[Reason077]

The 737 MAX, like all 737s, always had two AoA sensors. The problem was that Boeing engineers wrote software for the 737 MAX which could make critical flight control inputs based on the data from one sensor only. And didn't really tell pilots about it.

The fix, amongst other mitigations, was to have the MCAS software cross-check inputs from both AoA sensors.

[dotancohen]

The airplane could have a dozen AoA sensors, but if the software is ignoring 11 of them then there is only one actual AoA sensor for purpose of discussion. Even if the sensors are used for other aspects, such as pilot instrumentation.

And yes, I understand perfectly well that this invalidates the idea that the second sensor was "eliminated" to save cost - but if I remember correctly there was a paid option to have the MCAS consider both sensors. So there was a financial aspect to the decision. Someone please correct me if I'm wrong.

[salawat]

Close! AoA disagree hazard light was an optional feature. In the original implementation, the Flight computer in command, either the one on the pilot's side, or the one on the copilot's side (alternated on power up), were fed input from only the AoA sensor they shared a physical link with.

The optional feature was essentially networking the two ststems such that the data would be fed to the FCIC for warning light activation, so that pilot's could start running the right checklists.

[dotancohen]

Thank you.

[uuddlrlrbaba]

Still, when two sensors disagree how do you determine which sensor is correct? Really 3+ are needed

[DrFalkyn]

Ask the pilot ?

[shiroiushi]

Can't do that: the pilot can't be allowed to control, or even know about MCAS, because that would affect Boeing's ability to claim the plane is "just another" 737 and that the pilots don't need retraining. Giving the pilot the ability to control MCAS means the pilots all need retraining.

[slavik81]

That's certainly the regulatory logic, but I feel like the entire idea of hiding critical systems from the pilots may have been a bad idea from the beginning. Regulators should never have even entertained the idea of using active compensation systems to maintain the type class.

[anticensor]

They already received training on MCAS once they got 737 MAXes, albeit a short superficial one (1 hour of lecture&1 hour of simulator training iirc). Hence "cannot be allowed to know" does not apply anymore.

[shiroiushi]

Yeah, and that's wrong. It should apply. Pilots should not be allowed to know, because that means this is a different plane than the one they were rated for. And so, since the plane can't be flown safely without proper training, the planes should not get the same type rating as the old 737, and either 1) they should just be demolished, or 2) they should be considered an entirely different plane, with all the training requirements that entails. The regulators completely failed here, and by allowing this are showing they're corrupt.

[uuddlrlrbaba]

The pilot is managing takeoff at 1000ft