Skip to main content

View Diary: Flight Engineer - A Dying Breed (106 comments)

Comment Preferences

  •  I might agree with you if (2+ / 0-)
    Recommended by:
    JimWilson, Mr Robert

    all potential failures were fatal to the system. A major design criteria is avoiding single point failures. Multiple redundancies are a long preferred method. Two engines, three hydraulic systems with wind powered ram air a turbine, four generators and a hydraulic backup generator operating multiple AC and DC busses, and seven flight control computers are but a few of the features of the A330 I flew for eight years before I retired. Remember that this is an aircraft that has computer controls for virtually every function from engine fuel controls to the passenger seat lighting controls. The more critical systems are built most robustly with multiple backups if multiple degraded modes all fail.

    Since you are interested from a software perspective I'll say a little more about the flight control computers. Seven of them are required for a fully functional system. Each is capable of providing sufficient control capability to successfully recover the aircraft. It isn't pretty depending on which one remains but there is full expectation of a successful recover of the aircraft on just one. Or none.

    What you say? None? Yeah, none. It is possible though very difficult to land with nothing but the backup rudder and engine power to land the airplane. It would be extremely difficult and there is no guarantee of success but that is the level of design redundancy.

    The most likely failures are various sensors or parts of a computer. The system is designed, and has always done so in my experience and knowledge, to reconfigure itself to operate with a failed or erroneous input, revert to a degraded mode, or disconnect the device. The pilots can also manually disconnect a box if needed. The probability of losing enough to make recovery not likely or impossible is extremely low. Not zero but low. I bet it is less than the probability of getting hit by lightning walking around in your yard.

    The greater threat is the operator not understanding the system or misunderstanding the ramifications of what he is doing. The A320/330/340/380 series of aircraft has never lost an aircraft due to system failure. Every single hull loss has been due to the pilots, test pilots too, not understanding the mode the aircraft was operating in or were unaware they were working against the system. Every aircraft was lost because the crew flew it into the earth. The biggest threats are the crew, the humans, just like it has always been since the first powered flight. The complex systems give us more information in a format humans can use easily and make it more likely they won't do something extremely stupid, always an option, always.

    The best advance I've seen in aviation safety for pilots is the move to threat and error management. My flying career began in the military where there was one way to do things. To err is human, to forgive is divine, neither of which is accepted policy. Thirty five years into that career the experts, aviators in this case, decided to acknowledge that crews make errors. Once you can accept the certainty of error you can move to analyzing the factors that lead to error and prepare yourself for when, where, and how they occur. Awareness of a threat makes it is much easier to prevent. This also creates an environment where a mistake can be caught and corrected sooner. The idea also encourages the crew to include others to participate which further increases the likelihood of preventing mistakes or catching them before there is a big problem. It is overall an exciting change that I think will lead to even safer air travel.

    Time makes more converts than reason. Thomas Paine, Common Sense

    by VTCC73 on Mon Jan 21, 2013 at 12:33:01 AM PST

    [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site