Newsroom - An Update on the Boeing 737 MAX - American Airlines Group, Inc.

Well. Thanks for this, Rob.

I found the original document on the Brazilian ANAC site. The MCAS reference is on page 18.

Is it plausible that there is an ongoing broad evaluation of the proposed modifications by the various international authorities without any leakage of these?
It seems more likely that we are still in closed doors negotiations between Boeing and the FAA to define what changes must be made. That suggests the timeline is slipping.

Can we entertain ourselves with a slightly different but related issue? How will 777X be certified? Will (Can) EASA, TC and CAAC demand their own certification? I doubt anyone in the world trusts Boeing or FAA with certification process at the moment. As a matter of fact their own senate doesn't trust them in that regard.

I think it is a mistake to focus on the software and software development process. Certainly it would be sensible for their to be input validation/plausibility checks and these may or may not be present but the big issue was in the system design. It is quite clear that at a system design level this function and the software associated with it were not assessed as having a high safety impact. Everything flowed from this, a single sensor single channel system vulnerable to a single failure in a whole range of areas including the software design and implementation.

I don't see the solution as being primarily software either although software will certainly be involved. The best solution woudl be an intrinsic one, remove the need for the system to be present at all, this isn't going to happen. The next best solution is one which cannot fail unsafely due to a single failure. Various ways seem possible to achieve that but they are not purely software and they will take time to develop, verify and certify.

I have been wondering for a few weeks now myself, how any future Boeing manufactured/produced aircraft may be certified too. Glad others have the similar line of thinking too! Might delay the 777X for a time, certainly a new NMA design/project. Of course they can try the old 747-400 trick again by just updating engines on B757/767, ho ho!

As much as I do agree with you, I don't think anyone will be able to lock that genie back in the bottle. During my career I've seen numerous hardware problems beeing "software fixed" - of course it's only a dirty work around just as MCAS is. So software engineers must make sure that if something is done that way, it is properly done. And if it increases costs enough, maybe that's an encouragement to do it right next time.

And then someone comes a long and demands you to be more agile :ugh:. Just look at the suggestions to use multi core processors with multiple layers of non deterministic caching and predictive execution. Unfortuneately many managers are on the same "But my iphone can do this"-knowldedge level.

Another 30 years probably.....

Modern deterministic processors for safety critical applications do exist (with a performance penalty vs mainstream processors, obviously), what you are really asking is how long can Boeing keep building "new-but-not-really-new" 737s...

The only real answer to that is "as long as people keep buying them", or just maybe "as long as they are allowed to".

Much more than 30 years.
The last commercial B737NG went off the assembly line only in the last few weeks, and they're still building P-8A & E-7 airframes that are B737NG-based.
Boeing hope to build at least another 4,000 B737-8, -9 & -10 and possibly a few -7 too and unless they get a complete new FCC they'll all be running "x286-based 16 bit processing". At 60/month that's another 5 to 6 years production, and a reasonable proportion of them should last at least thirty years.

So if everything goes to Boeing's plans, airframes will be flying that good old early-1980s technology until the 2050s or 2060s.
Horrifying to contemplate

Well, according to Greta Thunberg and her followers( our own kids) there will not be much if any short haul flying fossil fueled aircraft in 2050 left.

I don't have a hard time believing that. There is a long, well-documented and dishonourable tradition of managers doing just this. Most famously:

“Take off your engineering hat and put on your management hat”

Jerry Mason, a Senior VP at Thiokol, and the most senior manager present starts the Thiokol caucus by observing that the decision from here on will be “a management decision”, and that “Am I the only one who wants to fly?”

Well-analysed here: https://clearthinking.co/the-telecon...fted-part-two/

Also https://www.onlineethics.org/Topics/...icationContent

Most interesting, thanks for that !

You're welcome. NASA went on to do it all over again with Columbia (ignoring prior engineering warnings about foam damage to the heat-resistant tiles).

The "normalisation of deviance" -- Diane Vaughan -- is a serious organisational threat in most modern businesses.

The original MCAS was reviewed and fully disclosed to the FAA.

The problem was the later modifications to that code were not seen as significant and thus not subjected to the higher level scrutiny.

The news today from EASA, doing their own certification.

"European Aviation Safety Agency (EASA) executive director Patrick Ky said there is “still a lot of work to be performed” before it will allow the Boeing 737 MAX to return to service. Europe’s aviation safety authority has criticized the way FAA has allowed Boeing to “auto-certify” the key systems.

Ky told the European Parliament’s transport committee Sept. 3 that EASA has decided to recertify parts of the MAX’s flight control systems itself, oversight of which had been transferred to the FAA previously. “A lot of work is being done,” Ky said. EASA has been in close coordination with Boeing and the FAA for months. At this point the European agency is “happy” with some aspects of Boeing’s answers to its requests while there are others that “we need to discuss some more” and some issues still require more work."

https://aviationweek.com/commercial-...eed-be-changed