Originally Posted by
tdracer
Also demonstrably false. MCAS met current certification standards - but only because of some very bad assumptions regarding pilot reactions and training. MCAS failure was classified as "MAJOR" (classifications are MINOR, MAJOR, HAZARDOUS, and CATASTROPHIC). MAJOR failures are allowed to occur at ~10-5/hr (for example, 'routine' engine failures are considered MAJOR) - which basically means 'increased crew workload', and redundancy is not required. The regulations regarding such faults haven't materially changed in decades.
In 20-20 hindsight, MCAS should have been classified as at least HAZARDOUS (and probably CATASTROPHIC) - which means probability of occurrence of 10-7/hr (or 10-9 for catastrophic) and require redundancy.
The problem wasn't the cert rules, it was the interpretation of the seriousness of the fault (which, to some extent, was hidden from the FAA).
In my opinion it was noncompliance because the analysis did not apply to the actual design, which why the hazard classification was insufficient. Perhaps one can consider this unintended but it is a consequence of deliberate obfuscation and a rush to certification of the design for financial purposes. Inexcusable.
The ineffectiveness of FAA oversight due to the new processes surrounding ODA is a major contributing factor. ODA should be eliminated, particularly in Boeing’s case.