DozyWannabe

Hullo all, just thought I'd stop by...

I'm seeing a fair bit of misunderstanding as to the status quo (and possible future) of aviation/computer interaction, so figured I'd weigh in briefly:

To start with, it's a fallacy to conflate the concept of FBW with that of autoflight (FMC/FMS) - they serve separate purposes and are engineered very differently.

From a purely technological point of view, following this accident Airbus modified the ELAC software's "AoA Protection" activation logic to take into account turbulent conditions. As the report says :

The report itself is fairly thorough, but doesn't seem to question the crew's actions in terms of continuing an approach despite weather conditions being considerably worse than they were expecting. Those conditions, along with both crew pulling hard on the sidesticks (a no-no as far as handling training is concerned) created what some engineers call an "edge case", where a very specific set of circumstances defeats the design. That it took some 13 years for that edge case to be found implies that the design and implementation was pretty damned thorough.

This gets brought up a lot, but as far as the above accident is concerned it's a bit of a tangent. Yes, the conditions and crew actions defeated the logic - but on finals at 60ft RA in windshear conditions, being able to override the AoA protection wouldn't make any material difference to the outcome. Also, in the 30 years the B777 has been around there has only been a single known incident where overriding the flight control computers could have been appropriate (Malaysian B777 9M-MRG over Perth, Australia; a dodgy accelerometer feeding the ADIRU caused an in-flight upset), but for whatever reason the crew did not do so.

Real-time, fault-tolerant software engineering is an entirely different kettle of fish from the processes used making the software in the machines we use from day-to-day. Safety-critical embedded systems also tend to use obsolete/proven hardware precisely because it is a known and predictable quantity.

As far as the OP goes; sorry em3ry, but you're a bit off in some of your assumptions as far as I can tell. For starters, that Google patent you linked to is clearly linked to their "self-driving car" efforts. Now, a car's behaviour is relatively simple to model and control - applying/reducing power or braking, steering in a given direction etc. results in a near-instant change of trajectory and closure rate. A fixed-wing aircraft is a massively different proposition because it's ability to manoeuvre is reliant on a far more complex form of energy management. For example, if an autonomous car wants to avoid an obstacle, a combination of acceleration, braking and steering can be applied to quickly remedy the situation. An aircraft responds much more slowly - and additionally it needs to have enough airspeed to stay aloft, but cannot exceed a certain airspeed without risking structural damage - an avoiding manoeuvre first requires that there is sufficient energy to pull it off, and there is (particularly with jet engines) a significant lag between applying power and that power translating into useful energy. This lag massively increases the amount of "look-ahead" any simulation must perform, which in turn exponentially increases the number of variables that simulation must take into account. Multiply that by the number of scenarios it has to model and there simply isn't a feasible way to implement it practically and cost-effectively using state-of-the-art hardware, let alone the obsolete and proven hardware required for aviation certification purposes.

Which ones, and how so?