From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!feeder.eternal-september.org!2.eu.feeder.erje.net!4.us.feeder.erje.net!feeder.erje.net!feeder.usenetexpress.com!feeder-in1.iad1.usenetexpress.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!news.giganews.com.POSTED!not-for-mail NNTP-Posting-Date: Mon, 22 Apr 2019 14:36:04 -0500 Subject: Re: Boeing 737 and 737 MAX software Newsgroups: comp.lang.ada References: <8736mwi257.fsf@nightsong.com> <2590d3d8-5f91-4f59-897e-e0c9b7e1b5ca@googlegroups.com> <5f483f72-9213-4c63-b3f9-7150fc4e455f@googlegroups.com> <03d33940-85e9-4fc9-9f2b-2b43f2cfd6af@googlegroups.com> <47a71ba7-38cb-426b-8dad-564f08afbcb2@googlegroups.com> From: Norman Worth Date: Mon, 22 Apr 2019 13:36:03 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.4 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Message-ID: X-Usenet-Provider: http://www.giganews.com X-Trace: sv3-Kz9hK9kv9tXOPST6hQ/kore+5g4+Myoj8CFpBG0Ijcx/W0v3diht8JNkFtcZ+qubrd7DFvhAOL3gQmU!1zPMKdEhHBI9HO5of7BNnPJiihkSJzDSWP0fbONZV34woylV9xKJQDtGyA8WBz48kBefSSIYodht X-Complaints-To: abuse@giganews.com X-DMCA-Notifications: http://www.giganews.com/info/dmca.html X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.40 X-Original-Bytes: 3450 Xref: reader01.eternal-september.org comp.lang.ada:56173 Date: 2019-04-22T13:36:03-06:00 List-Id: Dennis Lee Bieber wrote: > On Thu, 18 Apr 2019 06:53:10 -0700 (PDT), tranngocduong@gmail.com declaimed > the following: > >> >> a) Ada was used but programmers have chosen a wrong (too relaxed) subtype, or other language was used and programmers failed to code whatever equivalent to raising and handling a CONSTRAINT_ERROR. Simply: software bug. >> > > The common action on any exception is to log it (in flash memory) and > /restart/ the FMS software. Restarting likely includes synchronizing with > the second FMS -- but after such a synchronization, aircraft control would > have been given to the primary FMS; which likely would have almost > immediately produced an exception and.... repeat until the pilots manually > switch control to the second FMS processor. > >> b) Contrary to general belief, the software was not programmed with multiple redundant computation. Simply: process failure. >> >> I chose to believe a). > > It is most likely a variant of B. MCAS was supposed to nudge the > aircraft attitude when it sensed a potential stall condition from just AoA > (airflow angle against the wings) with no concern for air speed; > pre-existing air speed computations were not changed by the addition of > MCAS (couldn't have been if MCAS can be manually disabled in flight). > Without the (formerly optional) hardware, this becomes a single sensor > matter -- and one which can not be detected as faulty (while each FMS may > have had its own sensor, during a disagreement, the primary FMS likely > pushes /its/ computed aircraft state to the secondary FMS which is supposed > to start computations from those values; probably diverging again until the > next sync interval -- get enough of these divergences and the secondary > might be the one to shut down; the FMS displays might show "SINGLE FMS" > mode]) > > A good programming language will not compensate for a bad system design!