[throwaway201103]

Problems are easy to see in retrospect. You could have made similar arguments after every air crash that was caused by a design flaw.

These problems are found, fixed, lessons learned, new rules enacted, and we move on.

[salawat]

No, no they weren't.

The problems we have is an organization tasked with transporting millions over the timespan of a year at speeds approaching Mach 1 ended up in tge position whereby financial growth outpaced it's primary reason for existence. To manufacture and support the distribution, operation, and uptake of safe passenger airplanes.

Until you get rid of that modus operandi from the upper management, you'll not see a significant culture change.

[Gibbon1]

One thing I noticed about VW, their management culture changed a bit after the German government tossed a couple of managers in prison.

I think the key thing is a fine is always just another line on the spreadsheet.

[caconym_]

> You could have made similar arguments after every air crash that was caused by a design flaw.

I'm not really convinced this is true. For instance, in the classic case of de Havilland Comets brought down by square windows, I think it was an honest mistake that happened because pressurized cabins were new-ish tech. They worked to understand the problem and fixed the design. Nobody was trying to cut corners AFAIK (no pun intended).

I guess we could make another category where an iffy design is made to fail by corner-cutting on the part of the airlines, as in the MD-80 pitch trim jackscrew issues.

The MAX is a case of the actual aircraft manufacturer explicitly compromising the design of a safety feature because they knew it would help them sell more planes (due to avoiding training/recertification requirements). IIRC, the investigation revealed a consistent pattern of negligence and outright malfeasance on Boeing's part to this effect. I wouldn't say this kind of thing has never happened before, but off the top of my head I have to assume it's pretty rare.

[WalterBright]

> The MAX is a case of the actual aircraft manufacturer explicitly compromising the design of a safety feature because they knew it would help them sell more planes

The error was not in the concept of the MAX nor the concept of the MCAS. The problem was twofold:

1. MCAS should have used inputs from both AOA sensors, rather than just one. MCAS had too much authority over the travel, and it should have deactivated itself if the pilots repeatedly countermanded it.

2. The pilots were not trained properly in emergency procedures with the stab trim. Boeing put out an Emergency Airworthiness Directive after the first crash with explicit instructions on how to deal with it, but the EA pilots did not follow those instructions.

https://theaircurrent.com/wp-content/uploads/2018/11/B737-MA...

[eganist]

> The error was not in the concept of the MAX nor the concept of the MCAS.

The reason MCAS was introduced in the first place was because the platform that Boeing chose to extend (to avoid recertification requirements) was unstable as a result of the introduction of CFM's new LEAP engines.

They insisted on correcting an emergent hardware defect with software in order to reuse an old platform to compete against a surprise threat from Airbus rather than design an inherently safe, novel platform.

All to save time and money getting to production.

I.e. all for profit.

As for the emergency procedures Boeing drafted after Lion Air, they apparently were attempted: https://www.seattletimes.com/business/boeing-aerospace/boein... — and more recently https://www.theguardian.com/world/2019/apr/04/ethiopian-airl...

[WalterBright]

> was unstable

No, it was not unstable. It just behaved differently enough that some additional pilot training would have been needed without MCAS.

> rather than design an inherently safe

All jetliners are unstable and require active augmentation.

> they apparently were attempted

No, they were not. The procedure is:

1. trim to normal with the electric trim switches

2. turn off the stab trim switches.

That's it.

https://theaircurrent.com/wp-content/uploads/2018/11/B737-MA...

The LA crew never turned off the trim after trimming to normal. The EA made a different mistake - turning off the trim when it was too far from neutral.

Neither the Seattle Times nor The Guardian are reliable sources on aviation. Aviation Week is a lot better. The Times author apparently did not read the EAD he cited. I'll quote from it the relevant bit:

https://theaircurrent.com/wp-content/uploads/2018/11/B737-MA...

"Initially, higher control forces may be needed to overcome any stabilizer nose down trim already applied. Electric stabilizer trim can be used to neutralize control column pitch forces before moving the STAB TRIM CUTOUT switches to CUTOUT. Manual stabilizer trim can be used before and after the STAB TRIM CUTOUT switches are moved to CUTOUT."

Note that the flight data recorder showed that both crews had moved the trim back to normal with the trim switches, and neither thought to then turn it off.

[eganist]

> No, it was not unstable. It just behaved differently enough that some additional pilot training would have been needed without MCAS.

Quoting Boeing with my own emphasis:

> MCAS, or Maneuvering Characteristics Augmentation System, is a flight control law implemented on the newer models of the 737 to provide consistent airplane handling characteristics at elevated Angles of Attack in certain unusual flight conditions only.

Which, to be clear, means it's intended to stabilize the plane ("consistent") in circumstances where the physical design of the plane would render the plane unstable (inconsistent) in certain operating environments.

> The EA made a different mistake - turning off the trim when it was too far from neutral.

Do you have a specific citation for this? I'm digging through the ECAA report and am not able to find this specific mention. https://web.archive.org/web/20200310004955/http://www.aib.go... (original site is timing out)

---

It seems you're generally suggesting that the instructions provided by Boeing were sufficient for the plane to remain airworthy without further mitigation; this was contradicted by the ECAA and others. Is this what you're suggesting?

[WalterBright]

> stabilize the plane

Stability has a different meaning when applied to aerodynamic characteristics than they way you mean it (i.e. consistency). Stability in aerodynamics means if you push something off-center, it will return to center. Unstable means it will go further off-center.

Unstable is like balancing a pencil on its point. The slightest perturbation will cause it to fall over.

> Do you have a specific citation for this?

Aviation Week 19-Sep-2019

" The MCAS activated twice, and the crew countered with electric trim. Unlike the JT610 pilots, the ET302 crew flipped the stabilizer trim motor cut out switches, which stopped the MCAS from moving the stabilizer. But after reporting not being able to manually trim the aircraft, they flipped the cut out switches on again. The faulty AOA data was still feeding the left-side FCC, activating the MCAS again and putting the aircraft into a dive."

(The airplane was already in a dive when they turned off the stab trim.)

> It seems you're generally suggesting that the instructions provided by Boeing were sufficient for the plane to remain airworthy without further mitigation; this was contradicted by the ECAA and others. Is this what you're suggesting?

Yes. In fact, on the flight immediately preceding the LA crash, the same MCAS problem was experienced, and the crew returned the trim to normal with the electric trim switches and then cut off the stab trim. They landed safely without further incident.

Exactly what Boeing's EAD stated to do.

[dTal]

>The pilots were not trained properly in emergency procedures with the stab trim. Boeing put out an Emergency Airworthiness Directive after the first crash with explicit instructions on how to deal with it, but the EA pilots did not follow those instructions.

If the planes are still crashing after the "problem" was fixed, then that wasn't the problem.

(Specifically - the "emergency procedures" in question are "what to do if your plane randomly decides to fly you into the ground". The only way to save your skin is to take a specific emergency action within a time window of a few seconds. This is not a reasonable design.)

[WalterBright]

Neither crash was within a few seconds. The EA crew fought it for 5 minutes, the LA crew 25 minutes.

-- Aviation Week, Sep 1, 2019

As for being an emergency, yes it was, and dealing with emergencies is most of pilot training. Dealing with runaway trim (which is how this failure exhibited) is part of that training. The Emergency Airworthiness Directive reiterated what the procedure was for runaway trim.

Runaway trim is so serious that it is a "memory item" meaning the pilots know how to deal with it without needing to consult a checklist.

While runaway trim should never happen, it is reasonable to expect the pilots to deal with it properly.

[dTal]

>Neither crash was within a few seconds

That's not what I said.

If you don't take mitigating actions within a time window of a few seconds, you are locked into an unrecoverable situation - however long you might fight it afterwards.

Specifically - the trim wheel is too stiff to correct if the stabilizer is loaded, so if the MCAS is allowed to wind the stabilizer to its extreme position, the pilot must - after disabling the MCAS (and therefore also the electric trim) - unload the control column to correct the situation, which will send the aircraft straight into the ground. Hence the undulations seen in the flight paths of the crashed aircraft.

The MCAS was designed under the assumption that pilots would respond to unexpected activation within 3 seconds:

https://www.seattletimes.com/seattle-news/times-watchdog/the...

[WalterBright]

The Seattle Times hasn't a good track record of accurately reporting the facts on aviation stories. Their aviation reporter does not read or comprehend his cited sources.

The EA crew dealt with the situation for 5 minutes, the LA crew for 25 minutes. Both crews used the electric trim switches to restore normal trim, multiple times. The trim switches are on the control column right under one's thumb. All the reports saying it was impossible or unreasonable or there wasn't enough time to do this are false, as both crews did it.

I strongly recommend a more reputable source, like Aviation Week 19-Sep-2019. Also an original source,

https://theaircurrent.com/wp-content/uploads/2018/11/B737-MA...

There's also an often-cited article going around that's written by a Cessna pilot. His opinions on how jet aircraft should be designed have little to do with reality - high altitude high speed jets are very, very different from a low and slow Cessna. (The Air Force thought it would be easy to transition their experienced propeller pilots to jets. A lot of crashes and dead pilots changed their minds.)

[adriancr]

Thing is boeing made incredibly bad decisions that should have been avoided given current rules and procedures.

That was only done due to concern for profits and not due to any engineering flaws. (MCAS existing in the first place, it didnt have reliable sensors, pilots were not instructed on it)

How would you react if a loved one died due to boeing or any company greed?

Cynic in me is hoping this is only allowed to fly in the US until it proves safe and boeing execs and employees are forced on every damn flight.

[bronson]

Iterating works well with software but not so well with airplanes.

And, you must admit that Boeing has shown utter disregard for rules through this process.