
Boeing’s Homicides Will Give Way to Safety Reforms if Flyers Organize - mimixco
https://nader.org/2019/04/04/boeings-homicide-will-give-way-to-safety-reforms-if-flyers-organize/
======
stupidexecs
One thing I don't understand is why is no one is criminally charging Boeing's
C-levels. Hundreds of lives were lost thanks to their greed.

I say that because everyday at work I am fighting stupid deadlines and
ridiculous suggestions to skip QA, unit tests, and other processes to meet
those deadlines.

If we criminally charge executives when their products cause loss and deaths,
then I suspect they will start respecting processes and sane deadlines. Right
now, there are no consequences for them. The worst that can happen is their
stock options lose some value or they lose their job with multimillion dollar
golden parachute. All they have to do is wait a few months and then get
another job or start their own business.

------
jasode
I've been curious about some questions that I haven't seen discussed anywhere.
HN isn't probably the best place to ask them but since I'm not on any forums
where aerospace engineers hang out, I'll just ask here anyway:

\- Are physics computer simulations (e.g. aerodynamic flow[0]) realistic
enough that engineers could have _predicted_ the tendency for the nose to push
up into a stall with the forward-mounted bigger engines while still at the CAD
drawing stage? (Place some engines on the drawing with X amount of specified
thrust, move them forward on the wing, then run a simulation, etc.) Or is the
interaction of behavior so complex or so subtle that they had to _build the
real thing_ before realizing _" Oops, our internal test pilots just noticed
the plane is unstable and it looks like we need a software augmentation
system!"_

\- Could an unchanged 737-MAX flight simulator from last year reproduce the
conditions for the Lion Air and Ethopia crashes? In other words, could a pilot
used his/her _imagination_ and said, _" What if we make this AOA indicator
give a bad reading -- what happens with MCAS?"_. Similar to how a pilot can
choose to simulate a flamed-out engine, could one have chosen a stress-test
scenario with a broken AOA sensor? (The infamous deleted video from
MentourPilot showed his simulated struggles with turning the stabilizer trim
against 400mph aerodynamic loads but it's not clear if a broken AOA can be
simulated.)

Yes, the 737-MAX was ultimately a failure of _management and financial
pressure_ but I'm curious if Boeing even had the _technical debugging tools_
to predict this.

[0] examples:
[https://www.youtube.com/results?search_query=aerodynamics++s...](https://www.youtube.com/results?search_query=aerodynamics++simulation)

~~~
dsfyu404ed
>Are physics computer simulations (e.g. aerodynamic flow[0]) realistic enough
that engineers could have predicted the tendency for the nose to push up into
a stall with the forward-mounted bigger engines while still at the CAD drawing
stage? (Place some engines on the drawing with X amount of specified thrust,
move them forward on the wing, then run a simulation, etc.) Or is the
interaction of behavior so complex or so subtle that they had to build the
real thing before realizing "Oops, our internal test pilots just noticed the
plane is unstable and it looks like we need a software augmentation system!"

Yes. They knew full well that the MAX would do that in circumstances where a
normal 737 would not. There is nothing wrong with the MAX's performance
characteristics. The aircraft itself is perfectly safe to fly. What isn't safe
is the half baked MCAS system they used to deal with that edge case so they
could avoid having to retrain pilots.

~~~
simion314
>There is nothing wrong with the MAX's performance characteristics. The
aircraft itself is perfectly safe to fly

How do we know? because the FAA approval is not ensuring me that there are not
any other problematic systems where Beoing self approved the corner cuts they
made. IMO a full re-approval is needed with a trust worthy institution is
needed before you can claim that the airplane is "perfectly safe"

~~~
cmurf
FAR 25, perhaps specifically 25.171-25.181 related to stability but there are
separate sections on stall behavior, controllability, maneuverability,
performance, etc.

Those things must be demonstrated to get an airworthiness certificate under
that part. Is this FAR all encompassing of that which makes an airplane safe
or not? Because we have an airplane that was so certified, and yet we have two
crashes that directly contradict their safety (hence they're grounded).

I'm less concerned that these planes are somehow, without computers, not
complying with FAR 25. I'm more concerned that Boeing (and FAA) will accept a
software only fix, and continue to avoid a type certificate for this
derivative model aircraft, and thus avoid any additional training for pilots.
Basically, I expect Boeing will take the full hit, i.e. the software was
flawed and now it is fixed, so that airlines won't be dinged for any on-going
training requirement.

Thus far the market isn't significantly dinging Boeing's value. Today's price
is the same as it was in September of last year before either accident
happened. The market is effectively saying those accidents don't matter that
much, cost wise.

Unless more information comes out that suggests there was wrong doing by
either Boeing or the FAA. That could change the whole calculus.

~~~
simion314
I am not optimistic either, if the crashes happened in US then I am sure
things would have been different.

------
dsfyu404ed
Turn off MCAS. Train the pilots on the MAX like it's a new type. Problem
solved. This whole problem exists because Boeing tried to use software to
fudge how the plain handles in order to avoid expensive retraining. Bite the
bullet, train the pilots and the problem doesn't exist anymore.

This entire article comes across as though an old man has read something he
doesn't like in the newspaper and is suddenly an expert on it in order to
justify his outrage when in reality the situation is much more nuanced than
his understanding.

~~~
cameldrv
It's not that simple. I don't believe the unassisted aircraft meets the stick
force/stability requirements of FAR 25. Even if it were a completely new type,
it would need some sort of stability augmentation to be certifiable.

~~~
bilbo0s
Meeting FAR 25 is generally done by adding something like hydraulics, or
electric engines to assist in moving control surfaces. Both solutions capable
of working even in thte case of full engine and power shutdowns.

To put an automated system on top of your force assists just seems like asking
for trouble. In layman's terms, the more you pile on, the more that can go
wrong.

All that said, as a matter of full disclosure, I only know how to fly planes,
not really an aeronautical engineer.

~~~
cameldrv
There are lots of ways to meet the handling and stability requirements for
certification. You could just design the airframe to have the right stick
force profile, you could have old school mechanical/hydraulic augmentation
systems, you could have an electronic augmentation system like MCAS, or you
could do what Airbus does and simulate the forces and responses of a virtual
airplane, and then have the computer actually do the flying.

These all can be done in reasonable and safe ways. Boeing just didn't do it.

------
quantumwoke
Isn't the Boeing incident a symptom of poor engineering practices? Spaceships
by all accounts seem to have similar if not higher levels of computer-
controlled overrides to actually make the damn thing fly past Earth's
atmosphere. The difference of course being that spaceship software is
rigorously tested whereas Boeing was very lax in their implementation so they
could rush the plane out the door.

I don't see a problem with the idea of delegating aspects of flight to the
computer - just fix the software engineering practices that lead to this
tragedy. Please. :)

~~~
simion314
There is a more important issue that is ignored in many comments here, the FAA
supervision, what if are dozens of rushed system in this plane, how can you
trust that MCAS is the only system with faulty software or design?

~~~
bilbo0s
I think you've hit on the exact reason a lot of the flying public will be
sitting out most of the 737 MAX flights when they return to service.

------
_ph_
As much as I think that Boeing took the wrong decision when going for the MAX
instead of replacing the 737 from ground up and that the way the MCAS was
developed and put into operations was a big disaster, both from Boeing and the
FAA, as much do I disagree with that article.

First of all, while most public know evidence points at MCAS as the source for
the crashes, the accident investigations have not concluded yet. The article
doesn't even mention that. But, with all what we know so far, Boeing has good
reasons to significantly overwork the MCAS software and is doing so.

I am not an aviation expert, but from all I have heard about the 737 MAX (from
actual pilots), it looks like the airplane itself is not the issue, it was the
specific faults in the MCAS implementation and that the pilots were not
properly trained on the aircraft. Beyond fixing the obvious issues with the
MCAS implementation, the biggest item for bringing the 737 MAX back into
business needs to be pilot training. Training both how to fly the machine with
MCAS deactivated as well as dealing with the potential failure szenarios of
the MCAS system.

Of course, the whole certification process for the 737 MAX needs to be
reviewed to guarantee that the machine has the level of airworthyness one
would expect. This is probably the most time-consuming step on the way to
restoring its flight-status, but the most necessary one.

Assuming that the 737 MAX after a significant update to the MCAS system passes
a proper certification, in contrast to the article I would strongly argue for
it to return into service. As much as we know for now, the machine isn't
inherently unsafe to fly. But a cancellation could have drastic effects on air
travel safety. Boeing decided against a new design in 2011 because of time
constraints, and it is now 8 years later. A proper replacement for the 737 MAX
wouldn't be ready for many years, probably only at the end of the next decade.
If you are worried about safety, you certainly don't want Boeing to rush the
development of a new design. Also, there would be little alternatives for
replacement. Airbus could increase its output, but that also bears risk of
general safety. As does flying the machines, the 737 MAX was meant to replace
for more years.

So, unless other issues with the 737 MAX are found in review, it definitely
should be put back into business.

~~~
GiuseppaAcciaio
Taking your argument a bit farther: let's assume that indeed the only issue
present is a faulty MCAS implementation and that gets fixed. If the aircraft
comes with additional training and certification requirements for pilots
before it can be safely operated, then arguably it cannot be lumped into the
same type rating as the 737NG.

This would destroy the main selling point for Boeing (training pilots for a
different type rating is a massive expense and headache for airlines), and
would also mean that across the world there would be no pilots allowed to fly
the existing 737MAX.

The point about not cancelling the 737MAX because of the risk that the new
models developed would be rushed and unsafe due to Boeing rushing the
development of a new design is... not very plausible I'm afraid.

~~~
_ph_
You misunderstood me.

Yes, I think that at least more training/certification of the pilots for the
737 MAX is needed.

My argument was, that after fixing MCAS and proper recertifying the 737 MAX
there is no fundamental reason not to put it back into business. And that not
putting it back into business also carries some safety risks. I never claimed
that it should be put back into business because of that.

But Nader didn't present a fundamental reason why the machine would be unsafe
and completely ignored the consequences of permanentely grounding the 737 MAX.

------
PaulHoule
The story that isn't being told is that smaller companies such as Bombardier
and Embraer have made the investments in "clean sheet" small airliners that
are much better than the 737 in every way.

Boeing has used it's market power to keep these away from passenger and
airlines.

So it's not just a matter of people getting killed. It's people getting killed
so you can pay more for airline tickets, have less room and comfort when you
fly, have less frequent flights, hear more noise from airplanes, and
experience more global warming.

As for global warming note also that the 737 has terrible takeoff performance,
even under favorable conditions it has twice the takeoff distance of some much
larger airliners. Every hot summer you will hear that "airplanes are grounded
because of the heat, but really "737s are grounded because of the heat"
because the 737 can barely take off as it is.

This is what secular stagnation looks like. It is undercompetition and
underinvestment, just like we see with wireline internet service in the US.
Don't let neoliberals fool you with the "there is no alternative" line because
there is.

~~~
sandworm101
Bad takeoff performance does not mean a bad airframe. Takeoff performance and
things like global warming (fuel efficiency) are often inversely related. No
aircraft is perfect at all things. The big wings needed for shorter takeoff
during a Nevada summer can mean more drag at altitude. Boeing builds for
average customer conditions, not just the special case that is Vegas.
(Altitude+heat+dry air = low air density = need bigger wings, bigger engines,
and/or longer takeoff roll.)*

*There is probably some room here for a joke about how people leave Vegas heavier than they were when they landed.

~~~
PaulHoule
The A220 is highly fuel efficient and it is the only current mainstream
airliner that can land at London City airport.

737 SUX and that is it.

------
usermac
Read it and agree. I also want to ask if this model is on my flight. Do not
want.

------
ansible
That position in the linked article is a bit extreme.

The situation can be easily and safely fixed in software, but it will cost a
lot of money.

The MCAS system needs to step back to being an advisory-only system, just
warning the pilots if it thinks a stall is immanent (and validate sensor
inputs too). Then we will need to have extensive pilot training to deal with
the different flight characteristics in the 737 MAX.

This means a new type rating, which costs time and money... which the MCAS
system was created to avoid.

But yeah, the system as-is shouldn't be allowed to continue.

~~~
michelpp
> The MCAS system needs to step back to being an advisory-only system, just
> warning the pilots if it thinks a stall is immanent (and validate sensor
> inputs too). Then we will need to have extensive pilot training to deal with
> the different flight characteristics in the 737 MAX.

There is already a stall warning alarm on all modern planes and have been for
decades.

I've only flown Cessnas (which all have stall warning horns), but from what
I've read the intention of the MCAS is to reproduce the "stick feel" of an
older 737 at high angles of attack and high thrust.

The MAX is not "fly-by-wire" it has mechanical cable linkages from the stick
to the control surfaces, forces are transmitted in both directions which the
pilot can literally feel as resistance to control inputs. Boeing inadvertently
changed the _feeling_ of the airplane's response to the pilot. An older 737
would present much more resistance to pulling the plane harder into a stall,
the MAX has less resistance. MCAS was intended to provide artificial
resistance.

~~~
ansible
> _There is already a stall warning alarm on all modern planes and have been
> for decades._

Yes, which _by intentional design_ doesn't cover every situation you would
encounter with the 737 MAX... because they wanted to make it more similar to
the 737 NG. Which, I think we can agree, was a mistake.

------
mimixco
The key takeaway here is that _the public_ will decide if they want the 737
Max or not. Boeing may have to shift to promoting Embraer designs (which they
now own) while it develops a new small aircraft the public can trust, if such
thing is even necessary.

Public confidence in the DC-10 was destroyed after it had a series of related
and back-to-back accidents. The plane was relegated to cargo status and
Douglas never recovered financially, eventually selling to Boeing.

~~~
dingaling
> The plane was relegated to cargo status

No, it went back into passenger service and received further orders. American
Airlines removed the "DC-10" sticker from the nose and carried on.

I flew on the last commercial passenger service of a DC-10 in 2014.

------
JSON77
you might want to read @GregTravis' article on the IEEE or here:
[https://www.eetimes.com/document.asp?doc_id=1334482](https://www.eetimes.com/document.asp?doc_id=1334482)
which is also on HN. The IEEE is one of the most in depth pieces that I've
read on the subject, and this comment by Boeing in this Quartz article:
[https://qz.com/1603726/boeing-says-there-was-no-technical-
sl...](https://qz.com/1603726/boeing-says-there-was-no-technical-slip-or-gap-
in-the-737-max/) just leaves a lot to be desired.

------
flyinglizard
“The overriding problem is the basic unstable design of the 737 Max. _An
aircraft has to be stall proof_ not stall prone.“

Say what?

~~~
JshWright
The MAX has flight envelopes that are inherently unstable. The plan can get
into a state where the aerodynamics of the plane make a stall worse, not
better.

For instance, the fact that the center of thrust is further forward (compared
to other 737s) means that the plane pitches up when you give it more throttle.
The default response to a stall is to increase the power, which pitches the
nose up, which raises the angle of attack, which makes the stall worse. This
inherent instability is why the MCAS was added to the MAX.

~~~
flyinglizard
Not a pilot, but I thought stall recovery is done through nose down first.
Turbine engines take some time to respond to throttle up command and thrust on
a loaded commercial plane is limited anyhow.

An airframe is supposed to have a nose down tendencies upon stalling, which
would make it recoverable.

The Max may be more prone to stalling, but no one in their right mind would
design a commercial airliner which can’t be recovered from stall.

~~~
JshWright
> I thought stall recovery is done through nose down first

Exactly, which is why the nose-up tendency of the MAX is an issue.

~~~
dsfyu404ed
Except it's not because you don't sit around waiting for the engines to spool
going "oh deer, we're still stalling, if this continues I'll have to push the
nose down". You nose down and power up in quick succession. This is basically
muscle memory that every pilot has going back to their first day in a 172. And
as the person you're replying to mentioned, nose down is the first thing. You
don't put the throttle all the way forward until after you've put the nose
down.

The issue here is MCAS. If they just trained the pilots on the handling
characteristics of the MAX the increased stall tendency compared to a normal
737 would be a non-issue and they wouldn't need MCAS as the handling is still
within the bounds of "perfectly reasonable".

~~~
JshWright
I'm not suggesting that dropping the nose isn't the first action to be taken.
My point that increasing the thrust (which is going to try to pitch the nose
up) is part of the standard response to a stall (particularly at lower
altitudes).

~~~
dsfyu404ed
Of course but if you're recovering from a stall you're going to be very aware
of where the aircraft is pointing. You're not going to let the aircraft pitch
itself up on you if you're in the middle of telling it to nose down. The
danger with pitching up is that the pilot and copilot might be absorbed in
some other tasks during a climb and not notice it leading to a stall. That's
not really a big of a risk in grand scheme of things but it's still a risk and
that kind of maneuvering gets customers complaining. The solution was using
MCAS to detect the conditions prior to that kind of stall and deal with it.

------
aglionby
The author tells a familiar story of how we got here, but I think misses
nuance on what the problem is. It's not the fact that software is used: it
works fine normally, but the failure modes were insufficiently considered.

> An aircraft has to be stall proof not stall prone.

The F-117 begs to disagree.

~~~
JshWright
Most combat jets "disagree". Most combat jets also have ejection seats for all
occupants...

~~~
aglionby
It's not completely fair of me to compare civil jets to combat ones, but in
any case I'd argue that ejection seats are perhaps more useful for the other
scenarios combat planes find themselves in.

~~~
JshWright
Most ejections take place due to loss of control, not combat.

------
jayonsoftware
How long before we see "Is my flight a 737 Max " app

~~~
vernie
Kayak added a filter for it last month.

------
nutcracker46
Best of luck creating that stall-proof airliner...

------
exabrial
This looks like an attempt to get free press.

~~~
rcchen
There's a bit of a nuance here - his grandniece was killed in the Ethiopian
737 accident [1] so it's personal at some level for him.

[1]: [https://www.npr.org/2019/04/04/709999296/ralph-nader-
calls-f...](https://www.npr.org/2019/04/04/709999296/ralph-nader-calls-for-
recall-of-boeing-737-max-jets-after-his-grandniece-was-kil)

~~~
exabrial
Mmm... didn't know that. I understand _why_ now, but, "never letting the 737
max fly again" is a purely emotional decision that helps no-one. They didn't
tear down a 45 story building after the Hyatt Regency walkway collapse, as
example.

HN is showing a trend of purely blaming Boeing, but there were in fact several
failures. Any one of: pilot training [There's a runaway stabilizer trim
procedure that's actually a memory item for 737 pilots], not allowing single
sensor inputs for flight control systems [FAA spec failure], the decision to
allow the MCAS system to command an extreme amount of trim [engineering
failure, should have been limited to a sane value] could have prevented the
accidents.

------
whenchamenia
This windbag proclaimed the swingarm to be unsafe at any speed, but having won
plenty of local races with an old beetle, and autocrossed some corvairs, this
guy is out to lunch.

Sure, the sensor needs a redesign and some automation decisions were hot
garbage, but 'never fly again' is just FUD.

~~~
simion314
>Sure, the sensor needs a redesign and some automation decisions were hot
garbage, but 'never fly again' is just FUD.

Are you sure that only that except that MCAS all the other systems are fine
and Boeing didn't cheap out on other systems, redesigned other things, other
small updates etc? IMO the plane needs to be re-approved, this time for real.

~~~
_ph_
Yes, for sure the whole approval process for the plane needs to be reviewed
and repeated where necessary. But if it passed, it should fly again by all
means.

