Reply to post: It's a bit more nuanced than that...

We're not looking for MH370 in the wrong place say investigators

Anonymous Coward
Anonymous Coward

It's a bit more nuanced than that...

(1) The engine throttling back on Turkish Airlines 1951 crash was indeed a malfunction but didn't directly override the pilots. Instead they neglected to disengage the commanded autothrottle and let it resume control, not noticing that the thrust levers moved back to idle when they took their hands off. Worryingly the exact same fault had occurred twice in the preceding eight landings without the pilots losing control but also without any apparent corrective action (like taking the plane out for repair). See https://en.wikipedia.org/wiki/Turkish_Airlines_Flight_1951#Investigation.

(2) Not squawking critical data - many airliners do, but it's an ACARS service the airline has to pay for. According to various airliners.net threads Malaysian didn't pay for it, so they only had the engine data (used by Rolls Royce for the power-by-the-hour leasing). There has been much discussion about mandating this service, at least in the big parts of the aviation world (USA, Europe). However that wouldn't have mattered because the radio transmitters were disabled just after the final contact - only the hourly Inmarsat satellite handshakes remained which being a low-level automated function would escape the notice of most attackers (if it was an attack rather than a chain of accidents). Generally pilots want to be able to switch anything and everything off if they need to, e.g. when trying to extinguish fires, so all transmitters have circuit breakers, etc. Pilots will point to the 787 fire at Heathrow caused by an EPIRB battery fault as an example for why this is overall a good thing.

(3) "No warning when the automatic oxygen system isn't activated" - presuming you're talking about Helios 522 crash, the warnings triggered as designed but because the horn sound used isn't unique it confused the flight crew into debugging the wrong problem; thereafter they suffered conceptual tunnel vision until they blacked out, never donning their oxygen masks. See https://en.wikipedia.org/wiki/Helios_Airways_Flight_522#Flight_and_crash

(4) Cockpit door locks - presuming you're talking about German Wings 9525, there is indeed an override for the crew to regain access, but it in turn can be overridden by someone in the cockpit (and it was) This design is a compromise between trying to keep hijackers out and trying to prevent accidental lock-outs (sole pilot collapses, etc). Many airlines require two crew in cockpit at all times, so when a pilot needs the toilet a flight attendant remains in place. This might have prevented Andreas Lubitz from crashing the plane, unless he was prepared to violently attack the attendant. The two crew rules was subsequently made mandatory for German planes.

There is an endless debate about the role of automation in aviation (one which we're beginning to see with self-driving cars too) - it works quite well enough to lull pilots into inattention (so much so that some airlines prevent the pilots from activating the whole flight plan at the start, to keep them periodically busy), and inevitably there are innumerable corner cases. In many modern disasters a critical factor appears to be failing to synthesise the information usefully for the operator, so a chain of alarms are triggered and under stress the operators start debugging minor symptoms - this may have been so in Turkish 1951, was in Air France 447, Helios 522, and notoriously Three Mile Island. It's a real and hard design problem - at what point does the system identify that it has no good automated response and how does it most usefully demand the human's decisions?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon