I know most of you have been following this closely, whether you travel or have relatives that travel frequently. Even if you don't travel much, such a tragedy hits close to the heart especially when both crashes were 100% preventable. While the second crash is still being investigated. The horizontal stabilizer was found in the full nose down position indicating that MCAS brought the plane down. Article
What is MCAS?
It is an automated system which compensates for a pitch up due to the new position of the bigger fuel saving engines. If the plane pitch up degree goes over certain degree it can cause a stall which is a very bad spot for a pilot to be at such of altitude. So MCAS will attempt to pitch down to avoid a stall. Unless the sensor fails, and pretty much the whole MCAS system goes haywire and doesn't know what to do other than continuously pitch down.
When the second crash occurred I wasn't even aware about the first one, mainly because I don't watch much news. From that moment on I went on a research spree. From the software side of things, I just couldn't even imagine this being a software bug or bad design. Quite frankly I don't understand how it got approved, and passed certification in the first place. For me that was strike #1 for Boeing. Knowledge of the existence of the system to air crews was strike #2. Terrible bad design I mostly care about software, but well aerodynamics too, strike #3. Even though nowadays is quite common to compensate mechanical designs with software as it is much cheaper and easy to maintain.
Maybe Boeing told FAA Max 8 is a split image of the 737 plane, there is no need for re-training or need to tell the pilots about MCAS system that they will barely notice it, there is so much misinformation on the net about who is to blame. Nevertheless as a consumer I care about how are these agencies that are supposed to prevent these issues will tackle them in them future. There were so many mistakes made in my opinion.
The issue at hand is that lives were lost on two incidents because of a software malfunction. A software that in my eyes as a self-taught programmer wouldn't even approve based on the non-redundant and aggressive behavior in the close loop system. Not too mention non-existent feedback for the pilot.
- There was no feedback that MCAS took over the plane
- Nose down pitch degree was bigger than what Boeing indicated
- Multiple nose down pitch attempt by MCAS
- Two sensors in the plane, and only one used, (MCAS should have been disabled if the sensor failed)
In the aftermath of the second crash China took the lead on grounding the whole Max 8 fleet, several countries followed, except USA and Canada. FAA, and Boeing stood by their story and said they were sure about the airworthiness of the planes. They were the last two countries until Canada analyzed satellite data, and the investigation teams found the stabilizer in the full nose down position onsite. This caused huge pressure for Boeing to fix the issue, not to mention countries are withdrawing Max 8 orders. Less than three weeks after Ethiopian crash, and Boeing has a fix now. They are saying they made the software patch after Lion Air investigation, but how come they said their planes were safe this whole time?
Boeing will update software to use both sensors in case of a disagree there will be a light alarm. Pilots now know that MCAS takes over the plane with autopilot off, and should know to quickly turn off trim switches off. In addition the system will not be as aggressive as before, and will only attempt to pitch down once as it is crucial to gain altitude and speed quickly during takeoff.
- What are your thoughts as a consumer, software engineer, project manager, and/or qa manager?
- Are you happy how Boeing/FAA handled the situation?
- Lion Air crash data was there this whole time, and they knew it was the MCAS, yet nothing was done until a second crash occurred?
- Do you think the Code of Ethics was followed or violated?
May their souls rest in peace. 181 passengers Lion Air, and 157 passengers Ethiopian.
Top comments (4)
This article in The Atlantic is well worth reading:
The Coming Software Apocalypse
Thanks for the article! Super interesting read. Read halfway, will finish later. The section about Toyota hits close to home. In my field I worked with code just like that so intertwined that you get lost in the essence of what is supposed to do.
I worked closely with a software design engineer with 25+ experience while he was watching me browse the code, he shouted "wth is all this bulls*%!" in Norwegian accent. He looked at me and said, "I don't understand why is so complicated", this function calls this one, and this one calls this one, by the time you go deep enough you have forgotten what you are actually looking for.
Simplicity in design is often forgotten, and we create complex systems without thinking about maintainability. Furthermore we don't document these complex systems very good either.
Great post, Fernando.
You wrote this almost a year ago. I assume you've been following all the drama at Boeing and I was just wondering if you had any thoughts to share now that we have much more information? Would you change anything you wrote?
Thanks for the comment. I probably should do another post. The whole thing turned out much worse than I thought in the end. Negligence over money and greed.