Hi,
During the rich discussions in AF447 threads i emphasized the essential characteristics of a good design: Fault Tolerance and Graceful Degradation.
FBW opened the possibility to introduce new features like Protections. We may view that as "sophisticated interlocks" designed to help, to protect.
In AF447 case we found engineering problems like lack of redundancy, Garbage In Garbage Out (GIGO) contamination and in some posts i commented on the perception of "accelerated degradation". Actually made an analogy to the "threshold effect" of FM radio reception (below a given threshold degrades abruptly) compared to AM radio.
My point here is:
Airbus SAS is leading the industry with itīs advanced automated design. Is the design adequately capable to cope with existing sensors limitations that for whatever reason are not providing sometimes reliable data to the System?
Itīs reasonable to delegate to PF (and subsequently to PM) complex scenarios that even for a designer could be very difficult to understand timely?
IMHO the basic characteristics of a good design may be under threat with the paraphernalia of features introduced with the argument of easier operation, etc.
Multiple unreliable sensors (simultaneous in F-GZCP) are sometimes promoting "accelerated degradation" of the A/C (System+crew)?
This is being adequately tested? Safety is under an special kind of threat? A more complex one?
