A400m New strategic and tactical airlifter for the RAF
Discussion
hidetheelephants said:
From the grim smoke-stained outline they got it down in one piece, upright and pointed in the right direction, then it immolated itself. 
Good piloting but it didn't save 4 of them.
If that's how a composite plane goes up, is that good for a transport? Good piloting but it didn't save 4 of them.http://en.wikipedia.org/wiki/Airbus_A400M_Atlas
Is it only the wings?
Edited by saaby93 on Tuesday 12th May 17:49
hidetheelephants said:
From the grim smoke-stained outline they got it down in one piece, upright and pointed in the right direction, then it immolated itself. Good piloting but it didn't save 4 of them.
Crash due to software problems, apparently. Good piloting but it didn't save 4 of them.http://www.bbc.co.uk/news/technology-32810273
eldar said:
More informative herehttp://aviationweek.com/defense/software-cut-fuel-...
It has 6 people on the plane
unlike the Beebeldar said:
hidetheelephants said:
From the grim smoke-stained outline they got it down in one piece, upright and pointed in the right direction, then it immolated itself. Good piloting but it didn't save 4 of them.
Crash due to software problems, apparently. Good piloting but it didn't save 4 of them.http://www.bbc.co.uk/news/technology-32810273
Scares me that ECU software is being configured by hand. Scares me even more that this wasn't picked up on any QC or ground testing.
maffski said:
eldar said:
hidetheelephants said:
From the grim smoke-stained outline they got it down in one piece, upright and pointed in the right direction, then it immolated itself. Good piloting but it didn't save 4 of them.
Crash due to software problems, apparently. Good piloting but it didn't save 4 of them.http://www.bbc.co.uk/news/technology-32810273
Scares me that ECU software is being configured by hand. Scares me even more that this wasn't picked up on any QC or ground testing.
Whatever way a system is designed there is a weak link somewhere, sometimes only found out by a major event sadly.
RWD cossie wil said:
Whatever way a system is designed there is a weak link somewhere, sometimes only found out by a major event sadly.
All too often the weak link is the safety system (or rather failing to think outside the issue your trying to make safe). And it looks like that might have been the case here.The latest (from BBC News) is that configuration files, relating to the characteristics of the individual propellers, was deleted from three of the engines.
Reading between the lines it looks like the system uses a default 'perfect' prop and loads the characteristics over this so didn't refuse to start the engines - which is rather foolish for a flight critical system.
According to Reuters once flying a safety feature noticed the mismatch between the expected torque requirements and the real ones and locked the engine into flight idle. They were working on the assumption this would only ever happen to one or two engines at a time (presumably due to mechanical failure or damage), so provided no method to override it.
maffski said:
RWD cossie wil said:
Whatever way a system is designed there is a weak link somewhere, sometimes only found out by a major event sadly.
All too often the weak link is the safety system (or rather failing to think outside the issue your trying to make safe). And it looks like that might have been the case here.The latest (from BBC News) is that configuration files, relating to the characteristics of the individual propellers, was deleted from three of the engines.
Reading between the lines it looks like the system uses a default 'perfect' prop and loads the characteristics over this so didn't refuse to start the engines - which is rather foolish for a flight critical system.
According to Reuters once flying a safety feature noticed the mismatch between the expected torque requirements and the real ones and locked the engine into flight idle. They were working on the assumption this would only ever happen to one or two engines at a time (presumably due to mechanical failure or damage), so provided no method to override it.
From an Engineering point of view, it's ace not having miles of cables, tensioners, pulleys, bell cranks & rigging / lubeing to do etc... From a pilots point of view, I'd much rather have a physical link to a control surface or engine control. The downside of course is cable breaks, pulley jams, potential mis- rigging rtc etc...
Each system has it's positives & negatives, I'm obviously not a computer programmer, but I can't belive/understand why there is no self protection built into the software, surely a simple checksum would ensure that at least all the files would be present?
Uploading navigation & GPWS databases is always worrying for me, aside from the computer telling you it has been successful, there is no real way of checking all the data you have added is actually valid.
Each system has it's positives & negatives, I'm obviously not a computer programmer, but I can't belive/understand why there is no self protection built into the software, surely a simple checksum would ensure that at least all the files would be present?
Uploading navigation & GPWS databases is always worrying for me, aside from the computer telling you it has been successful, there is no real way of checking all the data you have added is actually valid.
From an Engineering point of view, it's ace not having miles of cables, tensioners, pulleys, bell cranks & rigging / lubeing to do etc... From a pilots point of view, I'd much rather have a physical link to a control surface or engine control. The downside of course is cable breaks, pulley jams, potential mis- rigging rtc etc...
Each system has it's positives & negatives, I'm obviously not a computer programmer, but I can't belive/understand why there is no self protection built into the software, surely a simple checksum would ensure that at least all the files would be present?
Uploading navigation & GPWS databases is always worrying for me, aside from the computer telling you it has been successful, there is no real way of checking all the data you have added is actually valid.
Each system has it's positives & negatives, I'm obviously not a computer programmer, but I can't belive/understand why there is no self protection built into the software, surely a simple checksum would ensure that at least all the files would be present?
Uploading navigation & GPWS databases is always worrying for me, aside from the computer telling you it has been successful, there is no real way of checking all the data you have added is actually valid.
Having worked in Aerospace for a number of years I can assure you that the level of redundancy, safety systems on board these aircraft are second to none.
What you must remember is that the A/C in question was not delivered, nor completed, the Aircrafts first flight is designed to identify any errors etc with systems that can then be resolved on the ground pre hand over / transfer of title and finally delivery to customer.
The official Airbus statements relate to a data issue which as you are aware is not like a mechanical or structural failure and cannot be visually inspected, it is unfortunate that this error is not something that would be identified during pre flight tests.
Rather than criticise what has gone wrong, let those who passed away be remembered enhancing the safety of future flight for all of us.
What you must remember is that the A/C in question was not delivered, nor completed, the Aircrafts first flight is designed to identify any errors etc with systems that can then be resolved on the ground pre hand over / transfer of title and finally delivery to customer.
The official Airbus statements relate to a data issue which as you are aware is not like a mechanical or structural failure and cannot be visually inspected, it is unfortunate that this error is not something that would be identified during pre flight tests.
Rather than criticise what has gone wrong, let those who passed away be remembered enhancing the safety of future flight for all of us.
Edited by Trexthedinosaur on Thursday 18th June 09:18
Trexthedinosaur said:
What you must remember is that the A/C in question was not delivered, nor completed, the Aircrafts first flight is designed to identify any errors etc with systems that can then be resolved on the ground pre hand over / transfer of title and finally delivery to customer.
One would expect the fundamental systems that are going to keep the thing in the air had been checked at build and signed off as the poor bloody flight crew would have expected when he signed the Form700 or whatever AB call it, before flying it that day..... Sadly they paid the ultimate price for identifying a bloody big error with the systems that they could do nothing about.
Trexthedinosaur said:
Having worked in Aerospace for a number of years and all of them spent at the company in question, I can assure you that the level of redundancy, safety systems on board these aircraft are second to none.
What you must remember is that the A/C in question was not delivered, nor completed, the Aircrafts first flight is designed to identify any errors etc with systems that can then be resolved on the ground pre hand over / transfer of title and finally delivery to customer.
The official Airbus statements relate to a data issue which as you are aware is not like a mechanical or structural failure and cannot be visually inspected, it is unfortunate that this error is not something that would be identified during pre flight tests.
Rather than criticise what has gone wrong, let those who passed away be remembered enhancing the safety of future flight for all of us.
Whilst I am sure everybody will sympathise with the loss of the aircrew, questions need to be asked how this hole can have been left open.What you must remember is that the A/C in question was not delivered, nor completed, the Aircrafts first flight is designed to identify any errors etc with systems that can then be resolved on the ground pre hand over / transfer of title and finally delivery to customer.
The official Airbus statements relate to a data issue which as you are aware is not like a mechanical or structural failure and cannot be visually inspected, it is unfortunate that this error is not something that would be identified during pre flight tests.
Rather than criticise what has gone wrong, let those who passed away be remembered enhancing the safety of future flight for all of us.
not to have a basic SW check on flight critical SW at startup is an accident waiting to happen, yes, it has 4 engines, but as seen here, if something can happen to one, it can happen to all of them (or 3 in this case).
Kind of makes you wonder if this is common to any other EDS/Airbus products?
Trexthedinosaur said:
Having worked in Aerospace for a number of years and all of them spent at the company in question, I can assure you that the level of redundancy, safety systems on board these aircraft are second to none.
Well it obviously wasnt second to none in this caseWho would design a safety system that could fail the same way on all 4 of a critical component?
It wasnt a safety system of course. There was a gap in simple 'what if' thinking.
Rather than multi - quote.
The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
Did the warning alert the crew on the ground, no, was it supposed too, no.
Did the warning alert the crew in the air, yes, was it supposed too, yes.
If you read the official press release you will see that when operators follow the updated procedure this error cannot occur again.
Ref the point about consistency on ADS / AG products, the engine manufacturer / ECU supplier on the A400M (as they are prop engines) will come from a different business unit as per the civil jet engine product range(s).
Unfortunately and surprisingly as this is a military aircraft and could potentially lose 1-4 engines due to hostile action the aircraft was unable to make a safe landing.
Rather than speculate I will wait for the official conclusion of the official investigation.
The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
Did the warning alert the crew on the ground, no, was it supposed too, no.
Did the warning alert the crew in the air, yes, was it supposed too, yes.
If you read the official press release you will see that when operators follow the updated procedure this error cannot occur again.
Ref the point about consistency on ADS / AG products, the engine manufacturer / ECU supplier on the A400M (as they are prop engines) will come from a different business unit as per the civil jet engine product range(s).
Unfortunately and surprisingly as this is a military aircraft and could potentially lose 1-4 engines due to hostile action the aircraft was unable to make a safe landing.
Rather than speculate I will wait for the official conclusion of the official investigation.
Edited by Trexthedinosaur on Thursday 18th June 08:11
Trexthedinosaur said:
Rather than multi - quote.
The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
that's the scary bit, the lack of 'what if?' thinking in the design.The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
at a simplistic level, if the "torque calibration parameters" were missing, the FADEC should alarm as soon as it's booted up, and certainly should not allow engine start (or maybe have a default calibration that's at least workable?).
Scuffers said:
Trexthedinosaur said:
Rather than multi - quote.
The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
that's the scary bit, the lack of 'what if?' thinking in the design.The system performed as required; this wasn't a failure of a system this was an oversight in the programing / design.
at a simplistic level, if the "torque calibration parameters" were missing, the FADEC should alarm as soon as it's booted up, and certainly should not allow engine start (or maybe have a default calibration that's at least workable?).
How many millions, if not billions of potential, 'what if' scenarios could be encountered by a military aircraft?
I am sure in your everyday life you and all of your actions are impeccable and never make a mistake?
> What's to say the aircraft could of landed safely and the crash was pilot error?
> What's to say the aircraft could of functioned with one engine and safely landed but the supposed 'power lines' caused the aircraft to crash?
> What's to say the aircraft cannot function correctly with only one engine?
The engine management 'torque parameter' settings is merely a theory, unless of course you are privy to the official information?
I am sure in your everyday life you and all of your actions are impeccable and never make a mistake?
> What's to say the aircraft could of landed safely and the crash was pilot error?
> What's to say the aircraft could of functioned with one engine and safely landed but the supposed 'power lines' caused the aircraft to crash?
> What's to say the aircraft cannot function correctly with only one engine?
The engine management 'torque parameter' settings is merely a theory, unless of course you are privy to the official information?
No it's symptomatic of some current alleged safety thinking.
This is PH
In threads over in SP and SPL you can see where 20 limits have been imposed followed by apparent surprise in some quarters that safety has become worse.
Imagine if due to safety concerns say a 200mph limit was imposed on aeroplanes. Would that make it safer or would they start dropping out the sky?
Here it appears a decision was taken that if an engine appears to be operating outside a parameter block which may not have been installed, the obvious thing to do is cut power to the engine in such a way it's unable to do its job and it's not overidable, and to not ask what would happen if this should be allowed to occur on all the available engines.
It's not what's happened that's being questioned, it's the alleged thought process that's led up to it.
This is PH
In threads over in SP and SPL you can see where 20 limits have been imposed followed by apparent surprise in some quarters that safety has become worse.
Imagine if due to safety concerns say a 200mph limit was imposed on aeroplanes. Would that make it safer or would they start dropping out the sky?
Here it appears a decision was taken that if an engine appears to be operating outside a parameter block which may not have been installed, the obvious thing to do is cut power to the engine in such a way it's unable to do its job and it's not overidable, and to not ask what would happen if this should be allowed to occur on all the available engines.
It's not what's happened that's being questioned, it's the alleged thought process that's led up to it.
Gassing Station | Boats, Planes & Trains | Top of Page | What's New | My Stuff