Worth noting in Dutch news that the safety board chairman confirms US pressure, but denies that they altered the report or that the report downplays the tech faults in the first place [0].
"When the truth offends, we lie and lie until we can no longer remember it is even there, but it is still there. Every lie we tell incurs a debt to the truth. Sooner or later, that debt is paid."
From Carlyle's French Revolution: "No lie you can speak or act but it will come, after longer or shorter circulation, like a Bill drawn on Nature's Reality, and be presented there for payment, with the answer, No effects. Pity only that it often had so long a circulation: that the original forger were so seldom he who bore the final smart of it! Lies, and the burden of evil they bring, are passed on; shifted from back to back, and from rank to rank; and so land ultimately on the dumb lowest rank, who with spade and mattock, with sore heart and empty wallet, daily come in contact with reality, and can pass the cheat no further".
In an unsurprising twist, the Chernobyl TV series had enough distortions and "artistic licenses" for the sake of creating a compelling drama for audiences, that indeed it seemed "the truth offended them".
I guess there are people who really believe that reality is malleable and if you say something often enough it becomes "true", as O'Brien explains in 1984:
"I tell you, Winston, that reality is not external. Reality exists in the human mind, and nowhere else. Not in the individual mind, which can make mistakes, and in any case soon perishes: only in the mind of the Party, which is collective and immortal. Whatever the Party holds to be the truth, is truth."
"Even a fix now proposed for the Max has similarities with the past: After the crash near Amsterdam, the F.A.A. required airlines to install a software update for the NG that compared data from the plane’s two sensors, rather than relying on just one. The software change Boeing has developed for the Max also compares data from two sensors.
Critically, in the case of the NG, Boeing had already developed the software fix well before the Turkish Airlines crash, including it on new planes starting in 2006 and offering it as an optional update on hundreds of other aircraft. But for some older jets, including the one that crashed near Amsterdam, the update wouldn’t work, and Boeing did not develop a compatible version until after the accident."
I don't know anything at all about aviation, but if redundancy of sensors is so crucial to these systems then why don't they have like 10 of them on there just in case? Are they particularly expensive? Do they need to be in certain locations on the plane to work properly?
I'm obviously thinking about this from a software point of view where redundancy is cheap but I am curious if it's just greedy cost cutting or if there are legitimate reasons for this stuff.
Because that would add several million dollars to the airplane's price. An angle of attack sensor (the sensor MCAS relies on) for a small, twin-engine private jet can cost nearly $50,000. The ones in the MAX cost a lot more.
Even if cost wasn't an issue, space and weight are. There are just so much stuff you can tackle on the fuselage or inside the engine cowling before it starts affecting the airplanes ability to fly.
Well, it is more expensive to have more than one. New fly by wire aircraft usually have 3 separate systems (sensors, computers and so on) voting to know which part fails and continue on working, or if everything fails do it to a safe-state. The protections are gone but you can fly the plane with direct inputs.
Compare this to the ancient 737 where instead of the airplane detecting errors the pilots are supposed to do it by cross checking two flight computers. Thus we see now after the crashes Boeing forced to implement cross checking in a system not designed for it because things reliant on a single sensor has ended up being classified as safety critical.
Flight material quality assurance is very expensive. It's not necessarily that the part itself is wildly expensive to manufacture, but the testing and traceability all need to done and maintained. It's adds quite a bit to the overall price tag.
In other words, you can't just order from a catalog and install it. You need to order from a vetted supplier, who maintains testing and documentation, and can prove that it meets spec and also that all the materials used to make it meet spec. Then it has to be installed by a certified A&P mechanic etc. There's a long chain of events for something that seems relatively simple, but that's also why airlines are about the closest thing to a truly six-sigma organization.
It's really easy to pile on and see every single 737 crash from the past as somehow related to the MAX crashes now.
There are actually very few similarities between this crash and the MAX crashes. The failure was in one part of a highly redundant system with additional warning systems. The pilots failed to correctly react to the failure and failed to do basic airmanship like monitor their speed until it was too late.
Whereas the MAX failures may well have required well-above-average piloting skills and instincts to successfully recover from, this one simply required basic competence and attention.
I don't believe the concept of "blame" has any place in air accident investigation. Pilots should be able to report their mistakes without fear of prosecution or internet mobs, and investigations should be able to highlight errors on the part of pilots where they exist without the same kind of fears.
This is not an automatic system relying on a single sensor, as MCAS was. An airliner in flight is a complex system of which the two pilots are a very significant part. There were multiple failures here, and the technical failure was not particularly unusual. What was quite unusual was a failure of basic airmanship on the part of the pilots. A good investigation would (and did) look at how that situation came about so that training or human-machine interface can be improved to prevent it happening again. It's not about blaming, it's about understanding.
You can take the word 'blame' out of it, but an investigation still has to find the causes of an accident, and if it involved an action, inaction or delayed action by a pilot, the inquiry should consider whether most pilots would have done the same. There are equivalent issues for the equipment.
The issue here is not anything technical, but Boeing's alleged pressure on the inquiry. I say alleged, because Boeing should be allowed to, and in fact should be expected to provide a fact-based analysis of the accident. It is ultimately for the investigators and regulators to decide if it is being tendentious and/or manipulative.
Yes, causes (emphasis on the plural). I really don't see evidence of pressure, and apparently neither did the Dutch investigators.
The "whether most pilots would have done the same" is probably where I see the biggest differences between this and the MCAS incidents. Every student pilot knows to monitor their speed, especially in a low-energy situation like approach and landing. Very few student pilots could successfully have recovered from the trim upsets caused by MCAS.
That sounds interesting, but I still blame Boeing, liability is about blame and Boeing has been bending over backwards to blame pilots for its own technical failures.
Air travel has made absolutely enormous strides in safety mostly because of rational investigations that don't focus on one party but try to understand all the factors that lead to an incident. The irrational, emotional response to the MAX incidents is eroding that.
Boeing and the FAA definitely have significant issues in culture and oversight. They should be resolved so that Boeing can continue to build safe aircraft and the FAA can effectively oversee the US aviation industry.
At the same time, not every pilot in every flight deck is the same. Some are more capable than others. Some have been trained better than others. Some come from a culture where the "power gradient" between captain and first officer is hard to overcome in order to provide effective CRM. Some come from a culture where they're afraid they'll lose their job if they accurately report incidents. All of these things, and more, are factors in air safety.
Focusing on one factor or one company really doesn't help.
Agree willingness to own up and discuss errors is critical to long term airline safety.
However you only seem to be applying this to pilots and not to Boeing!
Isn't the issue with the MAX, and potentially now earlier episodes, that for perhaps perfectly understandable commercial reasons, Boeing and even the FAA haven't been upfront and honest about engineering issues and how to improve stuff - ie they have been guilty of playing the blame game - on to pilots - who are often conveniently dead.
I think I've been quite clear that I see significant issues within Boeing and the FAA and that they should be resolved.
If you ignore the shrill media and look at the actual investigative work going on, I don't think anybody is seriously suggesting that the pilots were the sole cause of the MAX issues, and certainly nobody is "blaming" them.
At the same time, I don't know anyone working in aviation who thinks it's 100% a coincidence that the first crashes happened with those two airlines. There are always multiple factors in play.
My personal view on it is: the MAX was a flawed design due to the expectations it placed on pilot training, competency and in particular, instinct in a surprising situation. That's it. The aircraft was still capable of flying if the pilots reacted correctly to the failure, and the reaction was one that they were in theory trained for, but it's not reasonable to expect an average pilot to be able to do that instinctively in the time available.
Talking about "cost-cutting" or whether a certain engineering decision was made to save money is irrelevant, because engineers make trade-offs every day - that's an important part of their job - and every single aircraft flying (yes, including Airbus!) has a design that involves trade-offs, even in safety-related things. For reasons that are now being explored, Boeing's engineers made faulty assumptions when evaluating those trade-offs, probably augmented by pressure to avoid mandated additional training of pilots, and the regulatory oversight didn't catch it, or didn't want to due to being in a too-close relationship with Boeing. Those are the problems that need to be solved on the aircraft side.
I'm sure that given enough time you would have seen MAX crashes from other airlines, but it's no surprise to me that the first crashes (and, in an alternate reality where the MAX continued to fly, likely the majority of the crashes) were with airlines that are well-known in the industry to have lower standards of hiring, training and maintenance. Digging into that might well find some problems that need to be solved on the human side.
Not now the facts have come out, but originally - how about:
Congressman Sam Graves:
"In May, Graves insisted that “facts in the preliminary report reveal pilot error as a factor”. He went on to claim that “pilots trained in the US would have successfully been able to control this situation”.
> At the same time, I don't know anyone working in aviation who thinks it's 100% a coincidence that the first crashes happened with those two airlines.
And here you are effectively repeating that.....
You basic premise is ridiculous. The idea that because some airlines/pilots aren't as good as others, then it absolves Boeing.
Boeing should not be selling a plane into a market that don't cover markets natural variant in pilots and airlines. That's like selling a car only F1 drivers can safely drive to the general public ( and crucially without telling them it's really F1 driver only... ) and claiming it's perfectly safe despite lots of crashes because Lewis Hamilton doesn't have a problem with it.
You could also argue the second crash happened because of the blaming of the airline/crew on the first crash.
Sure there are other factors - it's a question of how many times do you have to roll the dice before you get a crash - clearly far too few in this planes case - and that is entirely Boeing's fault.
I'm not claiming that anything absolves Boeing, and I can't see how any of my words can be interpreted in that way. I encourage you to read what I'm actually writing rather than imagine what I'm thinking.
There are serious issues to be resolved by Boeing and the FAA. There are issues to be resolved around airline company culture. There are issues to be resolved around pilot training and other human factors.
This "entirely Boeing's fault" stuff just encourages a blinkered view of the situation and is exactly the absolutism I was referring to in my grandparent post.
This absolutism is encouraged by the media (just look at that BBC headline: "Battle over blame") and is thankfully absent from the actual investigative work.
While I have no idea why hot air from a congressman is relevant here, the first quote from Graves is accurate. Pilot error was identified as a factor in the preliminary report, and every subsequent report has also identified it as a factor. Obviously there are far more important factors, but it's still a factor, and every factor should be considered and possibly acted upon. As I mentioned in a grandparent comment, the multi-factor approach to accident investigation is one of the reasons air travel is so safe today.
The second quote is pretty much impossible for him to back up and should probably be treated as the usual political noise -- he is, after all, a congressman.
> Sure there are other factors - it's a question of how many times do you have to roll the dice before you get a crash - clearly far too few in this planes case - and that is entirely Boeing's fault.
You said:
>This "entirely Boeing's fault" stuff just encourages a blinkered view of the situation and is exactly the absolutism
You haven't understood what I wrote.
Let's say there is a dice - that represents the chances of a combination of different factors occurring ( weather, pilot experience, plane maintenance, chance of debris hitting sensor, cosmic ray hitting computer - whatever )
What numbers that dice rolls is entirelyout of Boeing's control.
However what is entirelyin it's control is what happens when particular combinations, represented by the numbers, come up.
So if there is a plane that crashes only when you roll a six, and a plane that crashes when you roll a five or a six, clearly the second plane is 100% worse and yes the individual crash depends on what the dice rolled - but the relative safety of the plane doesn't!!!
>Boeing should not be selling a plane into a market that don't cover markets natural variant in pilots and airlines. That's like selling a car only F1 drivers can safely drive to the general public ( and crucially without telling them it's really F1 driver only... )
This reminds me of that fatal crash with "Fast and Furious" star Paul Walker: the Porsche he was driving really wasn't fit for the road, and was only safely driveable by a race car driver. It was too powerful and the center of mass was too far to the rear (thanks to Porsche's idiotic rear engine placement), giving it a strong tendency to fishtail and lose control.
>the MAX was a flawed design due to the expectations it placed on pilot training, competency and in particular, instinct in a surprising situation. That's it.
As you eluded to earlier, there are usually multiple causes. One that the above statement seems to overlook is the poor application and adherence to the system safety analysis. According to their own process, even though they misclassified the failure they should not have relied on a single sensor.[1] It seems to me there's engineering, process, and human factor causes involved.
> I don't know anyone working in aviation who thinks it's 100% a coincidence that the first crashes happened with those two airlines.
Sorry, I'm not as up to speed on this fiasco as I should be. Which two airlines did the first crashes occur with? And is the implication that they are subpar airlines?
I understand there are many factors at play here and Boeing is mostly responsible but I'm just curious about this.
The first was Lion Air. I know of several multinationals in Asia that ban employee travel on Lion Air and its subsidiaries. They've recently been caught attempting to bribe transport safety officials, with the knowledge of senior management at Lion; a number of their pilots and other crew have been caught using crystal meth; and they were formerly banned from EU airspace (the ban was lifted a few years ago).
Indicative of their company culture is that on the MAX accident flight, there was a maintenance engineer in the jump seat observing in an attempt to diagnose the AoA issue which had also occurred on the previous flight of the same aircraft. On the previous flight, the specific combination of factors to cause the trim runaway didn't occur. This aircraft should have been grounded while the issue was resolved, and instead was taken for a test flight with unwitting passengers on board.
The second was Ethiopian, who are growing rapidly and thus hiring rapidly. The first officer of the accident flight had flown an aircraft (any aircraft) for a total of 350 hours.
FAA wrote to Ethiopian in 2016 decertifying them, with 60 findings identifying a systemic failure of the entire quality management and training management systems. They were recertified in 2017 but there have been whistleblower reports that nothing significant changed, with politically-oriented decisions, nepotism, unsafe practices, task cards being signed off without executing the required maintenance actions, etc. EASA still doesn't consider the issues resolved. Look up Yonas Yohannes Yeshanew, who used to be Director of Aircraft Engineering there.
> At the same time, I don't know anyone working in aviation who thinks it's 100% a coincidence that the first crashes happened with those two airlines. There are always multiple factors in play.
I don't know much about Lion Air, but Ethiopian is considered a good airline. IT actually does a lot of training and maintenance for several major airlines in Africa. Their crews tend to be young, but that is because they are rapidly growing.
Until planes are fully automated, which I don't think will happen anytime soon, pilots are going to be part of every accident. To improve the safety of flying, pilot actions should be considered after every accident and if there are improvements to be made, they should be made. We cant shy away from "blaming" the pilots (which we are not blaming them as much as highlighting issues) because thats not nice, we should identify issues and make sure they are worked on in training or procedures.
Even with the higher levels of automation, the pilots are literally there to monitor the automation and intervene when it does something wrong. The 737 tells you when it will stall in on the speed tape on the PFD, auditory and through the feel of the stick shaker.
The fact remains that this crash was 99% pilot error. The A/T displaying "RETARD" for something like 60 seconds and the airspeed got down to something stupid like 80 knots (airspeed is prominently displayed in at least 3 places right in front of both pilot's faces) so it was pretty obvious that the auto approach was not correctly configured, but what did the pilots do? Nothing. They just sat there gormlessly for over a minute, oblivious to dozens of warning signs right in front of them. No pilot should rely on the radio altimeter so much that they literally fall out of the sky when it fails.
Every single Boeing plane has two buttons called "autopilot disconnect" and "autothrottle disconnect", and when you press them, then you can fly the plane and it will do exactly what you tell it to do. I mean fly the plane, i.e. left hand on yoke, right hand on throttle, feet on pedals. If those systems fail, then yes, blame the manufacturer. But those systems basically never fail.
Human beings are very bad at diagnosing failures in complex systems when under intense pressure. Perception and cognition can be significantly affected and even normally highly competent and trained individuals can make poor decisions at times of high stress.
I’m not qualified to judge how much of this was down to pilot error, but the risk is ascribing it purely to this and moving on takes away emphasis from redesigning the system to give the flawed human beings piloting the plane the best chance of making the right decision next time.
When landing there is a lot going on. I don't know how airliners do it but at those airspeeds and especially when landing an audio readout of airspeed for every 10 knots dropped would be very useful.
Boeing planes do have some features like that, one is called GPWS ("Ground Proximity Warning System") and it yells things like "Sink Rate, Pull Up"! and then it makes obnoxious "Whoop! Whoop!" noises. There's also the "stick shaker" which literally starts violently vibrating the stick (which is basically in between your legs so it's impossible not to notice) and also makes a lot of noise. But I don't believe any amount of aural warnings will help a pilot who has decided to leave the autopilot on below 1000 feet when it's perfectly obvious the plane isn't correctly configured at all.
Hmmm. The only thing I wonder is whether there may be a fundamental architectural issue with their approach to "Flight Computer in command".
From my understanding, every 737 has two flight computers, but only one is in command at a time (I.e. generating commands to drive things like A/P, A/T). If other hardware in the plane is connection-wise split between the two computers, you will end up in situations where the two computers fundamentally disagree on what reality is.
The only backup in that case is good airmanship to know that you are in an anomalous condition, diagnose whether you have a set of gauges that you can rely on, and finally, what to do about it. ATC could have been utilized to cross-check instruments.
This is honestly non-trivial machine operation 101. Your sensors can be wrong.
A resolution I might suggest moving forward is an MFD function that allows pilots to manually remap avionics data sources in flight. Structure it as a Source->Sink system. Then again, I'm reluctant to drop that type of burden on them as it sounds quite similar to the structure of certain other software of I'll-repute; however, it would provide a remediatory mechanism a Pilot could utilize in flight.
Though it doesn't help at all if everything is hosed. That's what A/T A/P disconnect and stick and rudder skills are for though.
Overall, it does strike me as possibly being same in type in terms of manufacturer philosophy playing a part; but in this case there was enough done wrong by the pilotsthat it doesn't necessarily seem like a worthwhile hill to die on to go after Boeing for it.
Interesting there was explicit pressure against doing so though. That raises questions, but sufficient time has gone by that likely most documentation to be investigated is long gone.
It's bad to rely on national champions like Boeing. Like Blackberry and Nokia, their pride leads to their eventual fall, taking out thousands of jobs with them when an upstart from outside (Apple) surges ahead. Better to have multiple smaller active competitors.
sure it was an hardware fault that started the event, but now blaming the whole thing on a system that has a warning system, duplicate readings to check faults and bypasses to work around the issue is deeply misguided and ignores simple facts about how safety is attained in aircrafts: trough redundancy and training.
this is completely different from the mcas where the default configuration lacked redundancy, the pilot lacked training and the bypass procedure ineffective unless executed at low speed and high altitude before the dive would lock the trims
no, it's not relevant unless you can substantiate how the cost cutting was related to the crash and it'd be an hard case to make, since the faulty system were redundant and the warning themselves were redundant with lights, audibles and whatnot. the hardware did all it could to get the pilot to go around and reassess the situation.
[0]: https://nos.nl/artikel/2319562-van-vollenhoven-vaker-druk-ui...