Revelation wrote:One interpretation of what you wrote could be: In the presence of insufficient guidance from FAA on a particular set human factors, Boeing made choices that maximized its profit rather than safety, and the result is tragedy.
That would be Ralph Nader's position.
One standard that we should agree upon is that if an airplane is found in compliance to the FAA regulations than the manufacture can state that the airplane is a "safe airplane". Boeing's assertion is it followed all regulatory guidance and thus it believed the airplane to have been properly certified and thus "safe". It is only when in-service events occur and new information is brought to bear that the airplane becomes "unsafe".
The certification process which proved insufficient to address MCAS were as follows according the Joint Technical Authorities Report:
- Airplane level assessment
"...the team determined that the process did not adequately address cumulative effects, system integration, and human factors issues."
- Insufficient guidance for human factors
"The JATR team determined that some regulations, policies, and compliance methods that address safety issues related to system integration and human factors and that were available at the time of the B737 MAX certification process were not applied to the B737 MAX or were only partially applied in a way that failed to achieve the full safety benefit. In some cases, this failure to achieve the full safety benefit associated with the application of the latest compliance methods was because the FAA regulations and guidance were out of date. Another area the JATR team determined is in need of an update is the guidance concerning pilot recognition time and pilot reaction time to failures. Additionally, the JATR team determined that new and novel application of specific design features was not adequately considered."
I get it. People want to have an easy to explain narrative as to why the accident happened. It is easier to point the finger at Forkner or some faceless mid-level manager. Families don't want to hear that the process failed them.
Revelation wrote:The main reason to just go with the four second rule would be to save time and money.
The main reason was that this was the standard by which the airplane had been previously certified. If it is certifiable it is a safe airplane.
Revelation wrote:We have the statements of the FAA employee on the Frontline program that is the subject of this thread saying after the first crash he raised the "human factors" issue with three different Boeing employees and still found no questioning of the idea that pilots would recognize MCAS as runaway trim.
I'm not sure how this comment is relevant as Boeing initiated development of a software fix the day after the Lion Air crash. I would point back to the previous point that the concerns of these employees raised is validation that FAA regulatory guidance on human factors was insufficient. If it was sufficient, these employees would not have been raising the issue.
Revelation wrote:It's hard for me to avoid the thought that there was a tacit agreement within Boeing to do everything possible to keep MCAS out of the catastrophic category to avoid all the costs that would entail.
Or was it just that the engineers were doing what they were thinking was the right thing but made a mistake because the process allowed them to not include everyone that should have had a say in the discussion? In the absence of guidance from the FAA on how to address human factors, one can see how MCAS could have been considered "hazardous".
I am going to add some new information here based upon my experience with the 737 airplane that is germane to the discussion. The design philosophy of the 737 airplane, designed in the 1960s, is different than more modern aircraft. It relies much more on pilot corrective action to maintain adequate level of safety. Specifically, the 737 is a two-hydraulic system with manual reversion back-up. The primary flight control surfaces are all therefore physically connected to the control wheel and column. What this means is that the flight controls need to be jam tolerant. If any cable gets hung up on a pulley, the pilot or system needs to break that jam. There are design features which allow a pilot's control column to break free from the first officer's. There are shear pins which will decouple left and right ailerons should one jam.
With this philosophy used through out the 737 certification documents, it is understandable how an assessment would follow other analyses which had been put forward and for which service experience had indicated provided an acceptable level of safety.
Revelation wrote:CanukinUSA wrote:Unfortunately the DOJ, FBI and the FAA were in over their heads in this Max investigation and in addition for political reasons let Boeing sign a very easy agreement to avoid criminal charges and further investigation.
Thanks for the post. I agree with it all, and this part in general. I had hopes for a better investigation, but it seems that ship has sailed.
If we agree that Boeing followed the certification process and guidelines, which the JTAR report indicates that they did. Then the only criminal charges would be related to the failure to inform the AEG of the change of MCAS functionality which occurred in March 2016. This is the change the Mark Forkner was never told of. He had to find out by himself.
I reiterate my point here. The 737Max Program lost configuration control in March 2016 and the regulatory system in-place was not robust enough to catch it.
