From: russ lyttle <lyttlec@removegmail.com>
Subject: Re: Boeing 737 and 737 MAX software
Date: Sun, 28 Apr 2019 14:27:29 -0400
Date: 2019-04-28T14:27:29-04:00 [thread overview]
Message-ID: <qa4rag$mcf$1@gioia.aioe.org> (raw)
In-Reply-To: A4edne4sONw5iiPBnZ2dnUU7-RGdnZ2d@giganews.com
On 4/22/19 3:36 PM, Norman Worth wrote:
> Dennis Lee Bieber wrote:
>> On Thu, 18 Apr 2019 06:53:10 -0700 (PDT), tranngocduong@gmail.com
>> declaimed
>> the following:
>>
>>>
>>> a) Ada was used but programmers have chosen a wrong (too relaxed)
>>> subtype, or other language was used and programmers failed to code
>>> whatever equivalent to raising and handling a CONSTRAINT_ERROR.
>>> Simply: software bug.
>>>
>>
>> The common action on any exception is to log it (in flash memory) and
>> /restart/ the FMS software. Restarting likely includes synchronizing with
>> the second FMS -- but after such a synchronization, aircraft control
>> would
>> have been given to the primary FMS; which likely would have almost
>> immediately produced an exception and.... repeat until the pilots
>> manually
>> switch control to the second FMS processor.
>>
>>> b) Contrary to general belief, the software was not programmed with
>>> multiple redundant computation. Simply: process failure.
>>>
>>> I chose to believe a).
>>
>> It is most likely a variant of B. MCAS was supposed to nudge the
>> aircraft attitude when it sensed a potential stall condition from just
>> AoA
>> (airflow angle against the wings) with no concern for air speed;
>> pre-existing air speed computations were not changed by the addition of
>> MCAS (couldn't have been if MCAS can be manually disabled in flight).
>> Without the (formerly optional) hardware, this becomes a single sensor
>> matter -- and one which can not be detected as faulty (while each FMS may
>> have had its own sensor, during a disagreement, the primary FMS likely
>> pushes /its/ computed aircraft state to the secondary FMS which is
>> supposed
>> to start computations from those values; probably diverging again
>> until the
>> next sync interval -- get enough of these divergences and the secondary
>> might be the one to shut down; the FMS displays might show "SINGLE FMS"
>> mode])
>>
>>
> A good programming language will not compensate for a bad system design!
Been trying to convince management of that for almost 50 years. No luck.
next prev parent reply other threads:[~2019-04-28 18:27 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-05 21:16 Boeing 737 and 737 MAX software Paul Rubin
2019-04-06 1:16 ` Jere
2019-04-06 19:05 ` Paul Rubin
2019-04-18 22:04 ` Paul Rubin
2019-04-19 9:13 ` tranngocduong
2019-04-06 17:30 ` Dennis Lee Bieber
2019-04-06 18:45 ` Niklas Holsti
2019-06-28 23:45 ` Paul Rubin
2019-06-29 2:52 ` Dennis Lee Bieber
2019-06-29 3:38 ` Paul Rubin
2019-06-29 16:29 ` Dennis Lee Bieber
2019-08-07 6:06 ` robin.vowels
2019-11-08 1:12 ` Paul Rubin
2019-11-08 15:32 ` Dennis Lee Bieber
2019-11-18 11:16 ` robin.vowels
2019-11-18 15:32 ` Optikos
2019-04-12 7:46 ` tranngocduong
2019-04-12 22:15 ` Dennis Lee Bieber
2019-04-17 17:27 ` Maciej Sobczak
2019-04-18 9:45 ` tranngocduong
2019-04-18 12:44 ` Maciej Sobczak
2019-04-18 13:53 ` tranngocduong
2019-04-18 15:13 ` Niklas Holsti
2019-04-18 16:21 ` tranngocduong
2019-04-18 18:20 ` Niklas Holsti
2019-04-20 0:29 ` tranngocduong
2019-04-18 20:36 ` Randy Brukardt
2019-04-18 20:51 ` Paul Rubin
2019-04-18 20:20 ` Paul Rubin
2019-04-18 16:39 ` Dennis Lee Bieber
2019-04-19 2:39 ` Dennis Lee Bieber
2019-04-22 19:36 ` Norman Worth
2019-04-28 18:27 ` russ lyttle [this message]
2019-04-18 13:50 ` Simon Wright
2019-04-18 15:07 ` tranngocduong
2019-05-05 14:29 ` robin.vowels
2019-05-06 13:54 ` robin.vowels
2019-05-06 15:12 ` Dennis Lee Bieber
2019-08-07 5:51 ` robin.vowels
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox