I’m afraid I’m saying a lot of things from memory from the time I had written a report on the Max 8 accidents and an actor analysis. (I’d anyone is interested I could perhaps share it.) Most of this stuff came from the DoT report on the accident, the rest from reputable news articles.
If the FAA had paid attention they would have seen a company desperate to compete modifying numerous basic characteristics of an airplane to the point of making it aerodynamically unstable, using a flight control system as a bandaid to fix this.
Not to mention being such massively cheap assholes that they literally didn't install warning lights in the cockpit to tell the pilots when the sensor their flight computer would use to override control inputs, had failed.
No, it isn't. It's just more work than the government feels like doing, involving more technical skill than the government feels like hiring.
The problem is that the government can't have it both ways. It can't both claim that it is regulating airlines and airplane manufacturers to protect public safety, and also claim that it can't independently check what the regulated entities are telling it. It has to be one or the other: either we get the actual independent regulation that the government claims to be doing, with whatever resources it takes, or we all admit that we are not going to get that because the government is incapable of doing it, and we figure out some other way of ensuring safety.
And aerospace engineers are dirt cheap. What sort of clown show is the FAA running?
Or they could be several times more efficient. $17.5 billion/yr can do a lot.
Fighting something like this in court plus media scrutiny will basically ruin someone's life and make them almost unhire-able in their field. Excepting someone to ruin their family's life for the greater good isn't likely. There won't always be a young single ideologue who is willing to move overseas to escape his own government. There are lots of major crime systems where someone is the spouse of the criminal and knows what is going on but how are they going to give up their home and life for their kids while also putting their life at risk for the sake of doing the right thing. People have shown that they will do the right thing if you make it easy enough and safe enough.
Does everything come back to campaign finance reform?
It will make them almost unhireable everywhere. Even outside their field, they're still a risk. They've now got a very public "troublemaker" label.
The prizes would also have to be pretty large. We're talking "never have to work again" large, because that's a very real possibility, or at least a very real perceived concern.
We're talking people who make a good living. For people not close to retirement, it's probably a multi-million dollar number. At $200k/year, that's $2 million per decade, and not including potential raises. After you pay income taxes on the prize, you probably need it to be close to $10m to break even.
In any case, I strongly doubt that the buck should really stop at this test pilot. Someone higher up surely has some degree of responsibility. The test pilot did not invent MCAS.
Interesting. I never even imagine that happening anymore. I find the reverse so much more plausible: the bosses say to design it like that but the engineers have the backbone to say no (even at the risk of being fired and replaced).
On the one hand, I see where you're coming from. Executives are the ones with the money and power, so they should have the responsibility. They should go to prison when they order misconduct (whether that's negligence, fraud, etc.). This should incentivize them to act conservatively. (Where right now, we reward them largely based on short-term stock performance, and we never punish them, and I think our executives are overwhelmingly sociopaths who pursue short-term stock performance above all else.)
On the other hand, engineers are the ones who throughly understand the issues and have licenses with ethical standards attached. They're going to notice the problem. I believe many already aren't willing to sign off on something they don't believe is safe. With good enough whistleblower protection, they'd be likely to speak up when they see someone else signing off improperly.
--
[a] The term "bezzle" was proposed by J. K. Galbraith in The Great Crash of 1929: "To the economist embezzlement is the most interesting of crimes. Alone among the various forms of larceny it has a time parameter. Weeks, months or years may elapse between the commission of the crime and its discovery. (This is a period, incidentally, when the embezzler has his gain and the man who has been embezzled, oddly enough, feels no loss. There is a net increase in psychic wealth.) At any given time there exists an inventory of undiscovered embezzlement in – or more precisely not in – the country’s business and banks. This inventory – it should perhaps be called the bezzle – amounts at any moment to many millions of dollars. It also varies in size with the business cycle. In good times people are relaxed, trusting, and money is plentiful. But even though money is plentiful, there are always many people who need more. Under these circumstances the rate of embezzlement grows, the rate of discovery falls off, and the bezzle increases rapidly. In depression all this is reversed. Money is watched with a narrow, suspicious eye. The man who handles it is assumed to be dishonest until he proves himself otherwise. Audits are penetrating and meticulous. Commercial morality is enormously improved. The bezzle shrinks." (https://www.goodreads.com/work/quotes/1466583-the-great-cras...)
I'm not saying it's just the test pilot who lied, or held sole responsibility, but yeah, he was a member of a criminal enterprise that resulted in people's deaths.
When we see programmers charged who implemented the twisted evil shit Facebook or whoever ordered them to, we will be making some progress on fixing the problem.
I'd say this is a serious deterrent to pilots contemplating similar action in the future but I don't think the problem was with the FAA or this pilot. The real problem was the senior management at Boeing who made the conscious decision to put profits ahead of safety. Thus they were directly responsible for creating a culture of short cuts and cheating which lead to the ending of several hundred lives.
At least that is how it is done for medical appliances, I assume FDA and FAA work similarly. But government just doesn't have the extra engineers to technically evaluate every part of a new plane. That would induce massive costs and the manpower simply doesn't exist.
But if companies don't use due diligence to ensure safety, these agencies have the power to penalize you heavily, so you have to comply anyway. Sadly there is also a political component so agencies sometimes have to work against pressure from politicians that don't want to damage domestic brands.
I believe this case was a clear management error for that matter but the FDA probably has more info.
Take the population of x , then sample y and if the sample passes the tests then you have z degree of confidence of projecting the results of the sample over the entire population.
Its not hard. Its only that bureaucrats are generally not hired for the industry knowledge but instead career paper pushers and ticking boxes on their way up, instead of, you know, getting dirty with actual work
In hindsight that’s easy for me to say, and the FAA had gone to relying on Boeing engineers, but as mentioned if there was huge pressure for Boeing to compete things could get overlooked.
Like all centralized systems, easy to hack over time. A better system would be decentralized regulatory bodies that check on each other's conclusions instead of a monolithic one.
At this stage you absolutely should not trust any regulatory body, FDA included. (The FDA never replicates any trial for example)
There is also good reason to trust it, especially when it comes from a large company such as Boeing: it is stupid for such an organization to lie to you, because it risks its existence for the rather small payoff of avoiding delays for a single model.
It’s even worse for individual employees at the company: they risk jail time and aren’t even the direct beneficiary.
Example: see above
What part of the situation here is unacceptable? There were, I believe, 2 crashes. We accept more than that with most modes of transport. It isn't obvious that tightening the regulatory process is a net win.
Agree the FAA should cross-check, before a plane crashes, but when they catch this behavior they should, IMHO, punish it.
Email like it will one day be read aloud at a deposition.
So remember, when push comes to shove, the technical lead always gets thrown to the wolves while management goes "we don't know about that technical stuff".
Not to detract in any way from what he is culpable for.
A refresher since this happened so long ago:
Airbus was eating Boeing's 737 sales for lunch. Boeing management wanted to put better engines on the plane to get those sales back. But the better engines were bigger, and that meant they couldn't just swap them out and call it a day. So they moved the engine position. Well, when you move heavy shit around on a plane that also happens to be the thing generating thrust, you change a lot of stuff about the plane - its center of gravity, how the plane behaves when that thrust is applied (think torque steer but for planes) and aerodynamics.
The plane became aerodynamically unstable in certain conditions. Hence the need to add fly-by-wire systems and sensors. Except...they also cheaped out on both the number of sensors and even the frigging lightbulbs to warn pilots of sensor error.
The shit Boeing has gotten away with over the years boggles the mind. At one point the NSA got caught doing industrial espionage against Airbus for them!
I believe that the issue was more tragic than that (no expert)...
They wanted to 'hide' the fly by wire (FBW) as for it to be apparent would require that the plane (effectively) be re-classified as a new plane, requiring expensive up-skilling of the pilots. The existence of the new FBW was even hidden from the manual!
The FBW required information from the pitot tubes in order for it to know how fast the plane was flying. Planes have two such tubes, one for backup as they are prone to blockage. Normal practice would be to poll both tubes, and if their reading disagreed the pilot would be notified and assume blockage in one of the tubes.
However, they could not do this as a pitot tube warning would reveal the existence of the FBW to the pilot, who would not have been aware of its existence. Hence they relied on one pitot tube input and (of course) no warning lights.
This must have been a calculated risk on their behalf. They must have known that sooner or later it would fail.
This is not an issue of instability. The plane will remain at a level pitch/roll at a given thrust with the appropriate elevator trimming. An unstable plane would require constant input changes.
One time, she told me to do something very dangerous during a data migration. Not a best practice, and a big no-no. I'm seeing open files randomly spread across about 50 NAS shares which should according to her be offline - retired apps. It would take time to identify those, notify people, etc. She has deadlines to meet. You see, this migration that's been put off time and again for 2 years, needs to be finished in about a month, because when she was hired, she made that promise to her boss - without knowing anything about the apps, how much data, what users, etc.
I talked to her over chat, saved the chat, warned her about all the dangers and was told to proceed. It brought down a clinic, resulted in some data loss, and affected patients.
Next migration batch, she asks me to do it again. With a phone call. I ask for it in writing, she refuses. I added the phone call notes to the servicenow change control ticket, put risk as high, and said I need a note in the ticket from her telling me to proceed despite risk.
A week later I'm on suspension for disobeying my manager. HR tells me they will be getting in touch with me to get the details of what happened. I enjoy my paid week off while HR investigates the complaint - they need a full week because they review so much. at 4pm, the day before the week is over, the HR rep calls me and asks be about what happened. At 9am the next day I'm fired.
I file for unemployment and get a corp to corp contract to a company I'm part owner in (contract to the company, not to me). They dispute it, saying I was fired for my attitude, and was written up many times. Both false - I turn over the details - saved chats, emails, a phone call I recorded, etc to the UI officer. The next day my unemployment is approved, and I'm collecting unemployment weekly, while collecting dividends from the company I own for its c2c contract. I do however reply to one email per day from an indian recruiter - I pick ones with names I can't pronounce. They do the needful and submit me to one position per day with "their client." Why only indian recruiters? Because they are a minority and I don't discriminate.
This is a Boeing engineer being thrown under the bus by management. Here's what needs to happen: the engineer is guilty. I was guilty too when the first time I ran the destructive script, despite being told to do that in writing. The engineer is like a nazi soldier. Both the soldier, and his boss, and anyone up the chain who approved or pushed for this, need to be on the receiving side of that courtroom.
Minutae aside, as a European I'm shocked and appalled at that process, but surely an employment tribunal would have been the next step? Seems open and shut if you have the details to hand and everything evidenced properly. That said I'm sure you probably didn't want to be there from that point
- W. Edwards Deming
As a longtime corporate grunt, I can guess exactly how management leaned on him. He should have left and let the scumbags find another patsy to do their dirty work.
This source says text messages. Thought I saw instant messages somewhere else.
On the other hand, according to his Linkedin Mark Forkner worked for the FAA before moving to Boeing to become the chief technical pilot, so he should have been well aware of the stakes when he hid information.
[1] https://www.washingtonpost.com/investigations/how-the-faa-al...
edit: if that actually happens, Boeing is finished. They will be doomed to repeating the mistake of the 737 Max.
This article is about the 737 Max.
But I have muche less hope in the capacity of the US to seriously incriminate its poster child.
> The janitor's response is reasonable. It's an understandable excuse. The janitor can't do his job without a key. As a janitor, he's allowed to have excuses.
> "When you're the janitor, reasons matter," Jobs told his newly-minted VPs. "Somewhere between the janitor and the CEO, reasons stop mattering."
> "In other words," (Jobs continued,) "when the employee becomes a vice president, he or she must vacate all excuses for failure. A vice president is responsible for any mistakes that happen, and it doesn't matter what you say."
There's no way the buck stops there.
Then he should flip. Naming names will at least buy some sympathy points.
That may be optimistic. Off the top of my head I can't remember any c-level execs of such a massive corporation having criminal charges brought against them. (except maybe for some type of tax/securities fraud) There's probably... some? My knowledge of the area certainly isn't comprehensive.
Poor maintenance. Pilot skills in hand flying and unusual flying and recovery so different (overseas they don't always come through a normal US style GA background).
If they would have looked more closely at the US, they would have found that this system was triggered (and resolved) I suspect pretty frequently by US pilots - ie, the pilots in the loop compensated for the design weaknesses which was the boeing thinking historically. US pilots have played that role on many planes, usually mfg then fixes the issues as well.
If they are going to continue to sell internationally in the markets they want to they actually need to think about doing more automation and flight protection stuff - more computers - not less.
This may never have been the major issue it became if they had focused on a major carrier like Southwest (very experienced crews).
The whole MCAS thing was garbage, interesting they are pinning it on this guy. He does say internally he lied to FAA (unknowingly) as they weren't fully familiar with MCAS modes and edge
Edit: Appears I was wrong - good maintenance in US seems to have been key saving thing.
"Following the recent events in Indonesia and Ethiopia, U.S. flight data was analyzed to understand whether indicators may have existed that could have been addressed, and potentially preempted the accidents. The data showed zero incidents of runaway trim on Boeing 737 MAX 8 aircraft in the U.S. system,” says the report from the special committee.
Good job A&P folks!
Then, they continued the flight and landed normally.
The next flight on the same airplane is the one that crashed. The crew restored normal trim with the electric trim switches 25 times, but never shut off the trim system.
The EA crew also restored normal trim with the trim switches, but then turned off the trim when the stabilizer was too far nose down. This is contrary to the instructions in the Boeing Emergency Airworthiness Directive distributed to all MAX pilots.
This does not absolve Boeing's role in not doing a proper failure analysis of the MCAS system.
But contrary to what Frontline said "the pilots did everything right" it was recoverable if the instructions for runaway trim were followed.
First, they attempted to adjust trim using electric stabilizer trim, and then upon realizing that the they were experiencing an uncommanded nose down stabilizer trim, they followed the runaway stabilizer procedure - namely, stab trim cutout and trim wheel grasp and hold. Afterwards, they attempted to adjust the stabilizer manually.
There is a note in the EAD that electric stabilizer trim can be used to neutralize the stabilizers before doing a stab trim cutout, but crucially Boeing did not instruct pilots to make sure to neutralize trim first using electric trim before doing the stab trim cutout.
http://www.b737.org.uk/images/runawaystab1975.jpg
Not to mention I think they ran the plane at full takeoff power during the recovery attempt - I can't even imagine what they were doing in terms of speed monitoring (in a nose down you normally reduce power, no go to full takeoff!).
This is repeating lies propagated by Boeing management and is not true. The flight control system's design was flawed. It was a "fly into the ground sometimes" machine.
The Ethiopian Airlines pilots did get to the stab trim cutout as well (probably because they had read the emergency directive Boeing sent out) but were unable to manually trim afterwards due to the forces involved - had they cut airspeed at the start they probably would have been able to do so, but that was not part of the instructions at the time. For an analysis of the situation they were in, see https://leehamnews.com/2019/04/05/bjorns-corner-et302-crash-...
Per [2], MCAS was poorly designed and exhibited a failure mode (e.g. AOA sensor failure) that required immediate pilot action to avert disaster. For pilots that were aware of the MCAS failure mode and how to respond, simulation showed they could respond and avert disaster within typically 4 seconds. A delay of 10 seconds from a pilot to respond correctly to the failure event would be catastrophic.
A Boeing staffer wrote to the Chief Technical Pilot now indicted[^][1] regarding the pilot action required in those critical few seconds:
"I fear that skill is not very intuitive any more with the younger pilots and those who have become too reliant on automation"
"This is the path with least risk to Level B. We need to sell this as very intuitive basic pilot skill".
* Fixing the MCAS flaw to remove the failure mode altogether
* Ensuring pilots were trained to handle an MCAS failure in a simulator
* Otherwise ensuring that pilots were aware of the non-intuitive nature of MCAS and the particular failure mode requiring immediate <10sec response from pilots
If the failure mode with MCAS did occur, pilots didn't even have 10 seconds to find the NNC and go through the checklist steps before catastrophe was set to occur. They were not aware of MCAS being present on the aircraft and per the Boeing staffer raising the concern, "that skill is not very intuitive" in relation to acting on the failure mode should it have occurred.
[1] https://transportation.house.gov/imo/media/doc/Compressed%20...
[2] https://www.incose.org/docs/default-source/enchantment/21031...
[^] Assumed from job titles in the e-mails, as names are redacted.
More background on usage at: https://english.stackexchange.com/questions/166332/how-did-y...
The Smithsonian Channel Episode “Ten Steps to Disaster” is far more technically accurate, and also deep dives the technical, business, and regulatory decisions that lead to the disaster.
https://www.smithsonianchannel.com/video/series/ten-steps-to...
Oh well. At least we know that nobody else at all in Boeing was responsible in the slightest. Everyone else involved with the program were probably angels and this one bad bad man pulled the wool over their eyes. So sad. At least they caught the only bad man before he could strike again. Did I mention he's solely responsible for this whole thing yet?
It really was unfortunate, but these things just happen you know? I guess we just better cross our fingers and hope real hard that it doesn't happen again. There's nothing more to learn from this.
He was still incredibly stupid and made horrible choices, but the environment he was in only facilitates and encourages behavior like this.
Except when that culture is toxic
Oct 2018: https://news.ycombinator.com/item?id=18324997
March 2019: https://news.ycombinator.com/item?id=19351835
May be interesting to read with the benefit of hindsight and everything we've learned about the process that lead to those crashes.
Still, it's important to remember that Boeing and the FDA dragged their feet for ages before grounding the plane after the second crash. So that's at least part of why they get so much flac in the second thread.
The lead prosecutor, Erin Nealy Cox, then took a job with the firm that leads Boeing's criminal defense.
You are describing exactly the normalisation of deviance that gets people killed per the 737 Max situation. The Officer in your example is secondarily at fault, the driver is primarily at fault, but the CULTURE that allows these dangerous situations to arise is where the problem needs to be addressed. "Yes, I was speeding/falsifying records, Officer. But everyone else was doing it."
There are entire generations of people inside that company that should at least sit their asses in court.
Never happened before as the FAA used to be the gold standard for safety - looks they have been gutted by the govt.
I feel like they should be going after Boeing Co and not after individuals, except individuals at the top of the scheme.