[K0balt]

It doesn’t save the engine, it keeps it from ripping the wing off. It’s a good system.

The part about filling the cabin with smoke because they couldn’t be bothered to make the software that detects the extreme vibration tell the AC units from that engine to shut down (which they already do if the rpm drops, indicating an engine failure-just not soon enough or reliable enough to prevent the smoke issue) - not so much.

The system for the ECU to detect the engine mount failure condition already exists. The function to shut down the air handlers in response to a different indicator of engine failure already exists in the ECU. It’s just literally “also shut down if the engine mounts fail”, but the guys that sit around and think about the what ifs were given early retirement to make room for more MBAs.

[hypothesis]

> It doesn’t save the engine, it keeps it from ripping the wing off. It’s a good system.

Sure, I get that it was added to prevent plane from disintegrating, but like you said integration thinking is gone and now we have those individual components that sure look homicidal from outside.

The other issue is that regulators are missing in action or worse. It’s no way to run the industry by relying on concerned youtubers..

[adgjlsfhk1]

I think a lot of the problem here is that all of the forward looking design is looking at the 787 dreamliner where the air conditioning is done electrically rather than with bleed air. It seems entirely plausible to me that this situation arose due to a descoping halfway through the project, where an initial version of the design wasn't going to use bleed air, they then decided that doing that much design work would be expensive, and put the bleed air system back in "because it's exactly the same as what we've been doing for the past 100 years" and no one realized that in the meantime, someone else on the engine team had designed a system that would dump a couple gallons of oil into the bleed air system if there was an engine failure.

[chipsa]

The air handling is exactly the same between the various 737 versions. The difference is that the engines are different. The CFM Leap is designed to shear the bolts on the fan if it goes sufficiently unbalanced, and incidentally the shock of this causes an oil leak. The A320neo will have a very similar problem of filling the plane with smoke if the LRD shears the fan bolts. It just does the air handling slightly differently, so it fills with smoke slower, and the entire cabin, rather than the flight deck first (if it’s the left engine that fails).

[ngcc_hk]

Guess if I have to choose killing the pilot last is better … I am not a pilot

[aunty_helen]

Nah bleed air is a pretty major system. 787 was a ground up design, so benefitted from lots of new tech. 737 max was something that they hoped wouldnt need a recert.

So no this wasn’t the victim of a rescope.

[dboreham]

But it was the victim of MBAs eating the world, since the 737-of-theseus concept wouldn't exist and we'd be flying in newer design planes.

[K0balt]

“737 of Theseus” is my new favorite aviation phrase. Right up there with “unscheduled disassembly event”.

[K0balt]

I’m with you on all of this. It’s like all of the grownups left the building and the inmates are running the asylum.

Frikken clown world hijinks.

[aqueueaqueue]

I am with you but that is quite a mixed up metaphor!

[K0balt]

Exactly.

[DrNosferatu]

If engine detects malfunction -> close its breathing air pathway to humans.

How difficult is that?

[K0balt]

That’s gonna cost tree fiddy.

Actually, I think this was less about cost and more about systemic creep of operational differentiation from earlier versions of the 737. A big selling point for the MBAs was that this was a 737 and pilot recertification was not necessary. So the MCAS system and its deadly potential was hidden from the pilot manual, as was the new failure mode introduced by this system. Acknowledgement that these systems required additional or different contingencies or checklists, or intruding an automatic shutdown of a pressurization would require recertification in type, or potentially even recertification of the aircraft if the changes were significant enough.

Significantly, for MCAS, the reason that the stability of the aircraft had to be patched in software, leading to hundreds of deaths, was that changing the empennage to reestablish aerodynamic stability might have been a big enough change to require recertification of the airframe. That would have been expensive, but it would have also opened the door to fixing all of these other issues that resulted from trying to pretend that the aircraft was not significantly different from earlier versions.

Its bean counters all the way down, and dead passengers is the price of that.

[DrNosferatu]

Absolutely: I’m sure the engineers proposed a solution or mitigation - and then it was buried at management level to keep away any possible need of recertification.