Reply to post: Re: Hey software, get the fuck out of the way!

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

Anonymous Coward
Anonymous Coward

Re: Hey software, get the fuck out of the way!

Your excellent writeup covers lots of important things but seems to miss one important fact re pitot tube icing: in the case of the loss of AF447 and all on board, there were pitot tube icing issues already identified and various remedial programs were in progress, but its importance hadn't been fully recognised, and combined with various other unrelated failures, it led to the loss of AF447 and all on board:

https://en.wikipedia.org/wiki/Air_France_Flight_447

Article includes links to the original definitive history, showing that the "must never happen" state of two identically failed pitot tubes outvoting the one good pitot tube had been a worryingly frequent occurence over a few years, but in general, some other part of the picture had prevented a "must never happen" failure becoming a disaster.

When all the failures and omissions line up together like holes in pieces of swiss cheese, well we know what happened on AF447.

General Swiss Cheese model overview below [1].

It's not rocket science (well, actually, maybe it is - see e.g. O rings and Feynman's addendum to the space shuttle inquiry report) e.g. via [2].

But when the regulatory authorities start accepting modifications to equipment and procedures without proper understanding of the implications, we all stand to lose.

[1] https://en.wikipedia.org/wiki/Swiss_cheese_model

"The Swiss cheese model of accident causation is a model used in risk analysis and risk management, including aviation safety, engineering, healthcare, emergency service organizations, and as the principle behind layered security, as used in computer security and defense in depth. It likens human systems to multiple slices of swiss cheese, stacked side by side, in which the risk of a threat becoming a reality is mitigated by the differing layers and types of defenses which are "layered" behind each other. Therefore, in theory, lapses and weaknesses in one defense do not allow a risk to materialize, since other defenses also exist, to prevent a single point of failure. [etc]"

[2] https://motherboard.vice.com/en_us/article/nz7byb/the-challenger-disasters-minority-report

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019