynamically locked. Boeing had removed insructuions for unlocking the trim from such a situation from its manuals. So MCAS applies trim, to make plane nosedive, you then turn off the electric trim so you cannot correct it, since manual retrimming was not possible. The solution would have been to simply have a switch to turn off MCAS and then use electric trim to fix the trim. But if there was an MCAS switch Boeing would have to admit that MCAS exists and to admit that might cause people think the Max is not quite a 737 and not so simple to operate, people would have to be trained on MCAS and no one was supposed to know about MCAS because MCAS being there was due to the fact the plane is different than a 737. Boeing was hell bent to make sure that their new plane could be sold as just another 737 because to do so made the plane more profitable.
Re: (Score:3)
Right, quite difficult, or in an jetliner extended by repeated modification far beyond any inherently safe design configuration, impossible
Re:frosty c6bummer psot (Score:4, Insightful)
You are blaming the PIC when you do not have all the facts, once fact you are conveniently ignoring is that by pulling the trim breaker you then have to fall back to manual trim, at the already excessive airspeed (the pilot was not going to command reduction of engine power when he had erroneous stall/underspeed warnings) and loading on the horizontal stabiliser. you have very little to no chance to correct the by then already very nose down trim situation due to the fact that you dont have enough enough authority on the horizontal stabiliser trim with the manual trim wheels because of the aerodynamic load on said stabiliser. This combined with the fact that both pilots would have been need to use both hands to pull up on the yoke to try and counteract via elevator commands.
Bottom line:
MCAS in it's then form should not have been let anywhere near a production airframe and it should have had a seperate breaker to disable it rather than having to cut all electric trim. The pilots did not design this doomed to fail system, nor were they given adequate workarounds to the poor design.
Re: (Score:2)
If one pilot was able to figure out a solution all on his own, safely flying though this issue is possible.
Hopefully that was the only issue.
Re: (Score:2)
This tells me that this was, at most, a training issue. The pilots didn't have enough time to diagnose and work around the problem because it wasn't something they where trained to catch right away. If one pilot was able to figure out a solution all on his own, safely flying though this issue is possible.
If the brake hydraulics on a certain car model tend to spontaneously fail, but some drivers still manage to stop safely (by engaging the parking brake or any other means), does it mean that it is *at most* a training issue?
I have had recall letters sent to me for far less serious issues. The proposed action was always "bring the car to the nearest dealership, and we will replace the part(s)", not "come over, we will train you what to do in this situation".
Re: (Score:2)
Sort of like "My UI can't be shit - I found someone who can use it!"
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
IIRC, while what you say above is true, it is only applicable to that specific instance. In the case of the second crash, the pilots apparently DID pop the trim breaker... and weren't able to re
A problem that has a workaround is still a problem (Score:4, Insightful)
Yes, there is course of action the pilot can take when this system failure happens.
Yes, there is a training issue in that the pilots weren't trained on what to do when this system failure happens.
The two prior sentences are about what happens after the failure occurs, how to stay alive despite the system failure. They would not be needed if the system didn't fail.
So there are at least five problems:
1. Frequently, one of the two AoA sensors fails.
2. When one AoA sensor fails, MCAS sends the plane into a nosedive, without cross-checking the other sensor or pitot tubes.
3. The solution is non-intuitive. Other similar failures can be overcome by the pilot pushing harder. The MCAS ignores the pilot pulling the stick back hard.
4. The pilots weren't trained on the MCAS
5. The airlines and pilots were told they don't need training on the Max
Boeing's statement is, imho, exactly the wrong thing to say. This MCAS thing is a string of failure after failure, problems on top of problems. "This is the result of following all of the procedures we always follow for everything" suggests that the processes they use for everything can be expected to cause a cluster fuck of problems on top of problems. The right response, imho, would be "we have looked into the underlying causes five levels deep and implemented new processes to avoid any further problems from such causes".
Re: (Score:2)
So there are at least five problems: 1. Frequently, one of the two AoA sensors fails.
AoA sensors are mechanical devices. They can fail. I don't know that "frequently" is a proper term, however.
3. The solution is non-intuitive.
I'm sorry, but that's just nonsense. If you have a runaway trim pushing the nose down, the intuitive solution is to TURN OFF THE TRIM SYSTEM. That's what the emergency procedure happens to be, so even if it isn't intuitive, it is part of the pilot operating handbook, is well documented, and is taught to every pilot as part of recurring training.
Other similar failures can be overcome by the pilot pushing harder.
That's just asinine, and so obviously wrong as to be la
Re:A problem that has a workaround is still a prob (Score:5, Informative)
I'm sorry, but that's just nonsense. If you have a runaway trim pushing the nose down, the intuitive solution is to TURN OFF THE TRIM SYSTEM.
The problem is pulling the breaker to disable the entire trim system (including MCAS's input to it) leaves you unable to manually change trim because of aerodynamic forces. The backup wheels can't be turned with enough force to un-do the damage caused by MCAS.
So now the nose is still being pointed down, and you still can't bring it back up. That's entirely on Boeing.
That's just asinine, and so obviously wrong as to be laughable. You don't "push harder" if the nose is going down. You pull up.
Asinine is insisting "push harder" literally means push, instead of "actuate the controls in the desired direction with more force".
And not a single thought of "gee, the trim isn't working right, I better disable it...", which would have saved the lives of everyone on board.
They disabled the trim system, dumbass.
They were unable to fix the trim because the manual wheels could not apply enough force to overcome the aerodynamic forces. They then re-enabled the trim system so that they could use the powered trim adjustment as a last-ditch effort. And it worked....until MCAS fucked them over again.
It takes no extra training to know how to turn off the trim system
It does, however, take training to know that MCAS 1) exists, and 2) is the thing fucking over your trim, so you're gonna need to leave the powered trim system on only long enough to get to the point where you can actually use manual trim.
And, at least four months prior to the second crash, the airlines were told about the problem, what creates it, AND HOW TO SOLVE IT.
If it could actually be solved by the airlines and the pilots, then Boeing wouldn't be spending months re-writing MCAS and retrofitting the optional warning light upgrade for free.
Re:A problem that has a workaround is still a prob (Score:5, Interesting)
The problem is that they could not correct the trim manually due to trim lock, the manual control was locked up. If it could have been corrected at all would have required counterintuitive manuvers no longer mentioned in Boeings own manuals. So the pilots were not trained on how to correct the trim lock.
Its all boeings fault. Had they allowed MCAS to be turned off but not electric trim, that would solve the problem, the electric trim could then provide the force needed to fix the trim.
It doesnt make any sense to not allow MCAS to be turned off and to instead force people to knock out the entire electric trim system instead. T
Re:Disconnect power to the stabilizer trim (Score:4, Insightful)
Which was done according to the black box data, and more than once. The issue is that a human is not strong enough to move the trim wheel without the aid of the electric motor when there is a high aerodynamic load on the control surface, as was the case.
Re: (Score:3)
Boeing didn't tell the pilots to leave the throttle almost wide open while they headed towards the ground.
Boeing didn't tell the pilots much of anything, and that is part of the reason Boeing is culpable. And yes, this is as bad for Boeing as it sounds, your flippant wisecrack notwithstanding. More flippant wisecracks => more bad.
Re: (Score:2)
Actually, enabling autopilot would solve this. This issue only occurs on manual control, because it's a compensator for manual controls to make it steer like a stock 737.
Re: (Score:2)
The position of the large engines requires the nose to be slightly tilted down compared with the 737. The whole MCAS system is to take pilot input and ensure that the nose position is adjusted slightly downward from where a pilot would position on a 737. This is a stall-prevention system, because it's easy to accidentally throw the plane into stall if you are treating it like a 737 and are unaware of just how much larger these engines are.
It's always on when you are on manual control. But because it's on
Re: (Score:3)
The whole MCAS system is to take pilot input and ensure that the nose position is adjusted slightly downward from where a pilot would position on a 737.
Oh, please. That's silly. The system is designed to push the nose down when an excessive angle of attack is detected. Otherwise, the nose goes where the pilot tells it to. MCAS has NO EFFECT unless it detects an excessive AoA.
You cannot disable MCAS when on manual control except by physically or electrically disabling it.
Physically disabling it requires pulling up in response to the nose down trim. Electrically disabling it is accomplished the same way any runaway trim situation is disabled, a procedure that is taught to every pilot and documented in the POH.
Re: (Score:3)
Key word is detects.
No, key words are "NO EFFECT". You claimed, and I quote:
The whole MCAS system is to take pilot input and ensure that the nose position is adjusted slightly downward from where a pilot would position on a 737.
That is simply NOT TRUE. MCAS doesn't ensure the nose is lower than the pilot commands. It ONLY operates if there is a detected excessive AoA pitch attitude. It does NOTHING otherwise.
Whether MCAS uses one or two inputs is irrelevant to whether it does what you claim it does.
If they had mentioned the existence of the MCAS system when releasing it, that's exactly what likely would have happened.
And that's what should have happened whenever there is a runaway trim condition, which is how this problem exhibits. The runaway trim procedure is to be applied any time there is
Re: (Score:3, Insightful)
You've got to be kidding. Their senses told them there was a runaway trim problem. They could see the trim wheel spinning down, they could feel the aircraft nosing down, they knew the nose was being pushed down because the trim was causing it. Why the hell would they not trust their own senses on that?
Their senses told them the airplane was fine. The airplane, however, told them it was not. For the record, how do you know they could see the trim wheel spinning down? Was that on the cockpit tapes? Granted they may have had the opportunity to see it but it could've easily been missed in the confusion.
If you're a pilot or done any piloting you know seat-of-the-pants flying can get you into serious trouble. By and large, if a stick shaker activates, what are you going to think? You're going to think yo
Re: (Score:2)
The poster is saying that engaging the "auto pilot" would override the MCAS pitch control problem. They are two separate systems, that drive the same thing in the tail to adjust the pitch trim so the claim makes sense, though I don't know if that is correct or not.
Re: (Score:2)
Do you really believe that professionals whose life was all about flying that specific plane model would be so lazy and self-loathing as to not ask their colleagues
They didn't have to ask their colleagues. The FAA released an emergency AD in Nov. 2018 which created a legal responsibility for the airlines to inform their pilots about the problem and the solution. Boeing also distributed information in Nov. 2018 telling every customer of the problem and the solution.
Triple redundancy (Score:5, Insightful)
Any device that has an impact on control surfaces should have triple redundancy...like the Shuttle did.
A single sensor taking out an aircraft is pretty much negligent design.
Re: (Score:3)
Re: Triple redundancy (Score:2)
Lol.
No doubt thatâ(TM)s what specs called for
You joke, but... (Score:3)
It's absolutely hair-raising, particularly when he points out that the O-rings were not supposed to suffer erosion (damage) during usage. When damage was discovered, they observed that erosions typically happened through only about 1/3 of the ring, and so one of the upper management characterized this as having "a safety fa
Designed to standards (Score:5, Interesting)
"It was designed per our standards. It was certified per our standards"
I hear this a lot as an engineer. It makes no sense to me. Your "standards" are arbitrary and might be flawed. Why does following a standard mean that nothing went wrong? It is like Agile zealots who assume because they hit all their benchmarks (or whatever they call them) the product is ready.
Re:Designed to standards (Score:5, Insightful)
Indeed. In fact, in a failure like this, due to obvious recklessness or incompetence, saying "it was certified per our standards" seems to be a clear admission that your standards are deeply flawed, and *everything else* you've made should be suspected to have similarly severe problems lurking under the hood.
Re:Designed to standards (Score:5, Insightful)
Indeed. In fact, in a failure like this, due to obvious recklessness or incompetence, saying "it was certified per our standards" seems to be a clear admission that your standards are deeply flawed, and *everything else* you've made should be suspected to have similarly severe problems lurking under the hood.
Came here to say exactly this.
Re: (Score:2)
Yeah, but when you’re at the point in the discussion you can turn it over to your lawyers. They make their living burying such simple facts in an avalanche of legalese.
Re: (Score:2)
Re: (Score:2)
Well, the control system that caused the problem had a pretty clear and obvious design flaw (using only one of two available relatively low-reliability sensors), in addition to the more subtle failure-loop that required pilots to be specifically aware of the differences in a system designed specifically to avoid retraining pilots.
So, there's really only two options:
They're lying about it having passed their usual standards.
or
Their usual standards are clearly insufficient, at least where software and user in
Re: (Score:3)
Apply this zero tolerance approach to all modes of transportation and the furthest you could travel is on foot up to the limits of your own property.
Re:Designed to standards (Score:5, Insightful)
Yes - what this very much suggests is that the standards are so badly flawed that they can't be trusted and as a result anything else designed to the same standards should be considered suspect.
Really, taking the stance that planes that crash meet your standards might not be the smartest way forwards.
Re: (Score:3)
Re: Designed to standards (Score:2)
Re: (Score:2)
I'm not a troll, I post to my standards, and I have high standards, you low-IQ basement-dwelling idiots!
Re: (Score:2)
If this system was designed per their standards and nobody did anything wrong, there's something seriously wrong with their standards and I'm wondering what other problems may come up later. I would have been a lot more reassured if they had just said "we messed up and are taking steps so this cannot happen again".
They are still in lawsuit avoidance mode: whatever you do, don't admit any mistakes were made! As if the size of this cockup wasn't immediately obvious to anyone with the slightest knowledge about
Re: (Score:2)
I hear this all the time and it's bullshit.
They're going to get sued seven ways to Sunday whatever the CEO says. Those cases will be decided by evidence + expert testimony, not what the CEO says.
Re: (Score:2)
It sounds a little weasely, but that is legal language. A full statement could be that it was designed with compliance to relevant(*) safety regulations with a standard of care appropriate for passenger aircraft.
While MCAS was a shitty design, especially in only using single sensor data and allowing infinite cycling, it was required by regulatory framework.
The “standard of care” is professional engineering speak for the fact that not everything is designed to the highest standard possible, but t
Re: (Score:2)
Without the MCAS, there may have been more crashes. The root cause of MCAS wasn't the regulatory framework: it was a decision to design the 737 MAX8 such that it wasn't stable and was prone to stalling. MCAS followed from that decision and the decision to ensure that existing 737 pilots did not need re-training to fly it.
Re: (Score:2)
Re: (Score:3)
As an engineer, I also suspect the engineers fought against the design as it stands today but were overruled by management. I can’t see many engineers would think that a software change would be adequate to overcome the problems and that pilot override would be so convoluted.
I can, depending on how the design is done. if seperate groups are ppaoraching different parts of the problem and not working together to keep everyone aware of the overall design approach the system could have been designed as it was and all the engineers sign off on it. I've been involved in projects where someone outside of our group would change something and we'd not been told about the change; we caught it because we kept checking the status of inputs into our system and would catch those that just ma
Re: (Score:2)
The FAA practically let them self-certify their own aircraft.
Re: (Score:2)
A problem with complex builds that needs more then a small group of people is the fact that no one really really designing for the big picture.
They say to the Engineer, I need a part to handle tolerances of X and Y that fits in dimensions of AxBxC.
Now if this part fails because the part handled conditions of X-5% or Y+5% it isn't the Engineers fault for not doing his job, because the part met the specs given. Trying to make a part that exceeds the specs could add undo cost to the project, or there is plan
Re: (Score:2)
"It was designed per our standards. It was certified per our standards" I hear this a lot as an engineer. It makes no sense to me. Your "standards" are arbitrary and might be flawed. Why does following a standard mean that nothing went wrong? It is like Agile zealots who assume because they hit all their benchmarks (or whatever they call them) the product is ready.
This is a classic behavioral response that results from a lack of unfavorable outcomes creating the impression that the actions (standrads in this case) are sufficient to prevent an adverese outcome. Repeatedly doing something without an adverse outcome does not imply the action is safe; but peopel tend to erroneously, in some cases, assume it does.
Re: (Score:2)
True, but this was a news conference. Overwhelming majority of reporters are specialists in language interpretation and have little to no understanding of how engineering works. Their profession is about observing something, and then packaging it to be sellable to the audience of people who are also utterly ignorant of the topic. To do this, they do not need to be correct in any of their assessments, they merely need to package it so that it looks like they are to the uninformed. They can even be diametric
Re: (Score:2)
Re: (Score:2)
ISO 9000.
It doesn't matter if you fuck up, as long as you documented your fuck up and followed the fucked up procedure.
Dissipate blame over such a large area that it's impossible to hold anyone accountable. Cover your arse with bits of paper showing you fucked up according to procedure.
If there are any consequences for this guy they will be for the drop in stock price or fall in quarterly profits, not for getting people killed.
Re: (Score:2)
sounds like the corporate version of "we were just following orders".
Comment removed (Score:4, Informative)
Comment removed (Score:4, Informative)
Re: (Score:2)
This one is interesting. This used to be the distinction between Boeing's automated systems and Airbus'. When Airbus switched to a fly-by-wire system, the complaint among pilots was that the computer was flying the plane, and the pilot was merely making requests to the computer. It was implicated in several Airbus crashes (pilot attemp
Re: (Score:2)
I agree it's interesting, but for a different reason: apparently, MCAS' entire purpose is to prevent the aircraft from getting into an unrecoverable stall, and the fix is to allow the pilot to apply control inputs that could put the aircraft into an unrecoverable stall. They may as well just shut off MCAS and call it a day.
Boeing Chairman and CEO (Score:5, Insightful)
Sensible companies do not let the Chairman of the Board and the CEO be the same person.
Re:Boeing Chairman and CEO (Score:5, Insightful)
Re: (Score:2)
All the planes will have to be scrapped
Nope. They will hang on to them for a few years and then sell them again, but re-branded as something else.
Single point of failure (Score:5, Insightful)
Proof that Boeing is still making unsafe airplanes (Score:5, Interesting)
I'm amazed that Boeing's CEO is so eager to proclaim that their corporate culture and safety practices don't face significant flaws.
Every once in a while we all mess up. Companies let short term profits erode their commitment to safety, and in the worst case people die. When Blue Bell ice cream killed less then 10 people in the hospital, they learned a lesson beyond the initial incident and made a change to their safety culture.
What Boeing is telling us is that the same flawed and unsafe corporate culture that killed 300 people is still making the same mistakes, and will continue trying to sneak defective airplanes past the FAA, whom they have long since turned into a corporate lapdog.
Boeing has lost all credibility. The FAA has lost all credibility, as foreign countries turn to European and Chinese regulators now that the former gold standard has disgraced itself.
I don't see how any prospective plane purchaser can ignore the culture of slapdash design and workmanship that let Boeing transition from a safe airplane manufacturer to the leading producer of planes that fly themselves into the ground at high speed while the pilots rush through incomplete documentation while frantically pulling up on the controls.
Re:Proof that Boeing is still making unsafe airpla (Score:5, Insightful)
"those saying the FAA have lost credibility are just going by gut and feelings. The FAA did the right thing here. They based their decision on facts as they came to light."
Uh... no... that's ridiculous. The FAA was essentially saying that they weren't going to crash 737s because they didn't know why the airplanes kept flying into the ground.
The airplanes were pulling up briefly, then diving back into the ground again and again until impact. The two 737 MAX crashes flight paths were almost identical, as anyone with radar data could plainly see. No need to wait for the black box on this one.
So when you say the FAA was waiting for data, the data they were waiting for is specifically which aircraft system on airplanes of this model were forcing the airplane into the ground. And of course they already knew about the MCAS flaw that had already caused a plane crash, and updated the still incomplete documentation.
This is why all regulators already had all the information they needed to ground the 737 MAX fleet in their jurisdictions. Only a regulator controlled by the industry it's supposed to be regulating would be so stupid as to let an airplane model continue to fly despite frequent crashes because people don't know which specific flaw is nosediving the plane into the ground.
Ok then, your standards are bad (Score:2)
Using basic predicate logic:
1. "our design and certification processes that consistently produce safe airplanes," i.e. A = "design standards", B = "safe airplanes", claim A(x)->B(x)
2. "It was designed per our standards. It was certified per our standards." A(737MAX) = True -> B(737MAX) = True
3. Observation: B(737MAX) = False
Hence A(x)->B(x) is not valid and they need a new set of standards.
Single point of failure (Score:5, Interesting)
Re: (Score:2)
Can you believe those reprobates didn't think of absolutely everything? How dare they!
[...]
Compare this stuff to the number of people killed in car accidents every day.
Funny you bring up cars. Even cars have sensor cross-checking these days. Vehicles with throttle-by-wire have two (or more, but usually two) pots connected to the pedal, not just one. Also, OBD-II has a monitor whose job is to look for inexplicable sensor values, including doing cross-checks. It's called a continuous monitor for obvious reasons, and its name is the comprehensive component monitor. It notices when sensor values are implausible, including when they don't match what other related sensors are s
Follow the sociology of technology development. (Score:2)
To me, it seems obvious that the problems with the Boeing 737 MAX-8 were caused by a lack of social connections between engineers and between engineers and managers.
To me, considering all I have read, it seems that the Boeing CEO was extremely disconnected and dis-interested in the development of that aircraft. The 737 MAX-8 is manufactured in the Boeing Renton Factory [wikipedia.org]. The Boe
For legal reasons (Score:2)
He has to say this for legal reasons.
Admission of guilt in face of impending lawsuits (families, shareholders, airlines, etc.) wouldn't look good.
Of course he's lying, as evidenced by the fact that they are fixing the software and making a previously optional sensor a standard feature.
It's not like he'll face criminal charges, he's got too much money. His job might be the most that's at stake (and I'm sure the golden parachute is of a very heavy fabric).
This is a symptom of greed. I want indictments (Score:5, Insightful)
Boeing lied when they said the 737 Max was a simple evolution of the 737 family.
Boeing lied when they turned off sensor malfunction alerts on 737 Max — and didn’t tell airlines or FAA. [hotair.com]
Boeing lied by omission when they designed a flight control system that allowed the MCAS to over-ride pilot inputs.
To say the crashes were accidents is a lie. The crashes were easily predictable in a short time.
I want to see the DOJ issuing indictments of FAA and Boeing personnel.
Re: (Score:3)
Boeing should be forced to refund all the airlines, all existing MAXs should be scrapped. And they should be forced to do a ground up redesign for a stable airplane that does not need MCAS. That is appropriate punishment.
Failure to address the problem (Score:2)
"It was designed per our standards. It was certified per our standards."
Yet two airplanes have crashed without a satisfactory explanation, is that also per Boeing standards? Insisting that you did everything right is not enough when the end result is hundreds of corpses. Now it's up to Boeing to deliver on what went wrong where and how to prevent it in the future, that cannot happen with a starting point that insists on everything being absolutely rosy and perfect.
Logic 101 fail (Score:3)
we followed exactly the steps in our design and certification processes that consistently produce safe airplanes
The generally accepted definition is that "Safe" is a plane that does not crash & burn without it being the pilot's fault or a maintenance issue.
The Max is not "safe" under that or any other definition that people would use.
Hence that design and certification process DOES NOT *consistently* produce safe airplanes, as at least one recent plane was not safe.
His lawyers just told him whatever you do do not admit fault, so we can have a fighting chance in court...
Most NON passenger planes are unstable (Score:2)
Re: (Score:2)
Most combat aircraft
Sounds like modern software dev to me (Score:2)
Obviously avionics goes through way more scrutiny and testing than your average phone app or SaaS platform. But, being a systems person working with developers, all too often I see the mentality, "Ship it, we'll patch in production, it doesn't matter if there are bugs, all software has bugs."
Going back to waterfall and multi-year design isn't an option, but IMO there has to be something better than almost no planning whatsoever, then tying your developers into name-your-CI/CD-toolchain and putting intense p
AI When? (Score:2)
Forget about replacing your factory workers with robots. When do we sack Boeing management and replace them with AI?
Management's job is to produce and maintain work procedures and processes for employees to follow. AI can be trained by back propagating errors to modify its rule base or neural net to improve performance and minimize future errors. If Boeing management doesn't recognize the events over the past months as valid training data for policy/process modifications, it needs to be unplugged and repla
Lessee (Score:4, Insightful)
Then to top it off, you make a godamned display that might save your pilots and passengers lives........... an option that you have to pay for.
This is an unstable and unsafe airframe - an airframe that would rather stall and crash than fly. It is surprising that the Boeing CEO is not in jail.
"Works per Design" (Score:3)
Re:"It was certified per our standards" (Score:5, Insightful)
"Our standards.."
He's saying that they followed the FAA's approved process to the letter. Boeing didn't just develop some certification standards in a vacuum, the FAA approved them. I'm sure they DID follow their process, or at least they think they can document that it was, as well as show that it was an FAA approved process.
But let's be honest here. He's trying to deflect the criminal negligence fall out from this situation. He's trying to protect Boeing, which as CEO it is his job. He's trying to shift some blame to the FAA... And again, being honest, there is enough blame to go around here. The legal question he faces is how MUCH blame (i.e. $$ paid out) is this going to be put on Boeing... My guess is they will end up with most of it, but you don't come out of the gate when facing such liability as Boeing is facing and admit it up front.
Re: (Score:2)
Re: (Score:2)
It's a new design with systems that have never been used in the field. If course working to FAA standards won't cover much about something that didn't exist before. Most of their regulations are based on crashes that already happened.
Re: (Score:2)
Re: (Score:2)
"Like this," sure. But I still call this a departure. These are so far from being the same plane that it's not even funny. If anything, I'm sure the FAA processes are much more specific than including procedures for entirely different adjustment methods - otherwise how could they certify a plane with a single sensor that's able to try to dive the plane with an undocumented feature? The fix is as telling as anything - the new update now uses both sensors and disables MCAS if there's a disagreement.
Re: (Score:2)
"...you don't come out of the gate when facing such liability as Boeing is facing and admit it up front..."
No, I suppose the modern CEO would never do that. If, though, it is correct that Boeing released an aircraft with a deadly single point of failure, and if it is correct that they knew this and thought they could patch it with pilot training, then Boeing is completely responsible for the resulting deaths. Wouldn't it be refreshing for a CEO or a corporation to take responsibility for something if it i
Re: (Score:2)
Boeing has had passenger killing issue before and survived. They will again. The question is what will their investors see? Personally, I think Boeing has seen about all the stock price hits they will see and it will be uphill from here.
Remember, their commercial aircraft business is only a small part of their business these days anyway.
Re: (Score:2)
Whichever way - that's just an admission that the actual standards the aircraft was built to were inadequate.
It's basically saying "It happened as intended" - they designed the aircraft in such a way that this kind of accident was possible, and knowingly so.
It doesn't absolve them of responsibility, if anything it drops them deeper in it.
And at this level of manufacturing, the FAA etc. just "certify" because they can't understand every in-and-out of such a complex machine, so often the manufacturer's are th
Re: (Score:2)