Originally Posted by
meleagertoo
Boeing's big 'mistake' was to underestimate the public and to some extent the industry's interpretation of two failures due almost exclusively to bad handling and incorrect procedures that they could hardly have anticipated. At least, Boeing thought they could hardly have been anticipated at the time, and I doubt (m)any of us would have thought otherwise either before these accidents had we known about the system. Their mistake was to underestimate the amount and volume of criticism that would unexpectedly come their way because crews, maintenance and at least one airline screwed up in spades and the world retrospectively devined faults therefrom in Boeing that no one had thought were faults before and in a vindictive and vitriolic way unprecedented in the history of aviation..
I am not a pilot so my view may not be correct but I do design systems with functional safety requirments and I profoundly disagree with this. A system which cannot tolerate a single fault without entering a dangerous state which requires prompt action to prevent a catastrophe is not safe paticularily when at least one of the failures can occur in a high workload situation, must be responded to within a time limit and will generate misleading and distracting warnings. I am confident that I and all the teams I have worked in would have anticipated this would cause problems and would not have considered it an acceptable design.
Yes we are all human and may overlook failure modes with common causes or fail to understand complex interactions between sub-systems but this was just straightforwardly poor design which should have been identified as such.
The idea that Boeings big mistake was 'to underestimate the public and to some extent the industry's interpretation of two failures' is shockingly callous given the death toll and relatively small timespan. As far as we know the scenario concerned has occured three times and only been survived once and then perhaps a little fortuitously.