PPRuNe Forums - View Single Post - Spanair accident at Madrid
Thread: Spanair accident at Madrid
View Single Post
Old 31st Oct 2008, 23:22
  #2332 (permalink)  
safetypee
 
Join Date: Dec 2002
Location: UK
Posts: 2,451
Likes: 0
Received 9 Likes on 5 Posts
EASA AD No.: 2008 - 0197
The wording in the required action – the check, is a type of SOP, and might not be the best example of creating a SOP or additional safety defense.
The check assumes that the flaps are up before the TOCW is tested – this is not stated. If the flaps were inadvertently down for the check, and another part of the TOCW in error e.g. mis-set trim, then this might open a hazardous sequence of events, but no less likely than in this accident, i.e. after taxing-in due to a RAT fault and flaps are selected up after the test – before the next start. The test has been successful (mis-set trim), but might not prevent an accident, e.g. failed ‘intermittent relay.
This emphasizes the need for careful wording in checks, an understanding and memory of the reason for the check, and correct execution of the check. All of these should be associated with training or documentation, as without them there may be more possibilities for error, similar to those which supposedly occurred in the accident.

The check might be seen as a ‘band-aid’, or just another line of defense which adds complexity to the operation (the check takes time in an environment where crews could be hurrying), or it becomes another opportunity for error - forgetting.
An alternative is to provide a more robust defense, probably improving something which already exists, but where an investigation identifies a weakness e.g. a more reliable TOCW system, or a TOCW system failure warning (cf AMC CS 25.703 ). Solutions in this area could also suffer added complexity or more opportunity for error, but robustness and resilience in defense are often quoted as being more effective than a check.

I recognize that it is easy to pick holes in proposals and, in hindsight, seek a safety solution that focuses on the most recent accident. The skill in safety management might be that of identifying and managing the risks of the ‘holes in the solutions’, or choosing the better generic solution(s) addressing the causes underlying this particular or a similar accident. Apparently, the causes (why) in this accident have not yet been identified.

Note the CS 25 text re hazards of crew familiarity with a warning in normal operations (the check) vs their reaction to a warning in the failure case, where the familiarity of the warning during the check might decrease its effectiveness in a failure condition – human performance and limitations, etc.
safetypee is offline