Re: MCAS =/= anti-death
You are correct, but a key cost cutting measure was to not classify MCAS as DAL A (failure is catastrophic) which meant:
1. Many thousands of manhours were saved in the process because DAL A designs can incur a paperwork overhead of about 5,000 hours before the first piece of code is ever written or the first schematic is drawn.
2. Lower standards of testing are required.
3. Lower standards of redundancy are required.
I have stated before that whether to classify a system or subsystem as safety critical (DAL A) is really not that difficult and in this case I cannot believe that the engineers(*) did not protest at MCAS not being so classified.
* This is not limited to Boeing; the actual computing elements were designed by a third party (the norm in avionics) who would have been given a specification of what it has to do (from Boeing who are the ultimate authority) and as soon as they saw something to the effect of 'can move / adjust the position of flying control surfaces' (the specifics are part of what is known as control laws) I have no doubt that there would have been questions. The paper (or documents and email) trail of those conversations would be very interesting reading indeed.