Our anonymous blogger ponders the possible reasons behind Boeing's 737 MAX troubles and what this might mean for the future of civil aircraft design.
I feel it only fair to point out at the start that I am commenting on this matter from a position purely based on what has been reported in the mass media so far, undoubtedly there is still more yet to come to light.
As you are all no doubt aware there has been a crash involving a Boeing 737 Max, sadly with no survivors. This has been the second involving this type of aircraft within five months, both reportedly initiated by the same cause.
From what I've seen this a multi-layered problem, in fact most major accidents are caused by multiple failures but I wonder if this one strikes at the heart of the way civil aircraft are currently brought to market?
On the surface there is a simple cause and effect, a new anti-stall system on the aircraft is dependent on a sensor and this was giving false information leading to an ultimately fatal nose down attitude for the aircraft.
Look a little deeper though and, as I suspect all here at least will have immediately grasped, the first cause for concern is “why couldn't the pilot over-ride the system?” Apparently there was a set procedure for just such a situation as this but what it didn't do was permanently lock the anti-stall out. Therefore if the problem persists there is no way to stop it taking you into the ground.
I wonder if the system should have been purely a notification device, warning the pilot so that he or she could respond as appropriate
Take this a step further and you have to ask “if there is no way to permanently disable the system why was there only one sensor?”
When I worked on the design of an aircraft we had redundancy in every critical system. Cost and weight are ever more important with airliners but surely one more sensor, on something like this, should have been designed in? In fact I even wonder if the system should have been purely a notification device, warning the pilot so that he or she could respond as appropriate?
Look a little deeper still and you come to wonder why this system was needed in the first place? The Boeing 737 made its maiden flight in 1967 and has been subsequently developed through a number of upgrades on its way to becoming the most numerous jet airliner ever built.
In the push for greater efficiency the 737 Max has been re-engined but because of this there is now a danger of it pitching nose up in flight. A danger sufficiently worrying for the anti-stall system to have been introduced.
We have lived for a long time with airliners that need computer intervention to fly in their operational envelope and mainly this has been very safe. However there is, I would suggest, at least a partial precedent for this sort of failure in the loss of Air France flight 447. In that case its believed a pitot tube on the Airbus A330 became obstructed with ice, causing a cascade of events which ended with the loss of 228 people. A devastating accident that you would think is still actively referenced in the civil aviation world.
Boeing is full of very clever people and I seriously doubt any of them take the potential loss of life that may come from any of their decisions lightly. So how have we come to what, admittedly with hindsight, seems like an inherently dangerous situation built upon a number of questionable decisions: the extension of a design over 50 years old that introduces a known risk, trying to negate that risk with an automated system that directly affects the aircraft's flight without the ability to lock it out and the reliance on one sensor for input and enforced response.
Whether we have arrived here through hubris, misplaced confidence in technology or financial pressure; I cannot help but think it may be a watershed moment for aircraft design. A reminder too that as engineers we have a duty to maintain our professionalism and stand guard against any inappropriate dilution of standards.
April 1886: the Brunkebergs tunnel
First ever example of a ground source heat pump?