Originally Posted by
AAKEE
For the case of the TCMA I couldn’t find any exemptions in the Type Certificate coupled to TCMA or gear position sensors.
I linked the examption in my previous post.
First, TCMA was not a problem in this incident, because even if it caused both engines to shut off, the pilots controlled the aircraft, and it never left the runway. It didn't make the aircraft unsafe.
Secondly, for TCMA to fail in the air, there must be two failures: the air/ground logic must fail, and TCMA must erroneously detect an UHT condition: that's two improbable failures.
The exemption is about this:
Description of Issue
Historically, propulsion control systems on large commercial airplanes have been designed with single elements controlling fuel flow. Industry practice has provided design features to protect the structural integrity of the engine, but it is still possible for single failures or malfunctions of the propulsion control system to result in uncommanded high thrust (UHT). Industry design practice provides a means for flight crews to accommodate such failures by shutting down the engine. The effectiveness of this design practice has been demonstrated in today's fleet of large commercial transport airplanes, as there has never been a report of serious injury resulting from a case of UHT.
In the past, compliance to 14 CFR 25.901(c) has been found based on the assertion that the flight crew can recognize and accommodate UHT. However, following a 1997 Saudi Arabian Airlines Boeing 737-200 accident, engineering studies showed that for some airplane designs the traditionally accepted assertion may not always be valid. In response, the FAA has begun to evaluate type designs with far greater scrutiny regarding the flight crew's ability to recognize and safely accommodate single failures that can lead to UHT.
A committee consisting of representatives from the FAA, the Joint Aviation Authorities (JAA), airplane manufacturers, and engine manufacturers was formed in 1998 to study strategies for providing additional protection from thrust control malfunctions resulting in UHT. The committee found that for the existing in-service airplanes whose propulsion systems have demonstrated a level of reliability on the order of one UHT event per 10 million flight hours, it would not be in the public interest to mandate major and novel design changes in an attempt to eliminate the already small potential exposure to UHT malfunctions resulting from single failures. The committee's recommended approach to ensure continued high levels of reliability for all presently certified models is to monitor in-service performance and if any unacceptable failure modes are identified, to take prompt corrective action by introducing focused design improvements using proven technology.
The 787 airplane design minimizes the number of single failures that can lead to UHT, and has a design feature which is intended to detect UHT and automatically accommodate it when the failure is detected while the airplane is on the ground. Previous engineering simulations have shown that the 787 airplane is controllable for detected failures that cause UHT; however, it was recently observed that a combination of a high crosswind and UHT may not be controllable for operations on or very near the ground. Given the very low failure rate of UHT failures, the very limited exposure time when the failure is potentially uncontrollable, and the additional environmental factor of high crosswind, a catastrophic event caused by UHT is not anticipated during the life of the 787 fleet. However, strict compliance to § 25.901(c) cannot be shown; since the regulation does not allow single failures that jeopardize continued safe operation, no matter how improbable.
The part that I bolded is the Thrust Control Malfunction Accomodation system. TCMA does not work in the seconds before touchdown, when an UHT-type failure could make the aircraft fail the landing. That's what the exemption is for.