|
Can someone validate my thinking here, please? I’ve been watching this saga for a while and there is something that doesn’t seem to be said that really bothers me about this whole situation: the failure mode is negative, not neutral. Here is what I mean. An aircraft has a flight envelop that defines its flight characteristics. Not only does it define in how fast or slow or high it can operate, but how that operation changes if something changes in performance. For instance, engines under the wing and on the tail cause differences as power is gained or lost. Under the wing, an increase in power will push the nose up, and a loss in power will cause the nose to drop. This is the opposite of tail mounted engines. The whole point of training a pilot is make it instinctive to expect what the plane will do when things go wrong, ie. if you are in a tail engine plane and loose suddenly power, expect that you are moving closer to a stall. The plane will both be raising the nose and losing speed. Again, vice versa for wing mounted engine. There is also another important point. If the pilot kills/loses the engine, is a neutral failure: the flight envelope does not change. The engine is no longer providing thrust so the plane orients merely to a new position in its flight envelope. But, failure in the flight system for the Max does something totally different. The whole point of the MCAS flight computer is make the plane appear as though it has a different flight envelope. The computer automagically adjusts the flight services, notably by moving the trim. What really bothers me about the idea of using software to alter the flight characteristics is that any failure results in the plane not only falling back on a fight envelope that isn’t what the pilot trained on, but also to a point in the flight envelope that the pilot didn’t even choose (ie. trim being in some arbitrary position). Worse than that, an MCAS failure is negative. The very point of the computer system is “out guess” and compensate for the pilot’s expectations of his or her trained flight envelop; thus, if the computer believes it is operating correctly but is not, it is actively making an arbitrary flight envelope that could be constantly changing. The pilot must deduce the MCAS software is at fault while the MCAS software is deducing the pilot is at fault. Everything I have ever seen is that the whole point of airplane design and pilot training is to reduce flight problems to known solutions as to resolve the problem as quickly as possible. The very design of MCAS is failure must put the pilot into an unknown position and likely be actively combating the pilot’s understand of the situation. If this logic is correct, I cannot fathom how any of this is acceptable. |
This is the salient paragraph in this comment. It's ridiculous to blame pilots for figuring out recovery conditions when they can't be certain of the parameters in which they're operating.