We wanted to ask Boeing these questions, but they did not return our phone calls.
Could code cause a crash?
If Paul Czsyz of St. Louis University is right, the big question about the Pittsburgh crash is this: What caused the rudder to go hardover in the first place? Did it, as Czsyz suspects, get a false signal that an engine had conked out? And what kind of signal marks an engine outage?
We wanted to ask Boeing these questions, but they did not return our phone calls.
The answers, Czsyz suspects, will be found in the hardware or, more likely, software, of the flight control system. "I suspect somewhere [in the 737's code] there is an input to the control system that would be interpreted as an engine out." So why not just debug the software and upgrade it? Software upgrades are a common -- if slightly traumatic -- event for those of us chained to Macs or Wintel machines. But upgrading a 737's software could be extremely complex and expensive, Czsyz says.
The law of unintended consequences
There are three reasons to be unnerved by the prospect of searching for a flaw in the software, Czsyz says. First, the code is so long that finding bugs can be difficult or impossible. Any problem code, he says, is "getting activated very rarely. It's a certain code path through the software, and to see that happen, you may have to investigate a half-million paths." In fact, airplane flight-control code is so complicated that it cannot be tested for every combination of unlikely or unknown circumstances, Czsyz says. "There's not an airplane flying today with assured, fault-free software -- which is why you have a pilot in the plane."
Second, given the complexity of the code, fixing one thing could cause a problem elsewhere.
Third, because the code is "burned into" a microprocessor, it can only be changed by manufacturing a new line of chips, then installing and testing them on the 737 fleet.
If it is broken, should you fix it?
Even though "there's nothing more expensive than a software fault," Czsyz suggests that Boeing comb its computer code for whatever might signal a rudder hardover. If the rudder is indeed going all the way to one side, what is the cause? Is there some software "switch" that directs it to do that when an engine goes out? Czsyz says he's asked Boeing engineers this question, but they have not answered.
Finding the cause of the rudder malfunction, he argues, is better than installing rudder-position indicators (in the 737s that don't already have them) and focusing on the yaw damper, as the National Transportation Safety Board has recommended.
Although the 737 has a good record, Czsyz says it could be better. "I have this nagging feeling that there's a set of circumstances -- not explained -- where the rudder goes full over to one side. And I don't believe they know what it is."
Some planes crash because they don't know they are too close to the ground. Couldn't technology fix this problem?
 |
 |
 |
 |
There are 1 2 3 4 5 6 7 8 9 10 11 12 documents. (Glossary | Bibliography)