top | item 21925018

(no title)

bkdbkd | 6 years ago

And with the design that both Boeing and the FAA certified to fly, that system would simply fly the vehicle into terrain. In this case it is exactly the automation that is at fault, not a pilot misunderstanding or mistraining. The automation system was designed to prevent a pilot from doing something she might have been familiar with doing while flying the old design on the new design. It was designed to keep the pilot from putting the plane in a bad state for flying. That entire system made an error that cost 347 people their lives.

What is painful, is that the pilots recognized that the system was in error, and attempted to correct it, but were unaware that it had the capability to override them. They were unaware because the designers intentionally hid the mechanism. That is made the mechanism hard to see, understand, and needing special knowledge to disable. The designers had not considered all failure modes, but acted as if their implementation was failure-proof and never to be tampered with.

The question in this case is how can one verify something like an automated aircraft system? And more importantly, if there is a technique or practice to assure the system is valid, is the company trying to build it mature enough in its engineering practices to follow it properly?

discuss

logfromblammo|6 years ago

Every aircraft-building company is mature enough in its engineering practices. Not every company is ethical enough in its management practices.