Cool Guys
There is lots of talk about the man-machine interface. What is the man machine interface? The machine is ideal for multiple repetitive monotonous, tasks. The human works best with minimal tasks at once, 2 or 3 tasks at once is ideal, 4-5 max. A machine can only perform tasks that it has been programmed to do. A human trained in the basic and fundamental technologies of his job can make decisions based on this training without ever having encountered or trained on the scenario in the past. So if the machine encounters a scenario that it is not programmed to deal with, it should naturally pass it over to the human. However the designer and programmers are responsible for passing it over in a format that can be easily handled by the average person. Ie a maximum of 5 tasks. Monitoring the planes speed, AOA, Multiple ECAM messages, A WOOP WOOP STALL, an auto pilot kicking out, a change in handling characteristics, changing trim settings etc. It seems excessive to me.
We dontīt have yet the required information to be able to understand what really happened in AF447. During 2 years + diligent professionals are trying to "model" possible scenarios based on some reliable (scarce) pieces of information. The analysis being performed is trying to cover all aspects. The interface of a complex System as you know very well must be "simple enough" to allow a safe operation in all scenarios before or during a "crisis". Even after a crisis if you implemented a true "Fault tolerant" and "Graceful degradation" System, the System and its interfaces ideally should work in a degraded mode still able to minimize consequences. E.g., Fukushima Plant dramatic failure.
In an highly dynamic environment, (a jet facing adverse conditions, sensor limitations, etc.) the interface requirements are severe. And is in this situations your design team must deliver what they developed during the R&D phase, to cover not only the probable faults but also the possible ones.
I pointed what seems to me a concerning conceptual error probably affecting several designs. In AF447 it seems this (design error + sensor limitation) triggered a major System reconfig and the subsequent lack of reliable Air Speed + probable human interfacing issues, probable played a role in the final result. Actually the plane in few minutes departed from an absolutely normal operation going to the bottom of the sea. And apparently without any more important "mechanism" problems other than Pitot tubes non compatible to the air space the plane entered. The first leak of information from the BEA investigation team surfaced in a French newspaper, Le Figaro, "suggested" crew faults. Also the BEA report (issued to stop damaging speculation before Paris Air Show, trade fair) emphasizes crew actions much different than the "normal", thus indirectly suggesting crew fault (from the pilot "flying" the plane during most of the crisis).
And as you know, itīs easy to put responsibilities in an operator if a Human machine interface (even a poor designed one) is working as designed. Always the management could point to lack of "training", etc. exempting the System.
Sounds intriguing (suggesting interfacing issues or even a possible System glitch that may have occurred during the critical moments) what we learned since the beginning. At least the trigger seems to be caused by improper sensors (product limitation) put in a System lacking the required redundancy in respect to a basic input, the Air Speed. The sensors (French company) were being replaced after showing itīs limitations, also existing (in a lesser degree) in itīs (US company) competitor.
You, being outside Aviation industry could eventually contribute to the discussion in respect the issues you face daily in your work.
On interfacing issues, take a look on the challenge an experienced crew faced when climbing out of Changi airport (SG) in a Airbus 388. They took a good time just to understand what happened and was going on after an uncontained engine failure in the inner left wing Rolls Royce engine. They eventually landed the plane in the same airport facing a complex situation.