AircraftNews.Com

There has been a deafening silence in the general press about the AF 447 tragedy of recent times. What with drones running round in various places bombing baddies with the occasional bit of collateral damage generally agreed to be regrettable by the responsible (what a way to use the word) parties and regular suicide bombings not to mention ferries turning over and NSW Cabinet Ministers being laid low by spurned lovers it does not take long for even such a monumental tragedy to fade into the background but those of us who fly are worried and will not rest until some sense can be made of it.
At present the official position is that we do not know the cause but suspect a perfect storm of events starting with a sensor failure led to a loss of control. The more time passes the more this seems pretty thin. If this could be the case then thousands are daily in danger. I expect that behind the scenes this is being taken very seriously and I also suspect that given the propensity for litigation currently prevailing loose lips sink financial ships is guiding the dissemination of information i.e. what you don’t know wont hurt you (or more accurately in some cases wont hurt the company).
It seems we have reached the point predicted frequently by experts where systems too complicated to be completely analyzed have been created and are in daily world wide service.
In the design philosophy of the Airbus et al a very serious effort has been made to build in protection by redundancy but as reports come in more and more evidence of startling failures emerges of the type which warrant drastic action.
I have collected reports of a total of 52 incidents in which malfunctions of automated flight systems with computers at their core have created situations where there was a serious risk of the loss of an aircraft and all aboard. As my research has not been exhaustive likely ther are many more. Two of these situations did lead to the loss of aircraft. In one case, the crash of a B2, the crew were able to eject but the bomber worth about $250 mil was lost while in the other case – AF 447, the aircraft and all on board were lost.
Why are we continuing to fly them? In the case of the Air force and B2s the failure was diagnosed and corrected but in the case of the AF447 it is clear that in actual fact the risks are regarded as acceptable in the face of the cost of the only rational action which is to stop using these aircraft till we understand what is going on. Or am I just just being alarmist?

Governments and Industry Ignored Warning Signs
Letter from John T Halliday
To: The Honorable Robert A. Sturgell, Acting FAA Administrator
Copy: European Aviation Safety Agency
Subject: NTSB Safety Recommendation
Date: July 22, 2008
On January 25, 2008, a United Airlines A320 lost three of six cockpit electronic flight displays after takeoff from Newark as the plane headed for downtown New York. The landing gear would not retract, all radios died, the overhead systems panel went blank. The emergency attitude indicator failed. The copilot testified, “If Newark had fog, and my attitude indicator had not recovered, we could have crashed.” Airbus reports 49 similar incidents — 17 when five or six displays blanked. 7 planes lost all flight displays. The UK Air Accidents Branch examined 14 display-blanking incidents. The NTSB believes these multiple losses create challenging situations. The United pilots reported multiple scrolling failure messages with corrective actions the computer removed so quickly, they were unable to interpret them. Blanking of flight displays coupled with systems failures is a significant safety risk because of increased pilot workload. Airlines have not informed their pilots, nor provided training. Crew attempts to troubleshoot these unusual problems may even lead to loss of aircraft control.
And as the London Times wrote on July 1 of this year:
The European Aviation Safety Agency is likely to be asked why it had never taken action to remedy the trouble well known within the Airbus 330 and 340 series. ‘EASA has a legal and moral obligation to get to the bottom of this problem. If there is a defective system and the aircraft is unsafe then it should be grounded,’ said James Healy- Pratt of Stewarts Law in London. Suspicion over the air data systems on the Airbus 330 and 340 series has increased after disclosure the aircraft experienced 36 episodes similar to the one that brought Flight 447 down. We mourn the loss of these souls. Our hearts go out to their famlies. We share their sorrow and we hope the tragic loss of their loved ones sparks long-overdue change.
There were snakes on this Airbus — snakes that left no trace evidence. Can pitot tube moisture turn computers rogue, leave pilots helpless to override, and crash a plane? The Air Force gets it. The pilots of this
$1.4 billion dollar B-2 couldn’t override their rogue computer:
Stars and Stripes Report Faults Computer in Guam B-2 Crash. The crash was caused by bad data sent to flight computers from three tiny wing sensors. General Floyd Carpenter: ‘The B-2 was on takeoff when the computer falsely told pilots it was moving along the runway at 140 knots, fast enough to fly. The computer then sensed the aircraft was going into a nosedive just as pilots tried to lift the craft off the ground. The (rogue) computer then ordered the B-2’s nose to pitch up to 30 degrees. The pilots desperately tried to override the computer, but it took the aircraft into a fatal stall. The aircraft performed as designed; all systems were functioning normally.’ Replacing Airbus pitot heaters is a good shot in the dark, but they have little to do with this tragedy. Maybe the heaters did it. Maybe a software bug did it. Maybe a rogue computer. Maybe a virus. Maybe the Tooth Fairy did it. Maybe the captain and copilot decided to commit mass murder, so flew into a thunderstorm. Maybe it was Colonel Mustard in the kitchen with the knife. But if it waddles like a computer, quacks like a computer and crashes like a computer . . . We may never know what happened without those missing black boxes, but need to pay attention to the computer-generated elephant sitting on our chests. The captain that horrid night was the Little Dutch Boy, trying to jam his fingers into the leaking dike of crashing computers amid their scary screams. Only he couldn’t plug holes as fast as the computers drilled more and more. He couldn’t keep up with the runaway holes, then ran out of fingers. And the sea rushed in and consumed them — murder by computer. His computers should have been fail-safe. They were fail-deadly — more interested in saving themselves than human beings. Bottom line? Designers have built machines humans can’t control. Replacing the pitot heaters plugs just one of the dike holes that killed 228. At some point, you have to build a new dike. Dr. Jordan Grafman, Chief of Neuroscience at the National Institute of Neurological Disorders, explains: “One of the big problems about multitasking is it’s impossible to gain a depth of knowledge of any task you’re doing; you only get surface-level knowledge.” Replacing those pitot heaters amounts to giving a cancer patient aspirin. The heaters are mere symptoms of the underlying fever. Air France 447 was a massive, beyond-human-control, China Syndome, chain-reaction computer system failure that rivals the Hindenberg tragedy that marked the end of hydrogen-filled airships. The question is: what about this computer system’s design allowed it to pinball out-of-control and why wasn’t there a way for the pilots to stop it?
Dr. Lisanne Bainbridge, Engineering Psychologist at the University College London, helps us understand in her “Ironies of Automation”: The classic aim of automation is to replace human manual control, planning and problem solving by automatic devices and computers. The automation designers’ view is that the pilot is unreliable and inefficient, so should be eliminated. The irony is that designer errors can be a major source of operational errors. Designers computerize the easy parts of the pilot’s job and make the hardest jobs even harder, leaving pilots the toughest tasks that designers can’t think how to computerize. Designers put computers in planes because computers remember more and make quicker decisions than humans. There is, therefore, no way pilots can check in real-time if the computer is following its rules correctly. Pilots have no way to check on if what the smarter machine is doing is acceptable. So if the computer is there because human judgement and intuitive reasoning are not adequate to keep up, which decisions is the human to accept? The pilot has been given an impossible task. See http://www.huffingtonpost.com/john-t-halliday/government-and-industry-i_b_276367.html