Design Flaw Identified in FIU Bridge Collapse

Back on Mar. 15 of this year, a new pedestrian bridge across a busy highway running through the Florida International University campus suddenly collapsed, killing six people and injuring eight more.  The bridge was fabricated as a single long concrete truss consisting of upper and lower decks connected by a series of diagonal and vertical struts.  Trusses are familiar elements of steel-bridge construction, but there are special design issues involved in making a truss out of concrete.  And according to an update issued by the U. S. National Transportation Safety Board (NTSB) on Nov. 15, it looks like someone may have made a fatal error in part of the design.

When we blogged on this accident back in March, it was already known that some cracks had shown up at the north end where the northernmost vertical member and the adjacent diagonal strut went into the bottom deck.  At the time, the construction supervisors held a meeting about the cracks, but the NTSB has successfully prevented publication of the meeting minutes before their final report on the accident can be issued, which probably won't be till some time next year.  The Miami Herald reports that after the meeting, a construction worker was sent out to tighten tension rods inside the diagonal strut.  This worker appears to be the one who died when the bridge collapsed.

The modern civil engineer has abundant design resources at his or her disposal:  computer-aided modeling and stress calculations, three-dimensional visualization and planning tools, and other computational aids that take a lot of the former drudgework out of mechanical and civil engineering design.  Such aids have made possible many recent designs that would have been difficult or impossible to create using the old manual slide-rule and design-table approaches. 

But even with all the computer assistance in the world, the information about a given design has to be understood and checked by human beings.  That is why most public civil engineering projects must have their designs approved by a registered professional engineer (PE), whose stamp or signature appears on the drawings.  That stamp puts the reputation of the engineer on the line:  it is a guarantee that the design will do what it's intended to do. 

Long chains of reasoning and responsibility lie behind every decision to approve a set of drawings.  Those chains may pass from person to person, or from computer output to person.  Computer-aided calculations answer such questions as, "If this particular junction of a strut and a vertical member is under that kind of stress, will it be able to withstand the stress with a reasonable margin of safety?"  Given that the inputs to tried and tested software are correct, the software should give the correct answer, assuming that the person using the software knows how to use it and interpret the results correctly.  Furthermore, the chain of engineering integrity requires that when the PE responsible for the overall design, the person whose stamp of approval appears on the plans, asks underlings if this or that part of the design is good, the underlings must give an honest answer.  And the PE must trust that answer, or rather, the persons answering for the integrity of the plans.

In any human organization, there is always the possibility of error.  Sometimes errors can be traced to a particular person, and sometimes they can't.  The NTSB has made sure that all available sample materials from the wreckage of the FIU bridge were tested to see whether they met the minimum specified strength and other standards.  And so far the results are all positive, so it doesn't seem that the collapse can be based on defective materials. 

The death or injury of bystanders in a bridge collapse is a tragedy regardless of whether the accident could have been prevented or not.  But if a design flaw really is the reason for the collapse, it will be ironic that the design, which has been termed "unorthodox" in the Herald report, was before its installation a point of pride for FIU's civil engineering program, which specializes in accelerated bridge construction of the type that was used on this bridge. 

Back when universities were smaller and more personal institutions, engineering faculty members would sometimes contribute their professional expertise to campus projects, helping in the design of new buildings or consulting professionally with regard to campus technical issues.  The FIU civil engineering professors do not appear to have been personally involved in this particular design, however, other than to give their informal approval of the general approach and construction methods.  In fairness, many bridges have been successfully built using on-site accelerated bridge construction, which does not appear to be implicated in the collapse.  But in this case, it might have been a good idea to have qualified faculty members go over the plans, and they might have caught any errors that contributed to the collapse.

However, that is not the way most universities operate these days.  Each professor has his or her own irons in the research and teaching fires that are lit under them, and to ask one of them to stop what they're doing and check some plans for a new building or bridge would be regarded as an unfair imposition on their time, and rightly so.  They might reply that there are professionals being paid to do that, and they would be correct.

But when professionals are paid to do a job, it's up to them to do it right.  According to the latest update from the NTSB, someone (or possibly something, if we include computers) failed in that responsibility.  And physical objects are not forgiving.  The warning signs were there:  cracks in the location that subsequently failed.  We hope that the NTSB will use the embargoed meeting report to figure out what went wrong, not only in the original design, but also in the management process that led to the fatal decision to try tensioning the strut without stopping traffic underneath the bridge.  But until the final report on the accident is issued, this accident stands as a reminder to everyone who deals with technology that could kill or injure someone—a reminder that the lives of innocent people depend on how well you do your job.

Sources:  The NTSB update of Nov. 15, 2018 can be found at https://www.ntsb.gov/investigations/AccidentReports/Reports/HWY18MH009-investigative-update2.pdf.  I also referred to the Miami Herald report on the update carried at https://www.miamiherald.com/news/local/community/miami-dade/article221706575.html.  My original blog on this accident at http://engineeringethicsblog.blogspot.com/2018/03/the-fiu-bridge-collapse-more-questions.html had an incorrect date for the accident, which has now been corrected.

Some Answers About the Panhandle Cornfield Meet of 2016

A “cornfield meet” in railroad parlance is a head-on collision between two locomotive engines.  Needless to say, such occurrences are avoided if at all possible.  But on the morning of June 28, 2016, two freight trains collided head-on in the Texas Panhandle, killing three people and causing an estimated $16 million in damage.  At the time I blogged about it, the only information available was news reports.  A few weeks later, the National Transportation Safety Board (NTSB) issued a preliminary report on the accident.  While the NTSB has not made public any additional data on the accident since then, the preliminary report makes clear that human error was likely at fault.

           

The BNSF line through the town of Panhandle is a single-track line, and two-way traffic is managed with a series of sidings.  The dispatchers, probably in the Fort Worth regional train control center, planned to switch the westbound train to a siding near the town, where it would remain while the eastbound train passed by on the main line.  If the eastbound train arrived in the area of the siding too soon, before the westbound train had time to move completely from the main line to the siding, two signals were set along the main line west of the eastern switch, where the westbound train was going to leave the main line for the siding.  The first signal the eastbound train encountered was solid yellow, which means for the engineer seeing the signal to slow the train to a maximum of 40 MPH and be prepared to stop at the next signal.  The second signal was set to red, which forbids the engineer from moving any part of the train past the red signal. 

So the plan was for the eastbound train to slow down at the yellow signal and stop at the red signal, while the westbound train arrived at the eastern switch and eventually cleared the main line by running onto the siding.

What happened instead was this.  Before the dispatchers had a chance to change the eastern switch from the main line to the siding, the eastbound train passed the yellow signal on the main line going at 62 MPH and the red signal at 65 MPH, heading through the switch on the main line straight for the westbound train.  When the engineer on the westbound train saw what was happening, he managed to jump from the cab.  But his conductor died in the resulting crash, as well as the engineer and conductor on the eastbound train.  The NTSB report somewhat ruefully notes that positive train control (PTC) was scheduled to be installed on this section of track later in 2016, although planned PTC installations have suffered repeated delays in the past.

PTC is a semi-automated system that promises to reduce the chances for human error in train operations.  A PTC system would have figured out that the two trains were heading toward a collision and would have at least slowed them down, if not preventing the accident entirely.  As it stands, the physical evidence points responsibility for the accident toward the crew of the eastbound train, as they failed to respond to the clearly visible yellow and red signals in time. 

We may never know what distracted them, but people make mistakes from time to time.  And some mistakes exact a fearful penalty. 

While even one death due to preventable causes is a tragedy, some context to this accident is provided by a slim volume I have on my shelves:  Confessions of a Railroad Signalman, by James O. Fagan, copyright 1908.  It was written at a time when railroad-related fatalities (passengers and railroad employees combined) were running at about 5,000 a year, a much higher rate per train-mile than today.  Fagan’s concern was that railroad employees of his day had to deal with on-the-job pressures that encouraged them to take risks and shortcuts that flouted the rules, and that the management system was ill-equipped to discipline misbehaving employees. 

While much has changed in railroading since 1908, any system that relies on a human being’s alertness can still fail if the person’s attention flags.  And that seems to be what happened outside Panhandle, Texas on that summer morning in 2016. 

If and when PTC is installed on most stretches of U. S. railways, the hope is that fatal and costly accidents will decline to even lower levels than what we see today.  The limiting factor after that will be mechanical malfunctions, perhaps, or dispatching errors at a high enough level to overrule the PTC system.  In any case, we can expect rail travel and shipping to be even safer than it is now, which compared to 1908 is pretty safe already.

Machines and systems are deceptively solid-looking.  It doesn’t seem possible that thousands of tons of steel rolling stock and rails can change very fast.  But the way it’s used can change, and PTC promises to do that.  Eventually, I suppose that the nation’s entire rail system will be run by computers and will resemble nothing so much as a giant version of a tabletop model train, running smoothly and without collisions or hazards.  Of course, automobile drivers will still manage to stop on grade crossings and people will walk on train trestles, so those types of accidents can’t be prevented even by PTC.  To eliminate those types of accidents, we’d have to tear up the whole system and rebuild it the way the English built their rail systems from the start:  fenced-off railroad property, virtually no grade crossings (tunnels and bridges instead), and other means to keep people and trains permanently separated. 

But I suspect we as a society are not that exercised to eliminate the last possible railroad fatality from the country.  So instead, we will enjoy whatever benefits PTC brings along and hope that we personally can stay out of the way of the trains. 

And modern-day cornfield meets will at last join their ancestors as a historic footnote, a quaint disaster that simply can’t happen anymore.  Like soldiers dying on the last day of a war, the crew members who died in the 2016 accident may be among the last to depart in that singularly violent way.  But for those of us who remain, and whose continued survival depends on our being alert, whether behind the throttle of a locomotive or the wheel of a car, this story is a good reminder to keep awake and pay attention.

Sources:  The NTSB report on the June 28, 2016 Panhandle, Texas accident can be found in the agency’s listing of railroad incident reports at https://www.ntsb.gov/investigations/AccidentReports/Reports/DCA16FR008-PreliminaryReport.pdf.  For those with a certain type of morbid curiosity, there is a collection of silent movies of three or four intentionally-staged cornfield meets between steam locomotives that can be viewed on YouTube at https://www.youtube.com/watch?v=CMpdpgZxt78.  Confessions of a Railroad Signalman was published by Houghton-Mifflin. 

Too Fast and Too Slow: The Washington State Derailment and Positive Train Control

After more than a decade of planning and construction, a new section of track was opened for Amtrak passenger service south of Tacoma, Washington on Dec. 18, 2017.  The old route that Amtrak trains used to take went northwest from Tacoma along the coast of Puget Sound, around a peninsula named Point Defiance, and then down the coastline several miles until it crossed Interstate 5 south of the small town of DuPont and headed south inland.  The new shorter route uses a bypass track that goes southwest of Tacoma and hugs I-5 for the rest of the distance, crossing the interstate south of DuPont.  There is a long stretch of fairly straight track just north of I-5 past a golf course before the track makes a sharp left turn to the south to cross the bridge over the freeway.

The problem with the old route was that a number of sharp turns and single-track tunnels slowed the Amtrak passenger trains down, making the Point Defiance section something of a bottleneck.  The project map on the Washington State Department of Transportation website for the Point Defiance bypass bragged that the top speed allowed on the new route would be 79 miles per hour.

Rail fans and others interested in passenger rail transportation made plans to be on Amtrak 501 as it left the station in Tacoma on the new route.  The engineer, whose name has not yet been released, was training another railroad employee who rode with him in the cab. 

In most parts of the U. S., trains are not operated in a completely automatic mode, although in many regions a system called Positive Train Control (PTC) is in operation.  PTC is a kind of robotic supervisory system that, among other things, constantly monitors a train's speed and intervenes if the train goes too fast for a particular section of track.  About 60% of all Amtrak trains use PTC, but in order for PTC to work, the track has to have sensors installed along it, and the Point Defiance bypass was not one of those routes.  So the engineer was solely in charge.

Around 7:25 AM, the train was running on the long stretch of straight track before the turn to the bridge over I-5.  A properly trained engineer knows what speeds are safe for which parts of a route, and knows when to apply brakes in anticipation of a lower-speed area ahead, as passenger trains can take several miles to decelerate at a rate that doesn't unduly disturb the passengers.  A video exists of what was going on in the cab in the last few seconds before the train reached the I-5 bridge.  The train was still going at the maximum route speed of 78 MPH.  Six seconds before the bridge, the engineer commented about the excesssive speed of the train, but by then it was too late.  The engine and a dozen other cars left the tracks, killing three, injuring dozens, causing numerous highway-traffic crashes (none fatal), and closing Interstate 5 for many hours.  The maximum safe speed for negotiating the turn was posted as 30 MPH.

Although the National Transportation Safety Board (NTSB) will not issue its formal report on the investigation of this disaster for many months, the preliminary evidence is pretty clear that the accident was caused by human error.  Something—possibly distraction in conversing with the trainee, possibly plain forgetfulness—made the engineer neglect to slow the train before the I-5 curve.  As numerous reports emphasized after the wreck, if the train had been using PTC, it would have automatically slowed down for the curve if the engineer had done nothing, or even if he had tried to keep the speed high.  And we have no knowledge of how many wrecks of both freight and passenger trains have been prevented by PTC, because by definition such incidents that don't injure or kill anybody don't get reported.  But it is clear in this case that the absence of PTC was a contributory cause.

Congress mandated the installation of PTC after the worst train accident in the last thirty years, a 2008 wreck caused by operator error that killed 24 people.  The original deadline for all passenger trains to be using PTC was 2015.  But as the deadline approached and railroads were lagging behind in their rate of installations—in fairness to them, due to problems with government regulation of necessary radio frequencies as well as other causes—they told Congress that if the deadline wasn't extended, they would simply shut down.  How serious this threat was, we'll never know, because Congress caved and moved the deadline to the end of 2018.  And under the current business-friendly administration, we can expect if the railroads ask for another extension, they're likely to get it.

Statistically, rail passenger travel is very safe overall, with the number of fatalities most years hovering in the single digits.  Still, nobody wants to be one of the six or seven people who get killed in a train wreck or hit by lightning—dead is dead, no matter how you go. 

A utilitarian approach to the issue of PTC and passenger trains might conclude that, hey, given the low number of fatalities, let's just allow things to go the way they're going, and eventually we'll have PTC everywhere and we won't have to worry about it.  But the expense per life saved is so high with railroads that we'd be better off using political and monetary capital fighting automobile traffic accidents or promoting self-driving cars.

That's one approach.  But another approach says, "Look, here's this technological fix that will cost the railroads money and trouble, but will almost completely eliminate what is the last major remaining cause of railroad passenger fatalities:  human error.  Let's bite the bullet and make a special effort, even spend some extra money, to fix this thing once and for all."  Maybe that's the engineering approach, or even the perfectionist approach (many engineers have perfectionist tendencies).  Yes, the absolute numbers of fatalities are small.  But deaths in a train wreck share with deaths in plane crashes a peculiar horror, in that you are completely bereft of control of the situation.  And in the case of train fans who simply wanted to experience a new route for the first time and ended up paying for their hobby with their lives—well, some ironies are too much to contemplate.  I have a good friend who, if he was not otherwise engaged that day, might well have been on that train, because he simply likes to ride trains.

Better training (pardon the pun) of engineers and faster completion of the installation of PTC are needed.  And maybe if these things happen, this will be the last fatal accident involving train passengers for a long time.

Sources:  I referred to several news items on the accident, including CBS News at https://www.cbsnews.com/news/amtrak-derailment-dupont-washington-video-shows-crew-not-using-electronic-devices/, a government-run transportation statistics site at https://www.rita.dot.gov/bts/sites/rita.dot.gov.bts/files/publications/national_transportation_statistics/html/table_02_42.html, a Washington State Department of Transportation map of the bypass route at https://www.wsdot.wa.gov/Projects/Rail/PNWRC_PtDefiance/Map.htm, and a report giving the time of the crash at https://www.washingtonpost.com/news/dr-gridlock/wp/2017/12/18/amtrak-train-derails-in-washington-state-rail-cars-fall-onto-interstate-5/. 

Hot-Air Ballooning Needs Down-to-Earth Regulation

On the morning of Saturday, July 30, 2016, a group of sixteen people gathered in a Wal-Mart parking lot in Central Texas before sunrise for what they hoped would be a thrilling and memorable experience.  Several of them were married couples or newlyweds.  Ross and Sandra Chalk were 60 and 55 but recently married, while John and Stacee Gore were both in their 20s and celebrating their third wedding anniversary that week.  Others showed up as a result of a birthday present given by a loving friend or relative.  All fifteen passengers were trusting balloon pilot Alfred Nichols to take them up in his hot-air balloon, give them a wonderful experience, and return them safely to earth.  But two out of three wasn't going to be good enough.

As often happens on summer mornings in this part of Texas, low clouds drifted through the sky.  But after a short delay, Nichols decided to fly anyway, and around 7 AM, shortly after sunrise, the balloon took off with fifteen passengers and the pilot.

Photos taken during the flight show patchy clouds and fog beneath the balloon.  Evidently Nichols decided to land near Maxwell, Texas, about forty miles southeast of Austin.  Utility-company records show that at 7:42 AM, something happened to trip a protective relay on a high-voltage transmission line crossing a cornfield.  First responders soon discovered that the balloon became entangled in the transmission line, caught fire, and crashed, killing all sixteen people aboard, including Nichols.  This was the worst balloon crash ever in the U. S., in terms of fatalities, and subsequent investigations have revealed some unsavory facts about Nichols and about the industry in general.

At a hearing held Friday, Dec. 9 in Washington, D. C., the National Transportation Safety Board (NTSB) presented documentation and evidence about the crash, which is still under investigation.  Toxicology reports show that Nichols had seven different prescription drugs at detectible levels in his body.  Prior to the crash, he had been convicted in Missouri of four charges of driving while intoxicated, and at the time of the crash was not allowed to drive a car in Texas.  Nevertheless, he held a valid commercial balloon pilot certificate.  Weather reports from the day of the crash show that the cloud ceiling had lowered to only 700 feet at the time of launch, and other balloon pilots present at the hearing agreed that they would not have flown under such conditions.  Nichols appears to have been a disaster waiting to happen.

We may be seeing a pattern that is all too familiar:  a new activity or business arises with no or minimal regulation, a tragedy results in headline-grabbing deaths, and only after the tragedy laws are amended to more properly regulate the activity or business.  Although hot-air balloons were the first form of human flight to be invented back in the 1700s, balloon rides were so infrequent, and the number of people involved so small, that a light-handed regulatory environment seemed to have sufficed for decades.  But this tragedy may mark the point at which regulations will catch up with the larger volume of customers taking rides in larger balloons that present a greater danger to more people than ever. 

The Federal Aviation Administration (FAA), recognizing these dangers, has established regulations for commercial hot-air balloon pilots, and makes them undergo rigorous tests, both on paper and practical ones in a working balloon.  But beyond that, pilots are largely left on their own to follow the elaborate advice in the 252-page Balloon Flying Handbook issued by the FAA.  Most commercial balloon operations are small, like the one-man show that Nichols ran, and lack the natural supervision that working for even a small charter-plane company would entail.  The solo nature of balloon flying, plus the fact that the same person piloting the balloon is probably the one who stands to profit the most if a full-capacity flight goes forward in hazardous conditions, means that there are built-in conflicts of interest in this type of flying that are not faced by pilots who work for major airlines, for example.  For this reason alone, one would hope that regulatory oversight would be at least as rigorous as it is for commercial charter-flight pilots of fixed-wing aircraft, not less.  As it is, however, there are not even any reliable statistics on how many flight hours are logged by commercial balloon pilots in the U. S., as some public-health experts researching the problem found in 2013. 

Part of the problem is that the regulatory question is caught in a turf war between the NTSB, which investigates transportation accidents of all kinds, and the FAA, which issues flight safety regulations and requirements for both flight equipment and pilots.  The NTSB has been pushing for tighter balloon-pilot regulations for years, but the FAA has so far refused to act, trusting to private balloon-pilot organizations to do self-enforcement.  In Nichols' case, at least, this kind of enforcement failed.

It's all very well to publish books of regulations and advice, but if enforcement is left solely up to the person who also stands to profit personally if the rules are flouted, the FAA is guilty of putting too much trust in fallible human nature.  Something along the lines of periodic background checks and even surprise drug tests should be implemented for commercial hot-air balloonists who take the lives of others into their hands.  Commercial balloons can carry as many as 32 passengers, and newspaper reports have pointed out that many charter and common-carrier fixed-wing aircraft don't carry that many passengers.  The bottom-line purpose of flight regulation is to protect the lives of passengers, and the FAA's creaky system for doing that for hot-air balloon riders crashed along with the sixteen people who lost their lives on that summer day.

Balloons tend to be associated in the public mind with fun, frivolity, and pleasant times.  The balloon Nichols was piloting had a big smiley face with sunglasses painted on it.  If people are going to continue to ride balloons for pleasure, we should make sure that they aren't putting their lives into the hands of someone who can't drive them to the takeoff point because of drunk-driving convictions.  I hope the FAA and the NTSB can work out their differences to revise hot-air ballooning regulations and policies so that the tragic crash last summer is the last one of that magnitude for a long, long time.

Sources:  I referred to reports of the NTSB hearing held Dec. 9, 2016 on the San Antonio Express-News website at http://www.mysanantonio.com/news/local/texas/article/NTSB-holds-hearing-on-balloon-crash-that-killed-10777463.php and KXAN-TV at http://kxan.com/2016/12/09/witnesses-recall-lockhart-hot-air-balloon-crash-that-killed-16/and http://kxan.com/2016/10/07/hot-air-balloon-regulations-unchanged-despite-deadly-crash/.  The paper "Hot-Air Balloon Tours:  Crash Epidemiology in the United States, 2000-2011" by S.-B. Ballard, L. P. Beaty, and S. P. Baker, was published in Aviation Space and Environmental Medicine in 2013 in vol. 84, pp. 1172-1177, and is available online at 

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4888601/

  The FAA's "Balloon Flying Handbook" is available as a download at https://www.faa.gov/regulations_policies/handbooks_manuals/aircraft/media/FAA-H-8083-11.pdf.

High Time for Satellite Tracking of All International Flights

This coming March 8 will mark one year since Malaysia Airlines Flight 370 disappeared from radar en route from Kuala Lumpur to Beijing somewhere over the Indian Ocean.  The wreckage has never been found, although communications experts used some almost accidental satellite-transponder data to estimate the last known location of the plane.  At the time, I recall thinking that if I was an airline and owned a number of high-value mobile assets known as airliners, I would want some way of knowing where each one was every minute or so, anywhere in the world.   After all, the technology for tracking the much cheaper assets called semi-trailer trucks has been around for years.  The little white domes on truck cabs report minute-by-minute locations to a data center where operators can pay a monthly fee to any one of a number of firms to keep tabs on shipments, and truck drivers too, for that matter.  But there is no international requirement for airlines to do the same.

Last week, the U. S. National Transportation Safety Board (NTSB) waded in with a recommendation for all passenger airliners to be equipped with improved location technology.  The board admitted it was motivated partly by Flight 370's disappearance, and called both for improvements in in-flight tracking and in "black-box" technology. 

The in-flight tracking part seems to be pretty straightforward technologically.  It would operate more or less the same way as the truck-tracking system.  Every minute or so, a GPS receiver on the plane would send its location to a satellite in view, and the satellite would relay that information to a data center, where it would be logged and made available in the event of an incident of interest.  The only slightly tricky part would be identifying which satellite to use.  But there are already geostationary satellites in orbit such as Inmarsat which provide virtually world-wide coverage, and the missing bits of Earth near the poles could be made up for by linking to numerous low-earth-orbit satellites in polar orbits. 

The technology is not nearly so much a hurdle as the cost and the peculiar structure of international aviation regulations.  The NTSB's recommendations went to the U. S. Federal Aviation Administration, and if the FAA adopts them they will be obligatory for all U. S. airlines—but nobody else.  Because the U. S. operates only a fraction of international flights over large bodies of water where the technology would be most useful, the idea will not succeed without international cooperation, and that means the International Civil Aviation Organization, or ICAO.

The ICAO is a United Nations body in charge of international standards for, well, civil aviation, as you might expect.  As such, its rulings have no force of law in individual countries unless the countries' own aviation regulations require that its carriers follow ICAO rules as well, which most do.  It was a 2008 ICAO ruling, for example, that required all air traffic controllers and flight crew members involved in international flights to be proficient in English.  I'm rather surprised that it took until 2008, but after all, everything takes a while at the UN.

The question is whether and when the ICAO might follow the NTSB's lead if the NTSB prevails with the FAA to make international-flight GPS tracking mandatory.  Enough alphabet soup for you?  The whole process—from tragic accident to technical recommendations to changes in laws and regulations—is typical of how safety technology develops in coordination with regulations requiring its use.  And the regulatory part is particularly tricky when it involves spending money.  The requirement that pilots speak English can be met by changing hiring practices, but GPS tracking will involve both up-front and ongoing expenses for new hardware—which itself needs to be standardized somehow—and rental fees to the commercial firms that operate the satellite transponders used to convey the location data.  Fortunately, we are not talking about large bandwidths here—the equivalent of a single cellphone text message every minute or so would be sufficient.  But coordinating all this will take some doing, and coordination of any kind at the level of the ICAO is a challenging and slow-moving process at best.  If they took till only seven years ago to agree on a common language for radio communications from international flights, the ICAO isn't going to churn out new GPS-location rules overnight, you can be sure. 

The other part of the NTSB recommendations concerns the nature of the onboard flight data recorders.  Now that video cameras and recording equipment are so inexpensive, the NTSB says we should have cockpit video as well as audio recorders, and that controls for the entire system should be inaccessible from the cockpit.  (There is some suspicion that the radar-transponder system of Flight 370, which works only within range of ground-based tracking radars, was intentionally disabled by the pilot.)  Also, the NTSB floated the idea (so to speak) that the flight recorders should be housed in buoyant housings and ejected upon impact so that they can remain on the surface, where their radio signals could be more easily received than the limited-range and limited-time sonar emissions that the units currently send out underwater. 

All these are good ideas, and if the FAA adopts them they will make an already safe U. S. air-travel system even safer, or at least increase the likelihood of finding any flights that go down in deep water.  And the information from such accidents is always valuable in preventing the next one, whether it was caused by mechanical failure, human error, or evil intent.

Nevertheless, I am not going to be holding my breath until the ICAO follows suit.  You would think that the international carriers themselves would have adopted something similar to the truck-tracking systems years ago, but there may be a mentality in place that makes such a system seem unnecessary because of the vanishingly small number of incidents in which it would turn out to be useful.  But once GPS tracking for international flights is in place, I bet folks find other uses for it, for things like fuel-economy efforts and even weather tracking.  But first, the ICAO has to get in gear, so stay tuned.

Sources:  The article "NTSB:  Planes Should Have Technologies So They Can Be Found" by Joan Lowy of the Associate Press was carried by numerous outlets, including ABC News on Jan. 22 at http://abcnews.go.com/Politics/wireStory/ntsb-planes-technologies-found-28409934.  I also referred to Wikipedia articles on Malaysia Airlines Flight 370, Inmarsat, and the ICAO.

Addendum Feb. 1:  Edwin Doetzal wrote me on Jan. 31 as follows:

"Your analysis of MH370 contained a couple issues:
Airliners do often have SATCOM tracking 'like trucks'.  On MH370, this system was turned off along with the radio transponder.
ADS-B is the new satellite based air traffic control system that will replace the radio based air traffic control system and is already being implemented through efforts by NAVCanada and ICAO.
What is currently in discussion are new systems such as AFIRS that would stream amounts of data automatically or by trigger in an emergency as well as explosive jettisoned FDR/CVR units.  Knowing where an aircraft was is of course not enough without the detailed DAQ information that might explain why the emergency happened and what action was taken by the flight crew.  A truck's limited DAQ can be retrieved from the ditch.  Please be assured that an airliner is a much more sophisticated system than a truck.
It was somewhat troubling to see such an article on an 'engineering ethics' blog.  With respect, it would seem that you are speaking outside your professional scope.  A retraction would appear appropriate.
Regards,

Edwin Doetzel

Lay Person"

It was careless of me to imply that airliners had no such tracking systems, and I apologize
for leaving that impression.  In the space I had, I meant to concentrate not so much on the technology as on the international coordination that would be needed to implement it uniformly so that flights such as MH370 would not slip through the cracks.  My thanks to Mr. Doetzel for the correction.