SoylentNews is people
SoylentNews
A military plane crash in Spain was probably caused by computer files being accidentally wiped from three of its engines, according to investigators. Plane-maker Airbus discovered anomalies in the A400M's data logs after the crash, suggesting a software fault. And it has now emerged that Spanish investigators suspect files needed to interpret its engine readings had been deleted by mistake.
This would have caused the affected propellers to spin too slowly. The aeroplane crashed near Seville, during a test flight on 9 May, killing four crew members on board. Several countries that had already accepted deliveries of the plane - including the UK - grounded them following the accident. However, Airbus has announced it plans to fly one of its own A400M aircraft at the Paris Air Show next week.
The latest revelations about the investigation were first reported by the Reuters news agency.
http://www.bbc.com/news/technology-33078767
[Also Covered By]: http://arstechnica.com/information-technology/2015/06/report-airbus-transport-crash-caused-by-wipe-of-critical-engine-control-data/
Original Submission
(Score: 1, Insightful) by Anonymous Coward on Thursday June 11 2015, @07:15PM
I'd say that terrible design is the real problem. It shouldn't have been possible to delete whatever those files were in the first place. Is there no manual override as an "in case shit" failsafe?
(Score: 1, Troll) by janrinok on Thursday June 11 2015, @08:10PM
Or you could read the linked material - it explains what is believed to have happened and why.
(Score: 2) by sjames on Thursday June 11 2015, @08:50PM
And utterly fails to answer key questions like what in the world made them think it was OK to even allow the engines to operate with the missing files, that is, why was the plane even able to taxi to the runway, much less able to get into the air in a clearly unflyable configuration without even a warning? What happened to those checks that were supposed to prevent this? Why couldn't the engines operate in a fallback mode at partial power so they could land the plane, or go in into a full manual mode?
Basically they stripped out (or left out) every reasonable safety measure to come up with a fail deadly scenario.
(Score: 2) by tibman on Thursday June 11 2015, @09:07PM
Airbus does not believe in manual controls... ever.
SN won't survive on lurkers alone. Write comments.
(Score: 3, Informative) by janrinok on Friday June 12 2015, @09:34AM
I'll paraphrase what was in one of the links.
Each engine has a set of different parameters that are needed by the Engine Control Unit (ECU) to enable it to function at maximum efficiency. To enable engines to be changed, the parameters must be programmable by the aircraft user. There are procedures in place to ensure that this is done, and there are procedures to ensure that the parameters are not changed during routine software updates. In this instance, they suspect that the parameters were erased when the software was updated during the time leading up to the flight but, for some reason, the the procedures failed or were not correctly followed. This is the line that the current investigation is following. Ultimately, no amount of technological backup can account for human error. This does not imply that it was 'pilot error' but that the mistake occurred elsewhere.
Your suggestions are all reasonable, but amount to having systems that check that other systems that are checking on yet more systems are working. At some point you can end up having faults in the checking system grounding an aircraft that is perfectly serviceable in every other respect. It also gets to the point where it is also no longer economically viable. This applies not only to Airbus, or to any single aircraft producer, but to many other technological endeavours.
If (and it is a big if) it is found to have been a servicing error, then it raises many other questions. Why did the engineer carrying out the servicing not follow the procedures or, if he did, why did the procedures fail? Who crossed checked the engineers work and why didn't those checks detect the missing data? Why when doing a routine software update, is it possible to delete engine-specific data? And so it goes on. We can speculate all we like but, until the findings are announced, it will remain just that - speculation. Of course, that won't stop the pro-Boeing anti-Airbus fans from criticising the aircraft design; these are the same people however, who remain silent when a Boeing aircraft under development has a problem.
Full Disclosure: I have a close relative working for Airbus.
(Score: 2) by sjames on Friday June 12 2015, @02:19PM
I already knew the whats, what I want are the whys. WHY didn't the engines have limp home ability (nobody cares how efficient they were during the crash). Why did they think it was OK to lock into idle in spite of the pilot's urgent commands to throttle up? It throttled well enough to get the plane in the air (and into danger) after all. Why no "good enough" table that can't be erased?
Instead, they chose to rely on humans not making an error that only becomes visible when it's too late.
(Score: 2) by janrinok on Friday June 12 2015, @03:20PM
You pose many good questions, as I acknowledged in my previous post. However, at some point it becomes ineffective to try to use technology to detect something that should never happen. All that is being achieved is adding additional weight to the aircraft. But I expect that someone is doing some serious rethinking about this particular incident.
Unfortunately, that is the situation on every aircraft flying today. The majority of aircraft crash because of human error - which is always spotted 'too late'. Even when there was a technical failure, there is often a human who did not understand the signs and indications that he is seeing, and who might have been able to take a more appropriate action if he had.
(Score: 2) by TK on Friday June 12 2015, @03:47PM
I don't see any weight added by running a little extra code during boot
IF (param_torque != 0)
The fleas have smaller fleas, upon their backs to bite them, and those fleas have lesser fleas, and so ad infinitum
(Score: 2) by sjames on Saturday June 13 2015, @01:31AM
Actually, MOST errors a human can make in aircraft maintenance does become evident prior to causing a fatal crash, even if they may cause a really scary moment or result in an unscheduled landing. Or at least the physical activity involved adds a sense of gravitas to it for the workers. That's always a problem in the digital realm, too often the trivial and unimportant feels no different than something truly world changing as far as the UI goes. That makes it very important to minimize the opportunities for human error to cause disaster. It is, after all a bit hard to see a software fault on a visual inspection.
The few lines of extra code may technically carry mass, but you won't find a balance sensitive enough to measure it, especially at the scale of an aircraft's mass.
As a point of contrast, if you hose the ECU in your car, it will either not start in the first place or it will go into limp home mode (with the check engine light indicating the problem). It will NOT let you drive to the middle of nowhere and then refuse to run.