PPRuNe Forums - View Single Post - Boeing pilot involved in Max testing is indicted in Texas
Thread: Boeing pilot involved in Max testing is indicted in Texas
View Single Post
Old 26th Jun 2022, 09:52
  #194 (permalink)  
safetypee
 
Join Date: Dec 2002
Location: UK
Posts: 2,455
Likes: 0
Received 9 Likes on 5 Posts
25.101; I am familiar with this; it relates to initial certification.

NAS refers to the FAA process for calculating risks associated with continued-operational-safety (COS), used for inservice aircraft; this is based on the Transport Airplane Risk Assessment Methodology (TARAM)*.

Thus any relationship with the 737 Max involves activities after the first accident, where the FAA was adamant that their safety model did not justify grounding the Max.

NAS concentrates on the weaknesses in the safety model (computer analysis) and it’s ‘expert’ use (human / computer decision vs judgement). The model used quantified risk ‘data’ based on a numerical certification assessment (weak subjective analysis of human performance), and comparison with similar incidents across the lifetime of the original aircraft type.

Certification depends on knowledge of the system (MCAS unknown or poorly understood by FAA). Malfunction recovery depended on crew action (assumed same as trim runaway), which requires a qualitative assessment to assess the situation recognition and timely action (uncertain human behaviour).

After an inservice event, this data would be considered against the lifetime history of all 737 variants.
However, if the 737 Max safety risk was modelled without MCAS (most likely), then the first Max accident could be mis-designated as a rare ‘trim failure’; compared with a lengthy aircraft history without previous trim related accidents (all variants), and that mitigation required timely crew action (which suited Boeing’s approach - blame the crew / operator).
(and don't forget the old thread on ‘rollercoaster’ manoeuvre for trim failure - assumed crew recognition and action)

NAS identifies generic safety errors in modelling, which with deduction suggests that MCAS should have been designated as a unique new system, such that the first accident would have stood out as a ‘first’ early in the lifetime of a ‘new’ aircraft.
The FAA’s false belief in 737 Max continued safety may have been strengthened by the ‘recovered incident’ before the second accident; where although the crew misdiagnosed the MCAS failure (insufficient knowledge / training), they fortunately choose the correct action, which the FAA took as vindication of their (false) understanding and public position.

After the second accident other regulatory authorities appear to have suspected errors in the airworthiness analysis and choose to re-evaluate both this and the FAA’s original certification.
This is a valuable lesson for future common certifications and safety modelling - questioning how to model crew activity, ‘average’ or otherwise, and how this might be represented numerically for computation.

‘Average’ in this sense is an inappropriate concept; also there is significant risk in ‘digitising’ human activity, both input judgement and biased output application.

* ANM 100 TARAM https://www.faa.gov/regulations_poli...C-06222015.pdf

https://rgl.faa.gov/Regulatory_and_Guidance_Library/rgPolicy.nsf/0/4e5ae8707164674a862579510061f96b/$FILE/PS-ANM-25-05%20TARAM%20Handbook.pdf
(cut and paste)

NAS Report (link broken?)
https://nap.nationalacademies.org/ca...ecord_id=26519

https://www.nationalacademies.org/ou...nt-methodology
,
Last edited by safetypee; 26th Jun 2022 at 11:05.
safetypee is offline  
Reply