PPRuNe Forums - View Single Post - Automation Bogie raises it's head yet again
Thread: Automation Bogie raises it's head yet again
View Single Post
Old 18th Jan 2011, 10:30
  #146 (permalink)  
fdr
 
Join Date: Jun 2001
Location: 3rd Rock, #29B
Posts: 2,956
Received 861 Likes on 257 Posts
migration
Hi Peter, atapster,

"There are known knowns;
there are things we know we know.
We also know there are known unknowns;
that is to say we know there are some things we do not know.
But there are also unknown unknowns,
the ones we don't know we don't know".

Sec Def, "Rambo" Rumsfeld.


Jens and Eriks work as well as your own, Peter, inherently acknowledge that the systems are at the best non linear and at worst are stochastic. Certainly, Eriks resonance model's assume underlying stochastic system performance. These models are far more realistic albeit less "tidy" in application, than the near linear Reason Model. (I may be rather unfair on the limitations of artistry rather than the concept of James Reason's popular model). The potential for an error from any source to not only act directly but to result in unintended behaviour of the system is high. In operations, the sight of a trained crew all being head down dealing with a minor problem, incorporating their CRM training... while heading toward terrain, thunderstorms, other traffic or alligators (old days anyway...), or again being head down while taxiing on a crowded ramp while checking the CMC to confirm that a PA is needed to be made to the passengers for a "hard landing", or... having a 1kt overspeed due to environmental changes and pulling the aircraft into the vertical (well... 17 degrees nose high etc at FL420).

Migration to the boundary is a characteristic of the feed forward from successful outcomes where no incident occurred, under the conditions of human economy of effort, and environmental and operational stress vectors. Over time, the nett outcome will naturally trend to and beyond the regulatory boundaries unless monitoring of the actual performance leads to intervention and return to nominal design. Humans adapt pretty well, and the ability to find new methods to economise on the procedures is remarkable, inventiveness probably being as important as opposing thumbs in evolution (sorry creationists).

[This stands apart from the gross wilful violation of say having a child in the seat inadvertently nudging the APFD mode into CWS and the crew not having either the self preservation instincts to be near the controls, or the SA to understand what the mode of the AP was... (history does repeat, with a recent tail strike by a passenger flying an RPT jet...where do you start the remediation training for that? Put the pax in the sim?)].

Economy drives operation, design (mars surveyor... O rings... ), operational deviation, and risk acceptance away from nominal (assuming that nominal is a valid status anyway), as the result of all interactions that occur. Hardly a surprise, the second law of thermodynamics states that a closed system will tend to increased entropy. Human systems appear to also suffer divergence from nominal unless action is taken to restore performance. The background stochastic signal of performance mixing with variations from nominal performance just give some apparent arbitrary misfortune to the time and place of the event.

while hoping to use either Monte Carlo simulation or neural networking to improve modelling of off nominal performance, have been more effective at getting system crashes than modelling aircraft crashes.... main outcome has been less confidence in most of the existing mnemonics such as CRM and AQP, SMS etc, and more focussed on the basic loss of SA that exists at the core of almost all events.

"Therefore, failure-tolerant management systems basically depend on the continuous and efficient communication of corporate and individual values and intentions. One of the major risk problems
related to the introduction of information technology in centralised systems may therefore be the temptation of rational, scientifically minded experts to design large systems in which centralised data banks with factual information are the basis for communication between decision makers, and, unwillingly, disturb the communication of values and intentions which is necessary for error recovery".
Rasmussen, RNL, 1985 Risk and Information Processing

From designing jumbos to justifying invasions, somethings don't change in a hurry.

"You've got to be very careful if you don't know where you're going, because you might not get there".
Yogi...
fdr is offline  
Reply