DISPATCHES FROM MOON OF ALABAMA, BY "B"
[dropcap]U[/dropcap]nited Airlines and American Airlines further prolonged the grounding of their Boeing 737 MAX airplanes. They now schedule the plane's return to the flight line in December. But it is likely that the grounding will continue well into the next year.
After Boeing's shabby design and lack of safety analysis of its Maneuver Characteristics Augmentation System (MCAS) led to the death of 347 people, the grounding of the type and billions of losses, one would expect the company to show some decency and humility. Unfortunately Boeing behavior demonstrates none.
There is still little detailed information on how Boeing will fix MCAS. Nothing was said by Boeing about the manual trim system of the 737 MAX that does not work when it is needed. The unprotected rudder cables of the plane do not meet safety guidelines but were still certified. The planes flight control computers can be overwhelmed by bad data and a fix will be difficult to implement. Boeing continues to say nothing about these issues.
International flight safety regulators no longer trust the Federal Aviation Administration (FAA) which failed to uncover those problems when it originally certified the new type. The FAA was also the last regulator to ground the plane after two 737 MAX had crashed. The European Aviation Safety Agency (EASA) asked Boeing to explain and correct five major issuesit identified. Other regulators asked additional questions.
Boeing needs to regain the trust of the airlines, pilots and passengers to be able to again sell those planes. Only full and detailed information can achieve that. But the company does not provide any.
As Boeing sells some 80% of its airplanes abroad it needs the good will of the international regulators to get the 737 MAX back into the air. This makes the arrogance it displayed in a meeting with those regulators inexplicable:
Friction between Boeing Co. and international air-safety authorities threatens a new delay in bringing the grounded 737 MAX fleet back into service, according to government and pilot union officials briefed on the matter.The latest complication in the long-running saga, these officials said, stems from a Boeing briefing in August that was cut short by regulators from the U.S., Europe, Brazil and elsewhere, who complained that the plane maker had failed to provide technical details and answer specific questions about modifications in the operation of MAX flight-control computers.
The fate of Boeing's civil aircraft business hangs on the re-certification of the 737 MAX. The regulators convened an international meeting to get their questions answered and Boeing arrogantly showed up without having done its homework. The regulators saw that as an insult. Boeing was sent back to do what it was supposed to do in the first place: provide details and analysis that prove the safety of its planes.
What did the Boeing managers think those regulatory agencies are? Hapless lapdogs like the FAA managers`who signed off on Boeing 'features' even after their engineers told them that these were not safe?
Buried in the Wall Street Journal piece quoted above is another little shocker:
In recent weeks, Boeing and the FAA identified another potential flight-control computer risk requiring additional software changes and testing, according to two of the government and pilot officials.
The new issue must be going beyond the flight control computer (FCC) issues the FAA identified in June.
Boeing's original plan to fix the uncontrolled activation of MCAS was to have both FCCs active at the same time and to switch MCAS off when the two computers disagree. That was already a huge change in the general architecture which so far consisted of one active and one passive FCC system that could be switched over when a failure occurred.
Any additional software changes will make the issue even more complicated. The 80286 Intel processors the FCC software is running on is limited in its capacity. All the extras procedures Boeing now will add to them may well exceed the system's capabilities.
Changing software in a delicate environment like a flight control computer is extremely difficult. There will always be surprising side effects or regressions where already corrected errors unexpectedly reappear.
The old architecture was possible because the plane could still be flown without any computer. It was expected that the pilots would detect a computer error and would be able to intervene. The FAA did not require a high design assurance level (DAL) for the system. The MCAS accidents showed that a software or hardware problem can now indeed crash a 737 MAX plane. That changes the level of scrutiny the system will have to undergo.
All procedures and functions of the software will have to be tested in all thinkable combinations to ensure that they will not block or otherwise influence each other. This will take months and there is a high chance that new issues will appear during these tests. They will require more software changes and more testing.
Flight safety regulators know of these complexities. That is why they need to take a deep look into such systems. That Boeing's management was not prepared to answer their questions shows that the company has not learned from its failure. Its culture is still one of finance orientated arrogance.
Building safe airplanes requires engineers who know that they may make mistakes and who have the humility to allow others to check and correct their work. It requires open communication about such issues. Boeing's say-nothing strategy will prolong the grounding of its planes. It will increases the damage to Boeing's financial situation and reputation.
---
Previous Moon of Alabama posts on Boeing 737 MAX issues:
- Boeing, The FAA, And Why Two 737 MAX Planes Crashed - March 12 2019
- Flawed Safety Analysis, Failed Oversight - Why Two 737 MAX Planes Crashed - March 17 2019
- Regulators Knew Of 737 MAX Trim Problems - Certification Demanded Training That Boeing Failed To Deliver - March 29 2019
- Ethiopian Airline Crash - Boeing Advice To 737 MAX Pilots Was Flawed - April 9 2019
- Boeing 737 MAX Crash Reveals Severe Problem With Older Boeing 737 NGs - May 25 2019
- Boeing's Software Fix For The 737 MAX Problem Overwhelms The Plane's Computer - June 27 2019
- EASA Tells Boeing To Fix 5 Major 737 MAX Issues - July 7 2019
- The New Delay Of Boeing's 737 MAX Return Will Not Be The Last One - July 15 2019
- 737 MAX Rudder Control Does Not Meet Safety Guidelines - It Was Still Certified - July 28 2019
Posted by b on September 3, 2019 at 18:05 UTC | Permalink
If this is the case, the problem is unfixable: you can't find two competent software engineers who can program these dinosaur 16-bit processors.One of the two is writing this.Half-joking aside. The 737 MAX FCC runs on 80286 processors. There are ten thousands of programmers available who can program them though not all are qualified to write real-time systems. That resource is not a problem. The processors inherent limits are one.
Thanks b for the fine 737 max update. Other news sources seem to have dropped coverage. It is a very big deal that this grounding has lasted this long. Things are going to get real bad for Boeing if this bird does not get back in the air soon. In any case their credibility is tarnished if not down right trashed.
Posted by: Meshpal | Sep 3 2019 18:24 utc | 3
What ever software language these are programmed in (my guess is C) the compilers still exist for it as do the translation from the human readable code to the machine code for you. Of course the code could be assembler but writing assembly code for a 286 is far easier than writing it for say an i9 becuase the CPU is so much simpler and has a far smaller set of instructions to work with.
Posted by: BraveNewWorld | Sep 3 2019 18:35 utc | 4
It was a hyperbole.
I might be another one, but left them behind as fast as I could. The last time I had to deal with it was an embedded system 1998-ish. But I am also retiring, and so are thousands of others. The problems with support of a legacy system are legend.
Posted by: Choderlos de Laclos | Sep 3 2019 18:52 utc | 5
Thanks for the demise of Boeing update b.
I commented when you first started writing about this that it would take Boeing down and still believe that to be true. To the extent that Boeing is stonewalling the international safety regulators says to me that upper management and big stock holders are being given time to minimize their exposure before the axe falls.
I also want to add that Boeing's focus on profit over safety is not restricted to the 737 Max but undoubtedly permeates the manufacture of spare parts for the rest of the their plane line and all else they make.....I have no intention of ever flying in another Boeing airplane, given the attitude shown by Boeing leadership.
This is how private financialization works in the Western world. Their bottom line is profit, not service to the flying public. It is in line with the recent public statement by the CEO's from the Business Roundtable that said that they were going to focus more on customer satisfaction over profit but their actions continue to say profit is their primary motive.
The God of Mammon private finance religion can not end soon enough for humanity's sake. It is not like we all have to become China but their core public finance example is well worth following.
Posted by: psychohistorian | Sep 3 2019 18:56 utc | 6
So again, Boeing mgmt. mirrors its Neoliberal government officials when it comes to arrogance and impudence. IMO, Boeing shareholders's hair ought to be on fire given their BoD's behavior and getting ready to litigate. As b notes, Boeing's international credibility's hanging by a very thin thread. A year from now, Boeing could very well see its share price deeply dive into the Penny Stock category--its current P/E is 41.5:1 which is massively overpriced. Boeing Bombs might come to mean something vastly different from its initial meaning.
Posted by: karlof1 | Sep 3 2019 19:13 utc | 7
Arrogance? When the money keeps flowing in anyway, it comes naturally.
Posted by: bjd | Sep 3 2019 19:22 utc | 8
This article is part of an ongoing series of dispatches from Moon of Alabama
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
You must be joking, right?
If this is the case, the problem is unfixable: you can't find two competent software engineers who can program these dinosaur 16-bit processors.
Posted by: Choderlos de Laclos | Sep 3 2019 18:15 utc | 1