Possible Boeing 737 replacement

[starviking]

That is not to say that Boeing has messed up badly. How can a flight critical system be designed such that it is susceptible to a single-string failure?

The Seattle Times report (Reply 62, Boening 737 MAX thread) gives the answer:

"The bottom line of Boeing’s System Safety Analysis with regard to MCAS was that, in normal flight, an activation of MCAS to the maximum assumed authority of 0.6 degrees was classified as only a “major failure,” meaning that it could cause physical distress to people on the plane, but not death.

In the case of an extreme maneuver, specifically when the plane is in a banked descending spiral, an activation of MCAS was classified as a “hazardous failure,” meaning that it could cause serious or fatal injuries to a small number of passengers. That’s still one level below a “catastrophic failure,” which represents the loss of the plane with multiple fatalities.

The former Boeing flight controls engineer who worked on the MAX’s certification on behalf of the FAA said that whether a system on a jet can rely on one sensor input, or must have two, is driven by the failure classification in the system safety analysis.

He said virtually all equipment on any commercial airplane, including the various sensors, is reliable enough to meet the “major failure” requirement, which is that the probability of a failure must be less than one in 100,000. Such systems are therefore typically allowed to rely on a single input sensor.

But when the consequences are assessed to be more severe, with a “hazardous failure” requirement demanding a more stringent probability of one in 10 million, then a system typically must have at least two separate input channels in case one goes wrong.

Boeing’s System Safety Analysis assessment that the MCAS failure would be “hazardous” troubles former flight controls engineer Lemme because the system is triggered by the reading from a single angle-of-attack sensor.

“A hazardous failure mode depending on a single sensor, I don’t think passes muster,” said Lemme."

Ref: https://www.seattletimes.com/business/boeing-aerospace/failed-certification-faa-missed-safety-issues-in-the-737-max-system-implicated-in-the-lion-air-crash/

 

[Jason Dykstra (Wyvern)]

Is this concept, in any way, related to the NMA or NSA?

 

[TomcatViP]

No but it's interesting. It shows that beyond Boeing, many engineers wouldn't have thought that someone would crash a plane simply because of an erroneous alpha trim input: the legislator, the safety controllers at Boeing and the FAA staffs.*
Nobody punched that yoke but the PiC. Nobody slammed the throttle full trust but the PiC. None Boeing engineer could have acknowledged that sensor maintenance could be botched that way...

At the end it's apple Vs bananas... And a huge criminal(?)** PR campaign.

*And previous flight did demonstrate that a crash was not a direct consequence of the failure (the plane was flown straight to its destination while encountering the same failure)
** Multiple individuals actively pursuing a defamation campaign