When Technology Turns Fatal
On 9 May 2015 an Airbus Atlas military cargo aircraft crashed during initial climb following take off, on its (first) flight from the factory. Only one of its four engines was producing power as expected at the time of the accident.
The A400M as the Atlas is also know, is aimed at the military as a replacement for air forces' ageing Hercules fleets.
On this particular flight, with a crew of 6, there were 4 deaths and 2 serious injuries - plus a destroyed aircraft, significant dent to the new type's fragile reputation and an unwelcome slur on the Airbus brand.
Aside from the horrors and sadness of the crash event, it is intriguing to note the event has been attributed (albeit not publicly) to a technology issue.
For now though let's take a step back.
As someone who has studied avionics closely (via a degree in avionic systems engineering) I've been really impressed with the smooth operational transition that airlines and crews have embraced.
They've jumped - from expensive and heavy analogue instrumentation (often of variable quality) and from end-to-end hydraulic flight control systems - to the CPU-led glass cockpit and fly-by-wire technologies that started off as cutting edge technology built into last century's military fast jets.
One aspect of this evolution is the move to Full Authority Digital Engine Control - FADEC - systems, whereby the crew control the aircraft engines but ultimately cede control to the FADEC. Hence the "full authority" term.
And with this crash, it seems the 'full authority' aspect of FADEC exposed the case of a missing file - or to be more correct, a deleted file related to the FADECs on three engines. Each of the three engines which weren't producing power as they should are believed to have been missing the same file (for those interested, the file contained torque parameters).
There certainly wasn't any graceful degradation in flight, which is perhaps another discussion altogether, erroneously resting on the assumption of a complete software installation - consistently.
I'm actually surprised the same rigour that the tech industry generally applies to file integrity (completeness/correctness/checksums etc.) does not appear to have been applied here.
Could this be because it was early on in the production line for this type and the rigour of established process had not yet been applied?
Was it due to an unintentional action made by someone working alone on a dark wet cold evening?
Should the software used to delete the files have alerted the user to the incomplete set of files - and didn't? Or did the person involved somehow carried on regardless?
Or was it due to a combination of those, or more, reasons?
I'm think it's interesting that a fileset completeness issue caused this crash and I reckon Airbus should have addressed these root causes by now.
So stay calm and carry on, please. Or even play the game.
The Atlas resumed flying this week at the Paris Airshow, and the production line is ready to resume in weeks.
While military aviation carries its own peculiar risks, let's remind ourselves that aviation generally remains the safest mode of travel (deaths per billion km travelled).
Further, from 2009 to 2013, the number of accidents per million departures has dropped by about a third - according to the International Civil Aviation Organisation (ICAO) 2014 Safety Report.
The A400M as the Atlas is also know, is aimed at the military as a replacement for air forces' ageing Hercules fleets.
On this particular flight, with a crew of 6, there were 4 deaths and 2 serious injuries - plus a destroyed aircraft, significant dent to the new type's fragile reputation and an unwelcome slur on the Airbus brand.
Aside from the horrors and sadness of the crash event, it is intriguing to note the event has been attributed (albeit not publicly) to a technology issue.
For now though let's take a step back.
.jpg/800px-Airbus_A400M_Atlas_(9421081991).jpg) |
| Copyright Ronnie MacDonald, Chelmsford, UK. Licenced under the Creative Commons Attribution 2.0 Generic licence - see: https://creativecommons.org/licenses/by/2.0/deed.en |
As someone who has studied avionics closely (via a degree in avionic systems engineering) I've been really impressed with the smooth operational transition that airlines and crews have embraced.
They've jumped - from expensive and heavy analogue instrumentation (often of variable quality) and from end-to-end hydraulic flight control systems - to the CPU-led glass cockpit and fly-by-wire technologies that started off as cutting edge technology built into last century's military fast jets.
One aspect of this evolution is the move to Full Authority Digital Engine Control - FADEC - systems, whereby the crew control the aircraft engines but ultimately cede control to the FADEC. Hence the "full authority" term.
And with this crash, it seems the 'full authority' aspect of FADEC exposed the case of a missing file - or to be more correct, a deleted file related to the FADECs on three engines. Each of the three engines which weren't producing power as they should are believed to have been missing the same file (for those interested, the file contained torque parameters).
There certainly wasn't any graceful degradation in flight, which is perhaps another discussion altogether, erroneously resting on the assumption of a complete software installation - consistently.
I'm actually surprised the same rigour that the tech industry generally applies to file integrity (completeness/correctness/checksums etc.) does not appear to have been applied here.
Could this be because it was early on in the production line for this type and the rigour of established process had not yet been applied?
Was it due to an unintentional action made by someone working alone on a dark wet cold evening?
Should the software used to delete the files have alerted the user to the incomplete set of files - and didn't? Or did the person involved somehow carried on regardless?
Or was it due to a combination of those, or more, reasons?
I'm think it's interesting that a fileset completeness issue caused this crash and I reckon Airbus should have addressed these root causes by now.
So stay calm and carry on, please. Or even play the game.
The Atlas resumed flying this week at the Paris Airshow, and the production line is ready to resume in weeks.
While military aviation carries its own peculiar risks, let's remind ourselves that aviation generally remains the safest mode of travel (deaths per billion km travelled).
Further, from 2009 to 2013, the number of accidents per million departures has dropped by about a third - according to the International Civil Aviation Organisation (ICAO) 2014 Safety Report.
Comments
Post a Comment