[danielvf]

By having each redundant flight computer hooked to completely different sensors, in case of a bad sensor the crew can bypass not only the sensor, but also any computation done with that sensor.

It's not a single point of failure as we think if it - if it starts acting up, you can easily disable the automatic stabilizer system, per the procedures. 737 stabilizer runaways take several seconds to take effect, and are recoverable afterword. Later you can switch flight computers and then be using clean data, though you are supposed to leave the stabilizer system off for the remainder of the flight.

[Animats]

Using only one sensor at a time, there's no "sensors disagree" fault to tell the pilot there's a problem. Or to tell the flight control system it shouldn't be taking drastic action based on that sensor.

Airbus uses three angle of attack sensors and compares them. They've had at least one crash when two sensors failed in a consistent way.[1] The vulnerability of aircraft flight control systems to bad AOA data is well known.

[1] https://news.aviation-safety.net/2010/09/17/report-blocked-a...

[kirykl]

There wasn't a "sensors disagree" alert in the Lion Air plane because they didn't have installed the optional AOA Disagree indicator.

As comparison, Southwest had the indicator but has now also installed an enhanced AOA Disagree indicator as a result of the Lion incident

https://theaircurrent.com/aviation-safety/southwest-airlines...

[Animats]

That's not a feature which should be a extra cost option.