The U. S. Federal Aviation Administration (FAA) seems to think so. Last November, the FAA lifted its order that grounded all 737 MAX aircraft for more than a year, after two fatal crashes were traced to faulty software. While the FAA's order includes mandatory fixes that appear to address most of the issues that led to the crashes, some questions remain unanswered.
In October of 2018 and again in March of 2019, 737 MAX planes crashed with the loss of all on board. As subsequent investigations proved, both disasters happened because a single faulty angle-of-attack sensor confused a piece of software called MCAS (short for Maneuvering Characteristics Augmentation System) that most pilots were unaware of. What the pilots experienced was that the plane kept trying to run itself into the ground, despite repeated attempts to right it. After the cause was known, the FAA and all other aviation administrations around the world grounded the aircraft until the problem could be fixed.
To recap the entire saga would take too long, but basically, the 737 MAX is a redesign of an older airframe with larger engines that unfortunately upset the plane's handling characteristics. Rather than undertake a complete mechanical redesign, Boeing attempted to patch up the problems with software, including the MCAS feature that was designed to avoid stalling, which the new design was prone to. But the MCAS relied upon data from small sensors on the plane's sides called angle-of-attack sensors, and wind conditions or other problems occasionally cause these sensors to malfunction. The flaw in the MCAS design was that it would be thrown off by erroneous data from only one sensor (there are two on the plane), and would then jump to the conclusion that the plane was stalling (pitched up too steeply to fly). The right thing to do in a stall is to point the nose downward, but only if you're really in a stall. As long as the sensor was defective, the MCAS kept trying to crash the plane against the pilot's efforts to keep it in the air, and twice, the MCAS won.
Operating companies were required to implement several changes before taking their 737 MAX fleets to the air again. The new MCAS software relies on both sensors, not just one, and a warning light is now required to show when the sensors disagree. When the MCAS detects a problem, it will try to right the plane only once, instead of however long the sensors tell it to. And the pilot will now be able to overpower the MCAS's attempts to nose down by pulling back on the control column. Also, more extensive pilot training in specific 737 MAX simulators is required. To add to the reassurances the FAA is trying to give that the problem really has been fixed, chief FAA administrator Steve Dickson personally piloted an upgraded 737 MAX to check on the changes himself.
What is not so clear is whether Boeing's engineering culture has changed much as a result of the most expensive grounding of a commercial aircraft type in history. Every airline that owned even one 737 MAX lost tons of money as huge investments sat on the ground, ground that also had to be paid for, because you don't just stick an idle 737 MAX in your back yard till you need it again. While Boeing has competition—the 737 MAX was designed largely to respond to Airbus's A320 inroads—a wholesale boycott of Boeing by major airlines is unlikely. However, it is notable that since December, when it became possible to fly upgraded 737 MAX planes and the FAA equivalents in most countries lifted their own grounding bans, China has yet to do so. Their reasons are unclear, but it sends a signal that carelessness like Boeing manifested in the MCAS fiasco will not be forgotten soon.
Sentiment does not come up a lot in discussions of engineering ethics, but there is a type of sentiment that tends to keep problems like Boeing's 737 MAX grounding from happening, if it is cultivated and encouraged to play its proper role. Loyalty, faithfulness, fidelity to an organization and its reputation, an esprit de corps that embodies what it means to be an engineer who wouldn't do anything to harm the company's ultimate responsibility, namely the safety and well-being of its customers—these are inadequate attempts to describe what I mean, but they approach it. Free-market absolutism tends to corrode such feelings, as do many manifestations of social media and a kind of cynicism that is easy to acquire in an age that considers four years a long time with one employer. And such feelings—that's what they are primarily, feelings—are hard to acquire if you are a short-term contract worker, as evidently some of the software engineers were who developed the original MCAS.
This is not a call to return to the good old days of lifetime employment by one firm, although other things being equal, reducing the turmoil and churn that job changes and uncertainties entail would probably make the lives of a lot of engineers easier. Job tenure is not what loyalty is about, not primarily. But while an engineer is with a particular company, there needs to be a mutual feeling that what the engineer does is the best possible job she or he can do, and what the company does is to support its engineers in doing the right thing—"right" including making enough money to stay in business as well as producing safe and reliable products.
Boeing emails and other information indicates that such feelings and the behavior they engender did not prevail in the case of the original MCAS design and the subsequent efforts to get the 737 MAX approved. Let's hope that this saga has ended with everyone involved being wiser and more dedicated to the highest ideals of engineering.
Sources: I referred to an extensive article on the 737 MAX saga at https://www.cnet.com/news/boeing-737-max-8-all-about-the-aircraft-flight-ban-and-investigations/, and the Wikipedia article "737 MAX ban."
No comments:
Post a Comment