|
ATSB probes 'cosmic rays' link to QF72 A330 jet upset
This was reported in the West Australian newspaper today as "breaking news". I'm not a pilot nor involved in the aviation industry but merely a passenger with more than a passing interest in aviation. My question to those in the know is, "Is this possible, feasible or just another ho hum theory"?:confused:
|
Another Factual Report was released by the ATSB today. Here is the link:
MEDIA RELEASE : 18 November 2009 - 2009/16: ATSB Second Interim Factual Report into the Qantas Airbus A330-303 in-flight upset, 154 km west of Learmonth WA, on 7 October 2008 |
Hi,
That's very interesting ... I wonder when the International Space Station will go upside down .. and fall on the Earth ? :} But maybe there they know .. and have some protections ? :rolleyes: |
To save others the time....link to article
ATSB probes 'cosmic rays' link to Qantas jet plunge - The West Australian |
"Is this possible, feasible or just another ho hum theory"? We want to do more calculations so need more transistors running faster = more power more power = more heat To keep everything working OK the individual transistors must be smaller. A side effect of smaller transistors is they are affected more by radiation and are more likely to flip a bit. What happens next is depends on what bit is flipped, it can be short term if in RAM and recovered by rebooting alternatively it can be long term if in ROM or flash affecting the program or stored data eg locations. It is known to be a serious problem for space applications and special chips are used although they don't have the computing power of newer consumer type chips. The RCA 1802 chips in Voyager have outlasted RCA. |
ATSB Interim Factual Report No.2
|
Originally Posted by BorneoFly
(Post 5323660)
My question to those in the know is, "Is this possible, feasible or just another ho hum theory"?:confused:
|
hahaha.. and everybody said I was crazy with my tin foil hat!
on a serious note, It will be interesting to read the reoprt after they finish this tangent of their investigation. I would be flabbergasted if a solar flare on the sun could bring an aircraft down.. Putting my tin foil hat back on... I always knew CASA/ATSB were apologists for Qantas... but attributing an incident to cosmic forces would be an interesting low! :hmm: |
I wonder when the International Space Station will go upside down .. and fall on the Earth ? I assumed that aircraft would have similar protection in place to the ISS with regards to multiple backup flight control systems, but if they're engineered differently then cosmic rays could still pose a problem. Not particularly likely though, the odds of a cosmic ray hitting the wrong thing are spectacularly tiny |
Los Alamos Helps Industry By Simulating Circuit Failures From Cosmic Rays
Los Alamos Simulates Circuit Failures From Cosmic Rays....snip... We can't fully predict the effect of these interactions, which makes having a standardized way to test circuits extremely valuable" Wender said. "Very similar devices show radically different failure rates due to neutron interactions, and we have some evidence that the smaller transistors and lower operating voltages in newer devices produce higher failure rates....snip.... In the case of the latest, totally computer-controlled aircraft, these tiny cosmic gremlins could cause trouble, especially because the problem gets worse as atmospheric shielding dwindles at higher altitudes. At sea level, the shielding provided by the air is equivalent to more than ten feet of concrete shielding. The neutron flux at LANSCE, 7,000 feet above sea level is approximately three times greater than at sea level; and at 40,000 feet, the cosmic-ray neutron flux is several hundred times greater than the neutron flux seen on the earth's surface....snip... The Laboratory and NASA recently placed a complete aircraft control system in the LANSCE beam and linked it locally with a computer simulation for a Boeing 737. A future experiment will examine whether pilots can compensate for control system upsets during simulated flight, by remotely linking a computer undergoing tests in the ICE House to the flight simulator located in the NASA System Airframe Failure Emulation Testing and Integration Laboratory at the Langley Research Center. Los Alamos is collaborating in NASA's development of the SAFETI Laboratory, with networked links to individual NASA labs for aircraft structures, cockpit motion and propulsion systems http://www.ewh.ieee.org/r6/scv/rl/ar...3-talk-ref.pdf |
dkaarma,
I always knew CASA/ATSB were apologists for Qantas |
Actually, this isn't too far fetched. Many years ago, in a previous life, we had a civil computer being adapted to a military program. One of the tests was to change every bit in the program code from a one to a zero or vice versa and ensure that nothing bad would happen. (The system halting in this test was not considered "bad."
I've read the material on the QANTAS A-330 upset and am favorably impressed with the ATSB's work in this case. Dick Newman |
This is all very cute but beside the point. The thing is any component may fail and the Airbus has more than one ADIRU. A failure of a single component whether caused by cosmic rays or little green men should never lead to near-catastrophic results. The computer should have been able to detect an ADIRU disagree and identify the bad data, or if not possible just discard the AOA data altogether.
What happened is simply unacceptable |
"the Airbus has more than one ADIRU"
Interesting. The B777 has only one ADIRU, plus a secondary unit called SAARU. The latter will take over attitude and airdata indications (but no lat/long IRS data) in case of a(n) (partial) ADIRU failure, but I wonder how Boeing has solved the problem of identifying an ADIRU failure in the first place. Majority vote is not an option with only one unit installed, is it? Or does the B777's ADIRU have more elaborate internal fault recognition capabilities and more built-in redundancy than the Airbus's? (I can imagine that it is probably merely a matter of defining what components constitute a 'unit', but then the use of the same acronym is sort of puzzling.) Sorry for being off-topic... |
vovachan and xetroV,
You have me scratching my head.... I'm an ancient from the Concord era, when the integrated circuits were still so huge, that a single cosmic ray, neutron or alpha particle couldn't really upset the electronics. But components could fail. So (to stay with flight control computers, analog in those far-off days), each computer had two virtually identical channels, dubbed "command" and "monitor", and comparators all down the chain (and those were duplicated too) checked that "C" and "M" told exactly the same story. If they didn't ... "boing" and the computer disengaged. Then, on the other side of the aircraft, a second computer, until then in standby, would take over. Checks for passive failures (like a comparator failing "healthy") were dealt with by preflight BITE (built-in tests), and some of those tests were repreated just before an autoland, reducing the "period at risk" to only minutes. I wasn't directly involved in the earliest DAFS, but by looking over their shoulder, I saw most of the same principles were applied. So what's been going on since? Even with ROMs, RAMs and everything else today being far far smaller, I still would think the probabilty of two particles hitting the same spot in two "halves" of a system provoking an identical spike, that then would be missed by the comparators, would be infinitesimal. So has there been a fundamental change in architecture? And wouldn't that kind of change be equally bad at catching component and software failures as "cosmic ray" events? I can see the line of thinking of the ATSB... I would have be tempted too, if everything afterwards worked perfectly, and there was no way of reproducing the fault. But there still seems to be something wrong with that reasoning.... CJ |
xetroV- The 777 does indeed only have one ADIRU unit but that unit consists of multiple accelerometers and laser gyros. This redundancy within the unit didn't prevent an incident to an MAS 777 doing something very similar to the Qf incident-also off the coast of WA. I don't think its a problem unique to one manufacturer or another but an indication of the lack of understanding of how software interacts.
|
"Cosmic ray" = IT equivalent of "Gremlins", i.e. joking term for an unexplained failure and especially one caused by human factors.
|
vovachan and xetroV, You have me scratching my head.... Also electronics are prone to transient failures. You take it to the repair shop, they plug it in and it works fine. |
OK, ancient here again....
In my days, when two 'halves' of a computer disagreed, it was "ping", " "boing", "click", and the (analogue) computer took itself off-line, with usually a blinking light on the CWS (central warning system) as well, and handed over to the pilot, who then had the choice of staying in manual, or engaging the standby on the 'other side'. Only during the last minutes of an autoland, the failed computer would hand over automatically to n° 2, which would already be synchronised, and would already have been tested and found healthy. It woiked well, mostly because the probability of two identical components on two sides failing in the same way within a few minutes could be shown to be in the order of 10-9 to 10-12, depending on the "time at risk". From the little I know about DAFS, much the same was achieved initially with the two 'halves' using different processors, diifferent languages for the software, and different compilers. Sure, if the software spec was wrong, there could still be problems, but that was no different in the analogue-and-logic world. So what's happened since? Leaving a computer in control of an aircraft while responding to "data spikes" gives me the cold shivers...... yet that seems what has been happening.... Can anybody elucidate....? CJ |
"Cosmic ray" = IT equivalent of "Gremlins", i.e. joking term for an unexplained failure and especially one caused by human factors. I am not sure, but you would have to think for this to be published (Cosmic Rays) that it is designed to take the blame away from a nasty - potentially catastrophic software/hardware fault within the ADIRUs. Yet surely, saying that the 330 is subject to random cosmic rays would have to be even less reassuring. If they had said the ADIRU can be replaced due 'this' (ie whatever fault they find) particular hardware fault, then most people would be satisfied - but now the whole jet can be susceptible to complete lack of control from unseen random cosmic rays! FFS...Really? I can just imagine the punters now (or the random sandwhich shop worker interview) "I cant hop on an Q airbus again now due to cosmic rays" |
| All times are GMT. The time now is 19:11. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.