Slashdot Mirror
Investigators Suspect Computers Doomed Air France Jet
DesScorp writes "Investigators working with the wreckage of Air France flight 447 believe the aircraft suffered cascading system failures with the on-board computers, eliminating the automation the aircraft needed to stay aloft. 'Relying on backup instruments, the Air France pilots apparently struggled to restart flight-management computers even as their plane may have begun breaking up from excessive speed,' reports the Wall Street Journal. Computer malfunctions may not be an isolated incident on the Airbus A330, as the NTSB is now investigating two other flights 'in which airspeed and altitude indications in the cockpits of Airbus A330 aircraft may have malfunctioned.'"
And that's why I always go for the isle seat. :)
I dunno, the NTSB usually drags their feet before stating anything. They usually don't make statements about suspicion of what may have happened without specific evidence. This seems like an unusual announcement from them, not their usual style. I wonder if they are compelled to state a truth that they fell won't be properly addressed otherwise. After all, Airbus is built in Europe not the US.
"The fancier they make the plumbing, the easier it is to stop up the drain." -Scotty
We're talking about a death toll in the hundreds of people, significantly higher than your average terrorist attack, and the loss of a multi-million dollar craft. This is not your average bug.
That works fine when everything's okay, when not, they click yes to "do you want to format your hard drive" because they always click yes on those little window with buttons thingies. Then they call IT who has to get the backups. Oh wait, that's where flying a commercial airliner is unlike a PEBKAC.
Airlines aren't interested in the best pilots money can buy. They want the cheapest pilots that are allowed to fly.
Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
It would be ironic if the flight computers contributed to the accident, given the focus on designing them to prevent humans from contributing to accidents. Interesting video showing an A320 "refusing" to be crashed: At about 3 minutes, the software prevents roll beyond 67 degrees. At about 4:30, an attempt is made to stall the aircraft, at which time the software overrides the throttle settings. http://www.youtube.com/watch?v=LO5l6_d6yck [youtube.com]
Less than an average day on the road.
Second, the US announcement of the two computer failures, neither of which caused an accident, presumably has nothing at all to do with Boeing's recent embarrassment over continuing delays and cancellations to the Dreamliner, and a desire to damage Airbus?
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Why can't they use a battery-operated GPS-based measure of airspeed as a backup
Because GPS knows nothing about *airspeed*.
A GPS recorded speed of 100mph, into a 50mph headwind = 150 mph airspeed.
We've had some crazy scare-mongering headlines here before, but this one is definitely up there with the best.
It makes me think "I, Robot" or three evil islamonaziliberal Apple IIs gaining sentience.
Maybe "software causes crash" or "automated systems cause crash" but "computers doomed jet"?
You are welcome on my lawn.
So the trains in DC collided because even while the human operator tried applying the breaks the computer overrode the engineer and kept the train moving at a good speed. And now the investigators of the air france flight are saying computer failures on that flight caused the plane to stay at a high-inoperable speed, despite the pilot's best effort to slow down? Does it sound to anyone else like the computer revolution from Terminator, the Matrix, nearly every other future sci-fi movie is taking place? We never should have let them start beating us in chess now the computers are getting all uppity.
...the way aerospace (life critical and specialized or specific field oriented) software is created, it is highly bug free, quite the opposite of feature creep bloat you see everywhere else, but even at the code level there is avoidance of function calls that can introduce another level of abstraction and complexity and contribute to bugs and failure. It is in this way that using the process of elimination we can come to some conclusions about where error is or can most certainly exist, philosophy.
On a hardware level, we have redundant backups and check system....
As such there is one area that neither software nor hardware has but only as a secondary or implimentation of, position.
Human error in concepts, beliefs, philosophies, abstraction definition variation, etc... That which exist before the hardware and software and often what hardware and software creation is inspired by, directed by, guide lined by, etc..
If the philosophy base is wrong then its limitations will manifest through the software and hardware created under such a philosophy and eventually show the limitations, via failure to perform.
There are plenty examples of human philosophy errors, such as how it wasn't until the early 1990's that the Catholic Church exonerated Galileo over his observation the earth revolved around the sun.
The Atlanta Centennial park bombing where the 911 system failed because no-one gave the park an address..... or is the philosophy of programming a 911 system to require an address the error? Or is it a good thing that all things needing 911 are at an address?
My pet peeve of the computer industry, the button on the front of the computer marked with a 0 & 1 symbol(s), yet over engineering has resulted in the meaning of those symbols to be more than "off & on" and this went further in removing the hard on off switch so that when the software based power switch failed, you have to physically unplug the computer from the wall, or take teh battery out.
The correct philosophy for such a switch would be a multi position switch, which the consumer doesn't have to know more than is obvious... And ultimately the motivating philosophy behind the software switch is that of creating an OS that needs a shutdown sequence and time for it. When you think of this "0&1" switch, what better representation of distorting the most basic and fundamental concept of computers with overcomplexifabulocation can there possible be?
Software and hardware is not where the error lies in this Air France tragedy, even if there is failure or limitations found there in hardware and software, but the failure is in not providing a manual override. And if the technology has been made to complex for manual control.... then let grandma crawl under the desk to unplug the damn computer....shut it down until the real problem is fixed.
BTW, due to the competitive commercial nature of aerospace software development tools, there is a level of incompatibility between them and as such there is also motive for playing the lockin game regardless of any "unforseen" risk to others. Perhaps there is a place for open source software here!!!
Don't bow down to the stone image (Stone = computer hardware - Image = software) of the beast of man, for the beast is error prone and his image can be no better. Instead take a closer look at the code.... with many eyes.....
+ Insightful
However GP said it wouldn't be accurate, just accurate enough. How high do windspeeds get in safe flying weather (assume a headwind) and would that plus whatever error there is in the gps (probably fairly small) be too much for a go/no go system?
I'll meet you at the intersection of "Should be" and "Reality"
"So you're nominated because you crashed Word 2007 three times in 20 minutes? Pussy.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
It is possible that you are at stall speed and moving several hundreds of km per hour in relation to the ground according to your GPS.
The winds are very strong higher up and if you're in a tail wind, the above scenario is very possible.
Have you thought this out? Why would flying into a headwind speed up the plane? Just sayin'...
It doesn't speed up, it just faces as much air resistance as it would face flying 150 mph with no wind. That's a quite significant value if you want to figure out if your plane is going to break apart or not...
A GPS recorded speed of 100mph, into a 50mph headwind = 150 mph airspeed.
Have you thought this out? Why would flying into a headwind speed up the plane? Just sayin'...
Lets say the pilot wants to fly at 500 knots AIS (Indicated Air Speed). They set ground speed to 500 knots with GPS but the air is going the other way to 100 knots. Airspeed is now 600 knots.
http://michaelsmith.id.au
This post reminded me of an article that was written a couple years ago about the people who program the space shuttle. I couldn't find a link to it, but I recall a similar article about the software on the Boeing 777; essentially the pilots are sitting in front of a computer screen that they can bring up any piece of data about the airplane, and how these systems must all co-exist without interfering in any way with the flight systems, etc. Pretty interesting reads.
Frankly, the pressure in such an environment has got to be *beyond* intense; you're being asked to write software to, in some cases, cheat physics, and if you get it wrong, everybody dies. I have great sympathy for pilots who have to use the software, knowing that you can train to handle just so much, but I also have sympathy for the developers who have to write the programs that have to handle so much more.
it doesn't speed up the plane... but the plane is moving 150 mph compared to the air. That's air speed.
Let's reverse it.. A plane must travel so fast to stay in the air.. let's say 130mph to keep things sane. So if you have a plane flying at 140mph with no wind any direction, the plane will stay up. That same plane could slow to 125mph with a 15mph headwind, and still stay up since in effect the plane is "traveling" at 140mph. Now if there was a TAIL wind of 15mph while the plane was flying at 125mph, the effective speed of the plane would only be 110mph and it wouldn't be able to stay up, it would stall.
Pitot tubes were invented in the 1700s by the French Engineer Henry Pitot and later modified for airspeed measurements. They are also used to measure aerodynamic speed in Formula racing cars too among other uses. Here is a comprehensive article following the crash investigation that is informative with photographs and the timeline of theories.
I read both the articles posted. They do not qualify as the best investigation reports. They seem to be building "What if" scenarios from all data that is available. Other A330 failures (no recent crashes reported) and Other places where ice in Pitot tubes led to failure (The Wikipedia article has a lot of information on this and planes which had problems notably, the X31.) The investigators are clearly under pressure to say what they have found and they are unable to report "nothing" to the press. With no luck in recovering the Black Box, the investigators (like they talk about Pilots not good at flying aircraft without the aid of in-flight safety systems) have to do it the old forensic way (reminds me of Crichton's Airframe). That is going to take time and the press, the Aircraft companies using A330s are impatient to know why.
Clearly no recent theory has come close to deducing the true reason for the crash. As I remember the first news item that appeared on the AF447 was that the plane "vanished" from Radar and was sought for by the Brazilian Air Force before the crash site was positively identified. The last exchanges between the Pilot and the Aircraft tower followed by an automated message from the aircraft remain the main clues apart from the debris in this horrific accident.
No Greater Friend, No Greater Enemy! (Lucius Cornelius Sulla)
There are a couple of aspects about the A330 problems that amaze me:
1. How can an airplane be allowed to carry passengers when the margin to airframe disintegration is so narrow? I can understand falling out of the sky if it stalls, but to be able to tear the airplane apart in level flight? What happened to margin of safety in airframe construction -- or is that whole concept now obsolete?
2. If the airplane can send fault messages home, why don't blackbox data streams get sent as well? At least that way there would be some situation info available as opposed to none.
3. In some ways reliance on flight computers is like reliance on spreadsheets or calculators -- if you do not understand what is going on and are not capable of doing it yourself then you cannot tell if the software is correct. Essentially, if the computer says it is so then it is, and you either survive or not.
Wordwide? Sure.
In the USA? Nope. (Not that such a simplistic comparison means anything, but at least let us talk about honest facts.)
http://www-fars.nhtsa.dot.gov/Main/index.aspx
This is why I really want any airplane I'm flying to LISTEN to me, not argue with me... At no point should a computer be able to override pilot input. Also, i want a solid mechanical link between the controls I'm pushing on and the control surfaces on the wings... That way, even if EVERY computer on the plane dies, I can still control the damn thing...
And yes IAAAP... (I Am An Airline Pilot)
I'm not entirely sure what islands have to do with this.
To go for the car analogy:
Imagine a (large) conveyor 100 miles long, stable enough for you to drive on in your car. Now drive from it's start to it's end in one hour. The distance you traveled is 100 miles, right?
Now imagine that conveyor moving in the opposite direction (i.e. towards you) at 50 mph. To still get from your starting point to your destination in an hour, you're doing 150 mph road speed. The GPS will still report 100 mph, but your car's tachymetre will report 150 mph, the wheels will revolve as is necessary to go 150 mph and, if you add 50 mph of headwind, even the air resistance will be equal to doing 150 mph without wind.
In an environment where the you need to stay in a 10 mph zone in order to avoid either stalling, rapid descent, crash, death if going too slow or plane breaking apart in mid-air, rapid descent, crash, death; it's quite helpful to know an accurate measurement. It's like Speed, except the bomb will blow up when your axle speed drops below 145 and the bus will spontaneously disintegrate at 155. Also, there's varying levels of wind. Also, you're driving on slicks. Through some kind of rally track half of which is concrete, the other half sand/dirt and the other half is jell-o.
It doesn't speed up the plane. The GP is assuming that the plane can cruise at or above 150 MPH. The GPS coordinates tell you where you are on the earth. If the GPS coordinates are such that you have a 100 MPH ground speed, and the air you are flying into is going 50 MPH relative to the ground, then your air speed will be 50 MPH higher than the ground speed.
In fact, in a small plane, sometimes it's possible to fly above the stall speed into the wind but not move at all relative to the ground.
Last time I checked the air france black box recorder hasn't been located let alone pulled out of the ocean. Without having the black box how can the NTSB be making speculations as to the cause of the downed flight? Others are speculating things like the Rudder had problems, Turbulence, this computer bug.
Until they know what the actual cause is they should avoid speculation because it does absolutely nothing other then fill media headlines with non-sense.
Investigators suspected the computers a good 3 weeks ago, so I'm not sure how this qualifies as news.
What about, you know... manual control?
Sure there are no mechanic cables anymore, but a wire controls the low-level hardware.
But at least it has to have just as basic piece of electronics that has no software or big complexity, and that allows you to manually steer the plane.
(No, that is not too hard to do, even on such big jets. You just have to be more careful about quick actions, stalling the plane & co.)
A piece of electronics that is so simple, that the only thing killing it, is an electric shock right into its mainboard.
Electronics failure is never a cause! (Because: What would that be?)
The reason usually is a software error, that electric shock, or some other external source.
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Wow. I would have guessed that in or near a storm system but not in nicer weather. Thanks for the knowledge.
I'll meet you at the intersection of "Should be" and "Reality"
Other Airbus crashes involving computer/human interaction failures: http://markpknowles.com/first-airbus-crash-photos/ http://www.youtube.com/watch?v=_EM0hDchVlY These machines are totally fly by wire = no computer, no fly.
I hate being bipolar; it's awesome!
Does anyone know??? I'll reserve further comments until this is known.
Did the pilots shut down the flight computers in an effort to get the controls to respond appropriately? Professional Pilots are "do-ers", and right or wrong, they ALWAYS have a reason for their choices.
Did the flight computer failure mode fail to (dis)engage? I've heard about the manual control levels that an Airbus flight system degrades through. It looks like the computer wouldn't get out of the way soon enough, so the flight crew kicked it in the head.
They received the airplane in a un-recoverable, un-flyable, disintegrating condition from mach turbulence destroying lift and ultimately the aircraft. (coffin corner)
Cascading failures generally occur from a synergy of multiple causes. In this case:
- A narrow flight envelope due to altitude and varying wind-speed in the storm. (had they climbed, trying to avoid the storm?)
- Pilot over-reliance on automated flight assist in marginal conditions.
- Failure of physical airspeed instruments due to severe icing from a massive updraft.
- Increased thrust from engines ingesting water contained in the 100mph updraft. (coffin corner!)
- Altitude increase from 100 mph updraft. (coffin corner!)
- Inappropriate computer control responses, destabilizing flight dynamics, leading to overspeed and unrecoverable loss of lift (mach stall).
- Turbulence and chaos of a severe storm masking the initial flight computer deviations.
The inertial nav system all ready has those numbers and might even have a good idea of the last known wind speed.
The problem is that at high cruise the stall speed and the Vne (Never Exceed) can be very close as in two digits in km/hr and hte Va (speed to cruse when you hit turbulence) is within single digits of the stall speed.
Scary stuff.
The Wall Street Journal article oversimplifies the problem with the Airbus
design philosophy. In effect; Too Damn Much reliance on the automated flight
control system for basic safety-of-flight.
A prime example?
Rudder hinges.
Airbus has notoriously
http://en.wikipedia.org/wiki/American_Airlines_Flight_587
underbuilt the rudder hinges on the A300 (and, no doubt, the A330) in the
interest of lightness and efficiency. They have chosen to rely on the
automated flight control system to limit loads on the structure, instead of
building the necessary robustness into that structure.
This is great when flight conditions are all peachy, but in a thunderstorm, at
night, with sensors (iced-up pitot tubes?) that are prone to failure, well
then you have a failure scenario that the designers never built into their
simulations, and the rescue/recovery teams in the south Atlantic find the
rudder 37 miles from the rest of the wreckage.
Forwarded from a colleague (names redacted);
>> This from a friend and NWA pilot I flew the B-757
>> with out of our Tokyo base.........Now obviously on the A-330
>>
>>
>> Well, I'm sure you have all heard of the Air France accident. I fly
>> the same plane, the A330.
>>
>>
>>
>> Yesterday while coming up from Hong Kong to Tokyo , a 1700nm
>> 4hr. flight, we experienced the same problems Air France had while
>> flying thru bad weather.
>> I have a link to the failures that occurred on AF 447. My list is
>> almost the same.
>> http://www.eurocockpit.com/images/acars447.php
>>
>> The problem I suspect is the pitot tubes ice over and you
>> loose your airspeed indication along with the auto pilot, auto
>> throttles and rudder limit protection. The rudder limit protection
>> keeps you from over stressing the rudder at high speed.
>>
>> Synopsis;
>> Tuesday 23, 2009 10am enroute HKG to NRT. Entering Nara Japan
>> airspace.
>>
>> FL390 mostly clear with occasional isolated areas of rain,
>> clouds tops about FL410.
>> Outside air temperature was -50C TAT -21C (your not supposed to get
>> liquid water at these temps). We did.
>>
>> As we were following other aircraft along our route. We
>> approached a large area of rain below us. Tilting the weather radar
>> down we could see the heavy rain below, displayed in red. At our
>> altitude the radar indicated green or light precipitation, most
>> likely ice crystals we thought.
>>
>> Entering the cloud tops we experienced just light to moderate
>> turbulence. (The winds were around 30kts at altitude.) After about
>> 15 sec. we encountered moderate rain. We thought it odd to have
>> rain streaming up the windshield at this altitude and the sound of
>> the plane getting pelted like an aluminum garage door. It got very
>> warm and humid in the cockpit all of a sudden.
>> Five seconds later the Captains, First Officers, and standby
>> airspeed indicators rolled back to 60kts. The auto pilot and auto
>> throttles disengaged. The Master Warning and Master Caution
>> flashed, and the sounds of chirps and clicks letting us know these
>> things were happening.
>> The Capt. hand flew the plane on the shortest
>> vector out of the rain. The airspeed indicators briefly came back
>> but failed again. The failure lasted for THREE minutes. We flew the
>> recommended 83%N1 power setting. When the airspeed indicators came
>> back. we were within 5 knots of our desired
The problem largely is that the difference between airspeed and ground speed can mean the difference between supersonic airflow over the airframe, or not enough to maintain flight. At cruising altitude (FL300 and above) you don't have a very large speed differential between these two danger areas, so windshear is something you want to avoid. (i.e. Thunderstorms)
Your question about wind speed is a little difficult to answer, it would depend on the aircraft type, but then it also depends upon what you are doing in the aircraft too, straight and level, in a turn, high g, and so on, so there are a whole host of factors to consider.
Both are important.
Too little airspeed = too little lift and a stall (which is very dangerous on something as big as an airliner, though theoretically recoverable at that altitude granted you'll waste quite a bit of fuel and scare the living daylights out of the passengers).
Too much airspeed = shock waves rip the wings right off the plane. They're not fighters and while those wings actually are pretty strong they can only make them so heavy and be able to carry payload.
Like any other part of the plane, the computer is just another instrument designed and manufactured by people. Blame the programmer, the tester, the lack of analysis. The cause of this accident has nothing to do with computers. They just do what we tell them to. Leave them alone.
To confuse things further - you're not actually using indicated airspeed but true airspeed. :)
The indicated airspeed at those altitudes is often on the order of 300 knots when the plane is really travelling around 500 knots relative to the air and 600 relative to the ground.
Put it this way - in space if you're travelling at mach 20-30 the airspeed indicator would probably read zero. When you hit an air molecule you're moving very fast relative to it, but so few hit the sensor that it reads zero. Anywhere in-between space and sea level the gauge acts accordingly...
Okay. That's just silly.
There is clearly some major pressure to build a presentable story to the public if they're floating ideas like these ones. If the PR is successful, Official Culture will soon include passenger jets which will break up from 'excessive' flying.
A significant air blast from one of the increasingly frequent falling rocks from outer space could easily account for this disaster, and could explain some of the more peculiar details.
--Quoted from this article which digs into the idea of this event being another case of "Is it just me ore do there seem to be a lot more ROCKS FROM SPACE falling around our ears lately?".
-FL
How high do windspeeds get in safe flying weather
How about over 100mph ?
The problem is you can't trust a programmer "programmer" handling floating point arithmetic.
Remember the DC-10 that crashed in IOWA? It took two guys trying to control it without hydraulics. Personally, given the choice of hydraulics OR electric motors, I would take electric motors. Electric is CHEAP AND SAFE to have redundant electrical lines. In addition, losing one, does not mean that you lose the whole aircraft like Walt Lux did in the AA dc-10 that crashed at O'hare. The problem with the Airbus is that Airbus designed the CPU to take control of the craft. If the pitot tubes are blocked, the sensor will think that the aircraft is moving at 0 knots and will DIVE IT. Since it still does not know the speed, it will continue to dive it faster and faster until stress ripped the plane apart. Sadly, this has happened on MULTIPLE issues with the plane, and had it all blamed on "PILOT ERROR". When this is done, I think that AA and several other companies will be suing the pants off Airbus for their design as well as hiding facts.
I prefer the "u" in honour as it seems to be missing these days.
Hold the outsourcer accountable - the method name invoked is in a local dialect which stymied European developers. They believed "A330.greenDam()" meant "turn on auto-pilot when entering storm", instead of "turn off auto-pilot when entering storm".
Her lips were softer than a duck's bill, but her quacks
If the philosophy base is wrong then its limitations will manifest through the software and hardware created under such a philosophy and eventually show the limitations....
Perhaps there is a place for open source software here!!!
Don't bow down to the stone image (Stone = computer hardware - Image = software) of the beast of man, for the beast is error prone and his image can be no better. Instead take a closer look at the code.... with many eyes.....
And the invisible, virginal Spirit rejoiced over the light which came forth, that which was brought forth first by the first power of his forethought, which is Richard Stallman. For Open Source is the richness of the light; the remembrance of the pleroma.
No, you're completely wrong. First of all, hydraulics move the control surfaces on all large aircraft. Nothing else has enough power while being light enough.
Old aircraft controlled the hydraulics with mechanical cables, newer ones with electrical cables (Boeing too). The computers in question are not needed for electrical signaling to the hydraulics systems.
The damage required to make the aircraft completely unflyable would be so severe it would affect any aircraft, and it has nothing to do with how well the computers are working.
When the computers went bye-bye, the pilots had complete control of the aircraft, as designed. Furthermore, the computers didn't malfunction - they turned themselves off because they couldn't trust the damaged sensors, but *neither could the pilots*. To characterize this as a computer problem just because they shut down is stupid and dishonest.
Recently there was an even more biased article on slashdot about the topic..... ok a few short thoughts a) Watch old movies and tell me hoe many people you see in the cockpit in a transatlantic flight. Tell me how many you see today. Automation helps reducing work. You can invest that free work into more safety (e.g. pilots beeing able to look onto the map for the next few hours instead of beeing busy with what is goin on now) or you can redice costs (or both) b) has it ever occure to the people criticizing the automated systems that these may have opened new limits of where (height) you can operate a airplane for a given cost (e.g. fuel). Without advanded controll systems one should probably avoid unsuitable height os have an additional espeed/ngine controller person c) Even if you have an engine controller, if you would ask e who is better at maintaining the right engine power, it take the automated system. I seriously doubt that humans having the same sensor data would make a better decistion in average
And nobody is arguing that the fly by wire system is what failed here.
"Company travel is now restricted to the A330 until a solution is found."
"Old bag" has more than one meaning.
I assume these kinds of modern planes can't even fly without a computer anymore.
You're wrong. They can.
"I assume these kinds of modern planes can't even fly without a computer anymore."
They have redundant systems such that total flight control computer loss is uncommon, but yes, if you lose them all (rare) or they misbehave (less rare) you can certainly lose the ability to control the aircraft. Computers allow aircraft performance impossible with manual systems.
That's not a bad trade off. No flight control system was ever perfectly reliable. The reality of flight is that no matter how wonderful the machine, you'll likely stick a few of them into the ground. As an experienced aircraft maintainer (USAF avionics, engines, crew chief over 26 years) I'm unworried about flying.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
This video shows an Airbus pilot switching off the flight computers then barrel rolling an A320:
http://www.youtube.com/watch?v=P2KygSyVE58
Any belief that Airbus pilots are somehow under the communist thumb and that square-jawed Boeing pilots would heave manfully at the controls and save the say is, um, 100% laughable.
FTA: "...the crew apparently shut down or tried to reboot their primary and secondary computer systems."
Where do they get this garbage? Do they make it up based on their experience with Windows ME?
FWIW, Airbus have *five* flight computers (not "primary" and "secondary") and any one of them can fly the 'plane. If they're all gone then the aircraft is already in little bits so no, you wouldn't ever be under the dashboard trying to 'reboot' them instead of flying (whatever 'reboot' means - they're designed to reboot themselves under a watchdog timer).
No sig today...
Remember that the Wall Street Journal authors apparently have no knowledge whatsoever of technical things. That doesn't stop them from writing articles about technical things, however.
Air France didn't begin replacing the malfunctioning pitot tubes in the Airbus until April 2009, and the tubes were not replaced yet in the crashed aircraft. The computers were not at fault apparently; there is no reason to suspect a computer malfunction.
Notice that the Wall Street Journal article, Computer Failures Are Probed in Jet Crash, says exactly that: "... seemingly beginning with malfunctioning airspeed sensors..." The "airspeed sensors" are the pitot tubes, which in the Airbus have been known for many years to collect ice in unusual conditions, and to stop giving reliable data.
The computers did what they were programmed to do, apparently. They stopped operating when they calculated that the data was bad. At that point the pilots needed to fly the plane themselves. However, the aircraft was operating in what is known in the aircraft industry as the coffin corner". There was apparently no way a human could fly the aircraft safely at the speeds necessary to get the craft to France in time, since in a severe thunderstorm the airspeed could not be known accurately enough to prevent overstressing the aircraft.
The Wall Street Journal apparently has NO new information. Here is a quote from the article: "The Air France crash could become the first since the 1980s in which U.S. and European investigators try to piece together a probable cause in a high-profile crash without the help of information from at least one of the plane's black boxes -- the digital recorders containing detailed flight data and cockpit conversations from the flight." There is apparently NO honest reason for the Wall Street Journal to publish an article now, claiming "Computer Failures".
Quote from a June 25, 2009 Aviation Week article, EASA: No Action Soon On A330 Pitot Tubes published three days ago: "The pitot tubes have come under fire in the wake of the crash of AF447 because the accident aircraft, an A330-200, broadcast maintenance messages just before all contact was lost, indicating inconsistent speed information and potential problems with the pitot tube."
Should the Wall Street Journal be trusted for financial information? Apparently the publication did NOTHING to stop the present corruption in the financial departments of the U.S. government. Warren Buffett very publically called derivatives "financial weapons of mass destruction" beginning in 2002. The corruption was caused by the removal of laws designed to prevent fraud, at the beginning of George W. Bush's first term.
Apparently the Wall Street Journal always serves the profit of its advertisers and others in the U.S. financial industry. If publishing the article at this time and in the way it did indicates anything other than ignorance, it could be theorized that someone connected with the publication has investments in Air France or Airbus Industries.
Other similar incidents concerning the Airbus 330 are being investigated, according to a June 25, 2009 Associated Press news release, US panel probes 2 incidents involving Airbus A330s. The Wall Street Journal has access to the Associated Press, obviously. Why did it publish its misleading article two days later, which appears to blame the "computers"? The REAL story is apparently that apparently such incidents with the Airbus are common.
Here
How high? High enough at times where it has happened that trans-atlantic flights catching the high winds have exceeded Mach 1 of ground speed, while retaining a perfectly safe airspeed. Assume you are flying at 500 MPH, and you are looking at 200+MPH tailwind.
This video shows an Airbus pilot switching off the flight computers then barrel rolling an A320:
http://www.youtube.com/watch?v=P2KygSyVE58
It's a full scale simulator not a real aircraft, you can see the border of the simulator room projection screen outside of the cockpit. Do you really thing that a man performing a barrel roll with a jumbo jet have the time to explain in a relax manner what's happening ?
It's only a demonstration about how the flight computers limit the human command to stay in flight parameters ( and prevent you to attend stupid maneuver like a barrel roll).
I think he's flying a simulator, and not risking an actual airplane.
How does this show that real A320s don't have five flight computers or that any one of them can fly the plane or that a crew would never be under the table trying to 'reboot' them?
"you can see the border of the simulator room projection screen outside of the cockpit"
Really? I thought it was the pilot *saying* it's a simulator that gave the game away.
No sig today...
Quite honestly I'd like to know where the software was coded.
I'm not going to say what I'm thinking, but given the magnitude of the failure and the potential for future impact it's a valid question.
Glonoinha the MebiByte Slayer
4000/8 = 500mph true velocity over ground
4000/7 = 571mph true velocity over ground
Assuming equal thrust in both cases, vehicle flying the average of the two when in idle wind = 535mph.
Impact of the wind in either direction = 35mph.
Not really as high as I might have imagined. The larger question is : does the wind speed have a 1:1 relation to the change in vehicle velocity, or is the impact of wind some other ratio (ie, does a 35mph headwind = 35mph slower, or does it take a 50mph headwind to cause a 35mph slowdown?)
Glonoinha the MebiByte Slayer
Actually, there are cases where the pilots saved the day though there were no preset procedures and they had to "wing it" ;).
There was no preset procedure for flying when all four 747 engines shut down due to volcanic ash, and the cockpit windows get ash-blasted so the pilots can barely see out of them.
See: http://en.wikipedia.org/wiki/British_Airways_Flight_9
But they still managed to make it to the airport and land without anybody dying or getting injured.
And for some reason there wasn't a preset procedure for gliding when out of fuel for Air Canada 767 pilots (they only simulated one engine landings, not zero engine landings!)- see the Gimli Glider. And even Gimli wasn't listed as a potential landing site in Air Canada's manuals. The pilot just happened to know of its existence.
Then there was the case of "complete loss of hydraulic flight control systems due to being hit by a surface to air missile". I doubt there's a preset procedure in DHL's flight training manual for that ;).
http://en.wikipedia.org/wiki/2003_Baghdad_DHL_attempted_shootdown_incident
Fortunately the pilot there had attended a seminar given by the captain of United 232 who had to fly a plane a similar way (which was a less fortunate flight as lots of people died).
See: http://en.wikipedia.org/wiki/United_Airlines_Flight_232
That said, in the Gimli Glider case I think a computer could actually help a lot, assuming the sensors still work. But in the case of being hit by a missile, I think a skilled human pilot who doesn't want to die, is going to be better than a programmer+computer or "preset procedure guy" at "saving the day".
Preset procedures and computer assistance are good help, especially for mediocre pilots. You don't want them to do the wrong thing.
But the procedure writer can't list all the weird stuff, way in advance. There are too many possible weird things that could happen to list down usefully for pilots to follow.
And the programmer won't dare program those into the computer, because a slight difference in the assumptions could be disastrous.
When the preset procedures don't fit, what you need is pilots that have a good sense of what the plane can do, then often they can figure out what the plane can and cannot do when bits fail or get blown away.
Unless they loss the entire navigation capablities, they knew new what their ground speed was. Question comes to my low time mind is if they knew that and they know what their IAS should have been at a given EPR readings, why wouldn't they know they were going beyond Va regardless of the what the IAS is being shown? Unless they were attempting to power their way out of a microburst and didn't have time to think. I have a gut feeling pilot training needs a review.
My understanding is that the 5 computers are segregated into two groups: One group of 2 and one group of 3. Each group is programmed in a different language and all 5 computers are programmed by different companies.
tl;dr version:
On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.
--Charles Babbage
This signature serves no purpose other than to help you see which posts were made by me.
This video shows an Airbus pilot switching off the flight computers then barrel rolling an A320: http://www.youtube.com/watch?v=P2KygSyVE58
Give me a break. This whole thing was taken in a simulator, which are *programmed* to behave how they think the airplanes will behave, using recorded data from test flights to help. Because they do not test the airframes in extreme attitudes (especially barrel rolls), they have little to no data with which to program the simulator, making demonstrations like this complete nonsense.
At 3:02 into the video you just posted, the pilot admits, "Not a maneuver you'd normally see in an airliner, and in fact you probably couldn't do it in a real airplane."
I'm not sure what you were trying to prove. This video doesn't prove anything.
Any belief that Airbus pilots are somehow under the communist thumb and that square-jawed Boeing pilots would heave manfully at the controls and save the say is, um, 100% laughable.
LOL, this is the absolute definition of the straw man argument. The great-grandparent never made such a claim; just an apolitical observation that he was scared that computers fly the planes and not skilled pilots.
Stop trying to turn this engineering discussion into a US vs. Europe, Boeing vs. Airbus religious war. Your post is a troll, I'm afraid.
http://en.wikipedia.org/wiki/Ariane_5_Flight_501
This video shows an Airbus pilot switching off the flight computers then barrel rolling an A320:
No it DOES NOT: it shows the pilot rolling a flight simulator. He even says it would not work
in a real A320.
Bill Gates is out on the wing, tearing apart the plane!
( http://en.wikipedia.org/wiki/Nightmare_at_20,000_Feet )
Care about electronic freedom? Consider donating to the EFF!
Eclectic beats from Leeds, UK
handmadehands.co.uk
What it DOES show is that the article is rubbish. Airbus don't have "primary" and "secondary" computers. It also shows that Airbus can fly without the flight computers (if the computers fail the systems switch to alternate law as detailed here: http://www.airbusdriver.net/airbus_fltlaws.htm )
No sig today...
This may be a dumb question, but would it at all be technically feasible for flight data recorders to uplink, say, an encrypted data-stream to some available satellite whenever things start to go pear-shaped?
Maybe you haven't listened carefully. The pilot states that the barrel roll probably won't work in a real A320 because it is not certified for aerobatics (means that the airplane might acquire structural damage).
Switching the flight augmentation off and going to the direct law works perfectly fine in a real airbus, it is just not recommended.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
You are correct in stating that a pitot tube malfunction is not a computer malfunction. The question becomes how did the pilots handle that. Your 100% correct in stating that a plane could accelarate through "coffin corner" and break apart. I'm suprised that there isn't a better web reference than WSJ for updates to an aircraft story.
In Soviet Russia ^H^H^H America, The bank finances YOU!
It's the usual confusion of relative to absolute. In principle, you could have an aircraft that was stationary to the ground and still have an airspeed of 150 miles per hour. (The plane is not moving at the same speed relative to the air as it is relative to the ground.)
I am not 100% certain on this, but I believe certain species of bird will use this technique to do precisely what I described above - stay absolutely still relative to the ground, using the air's speed relative to the ground to stay aloft.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
However GP said it wouldn't be accurate, just accurate enough. How high do windspeeds get in safe flying weather (assume a headwind) and would that plus whatever error there is in the gps (probably fairly small) be too much for a go/no go system?
I will counter that, in addressing the windspeed that the GPS has no means of measuring.
I once got on one of Frontiers Convair 580's in Lincoln NE, made a stop in Omaha, then cut a trail to Rapid City SD, with the rotation out of Omaha at about 4:25 pm. We climbed into a layer of air that was headed northwest at about 18k feet & watched the most glorious sunset in front of us I have seen in my now 74 years. Figuring we were making around 350 mph, I figured to be on the ground in Rapid City about 6:15 pm. 45 minutes into the flight the pilot announced that while he also was enjoying the view, he was going to have to spoil it or over overshoot Rapid City, making the comment that we had just set an in-service altitude and speed record for a Convair 580, we had followed the quiet air layer till the 580's service ceiling was below us a couple thousand feet, and that the true ground speed was about 620 mph making that tailwind pretty close to 300 mph. I'd call that a tailwind! It was then that I had realized that he had never feathered the props either. He then set them pretty flat, we hit a brick wall and literally fell into Rapid City, nearly an hour early. It took my ride another half an hour to show up.
NO GPS could have sensed that. And that airplane would have stalled out had the pilot tried to reduce the speed to the 350 or less it normally cruised at.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Hey, we barely have the tail of the plane, and now journalists are be able to diagnosis a computer bug. Seriously...
You seem to know what you're talking about, so I'll ask you. The airframe that I maintain uses all heated air data sensors. They don't just get warm; they are a serious hazard when the plane has just landed or the sensors are being tested. I am curious since I have not worked on commercial liners, but aren't heated probes de rigeur on airframes that fly above a certain altitude?
Or was this an error of the heating system, or what?
Just curious.
-b
No offense, but I've stopped responding to AC's.
The relationship is a direct one. If you have 100kt
indicated airspeed and a 180 degree headwind of 50KT you have a ground speed of 50KT. To further confuse the issue, true airspeed increases over the ASI reading at 2% per thousand feet.
So at 10,000ft, your actual airspeed is 20% higher than indicated by the pitot driven ASI.
I always get nervous when landing close to thunderstorm cells.
You shouldnt, it is standard practice to maintain at least 1.5 times the stalling speed for exactly this reason. In fact a microburst is the greater danger.
With velocities of 30KT DOWN and more the donward flow can exceed the max rate of climb of the aircraft, meaning you are going down. Unfortunately the microburst turns into a tailwind when it hits the ground, as it speads in all directions.
Actually... Aircraft can break apart due to excess speed, or more importantly "high speed buffeting" Commercial Airliners fly at a very narrow range. Known as Coffin Corner Where the aircraft is neither low-speed or high speed buffeting.
In Soviet Russia ^H^H^H America, The bank finances YOU!
Thank you!
You got the wrong damn plane! Who you think you're tryin' to fool by showing a damn simulator?! You work for Airbus or something?
For justice, we must go to Don Corleone
Just FYI -- A properly flown barrel roll is a 1g maneuver, which means that the passengers wouldn't even spill their drinks. Any airplane can do a barrel roll.
erm... you know that the atmosphere more or less rotates with the earth? Wind is by definition a difference between the velocity of the air and the velocity of the surface of the earth. For convenience, the earth is used as a fixed frame of reference. If you want to bring relativity into it, i'm happy to play ball... If you have such a poor understanding of physics, maybe you shouldn't be so condescendingly sarcastic when correcting people on it.
>>The NTSC has NOTHING to do with this investigation
I think you meant NTSB. The reason that the NTSB might be interested in this crash, as well as ALL crashes and other misadventures, is that air travel is a worldwide enterprise. That means that crash data gathered over, say, the Atlantic Ocean, might have important ramifications for air travel over Detroit or Utica. So.
And yes, most of the posts in this discussion are BS- I work in aerospace, and it almost physically hurts to read some of these posts. On the other hand it makes me much more self-conscious about posting in areas that I know less about, so it's a net gain I think. We could all afford to just shut the hell up sometimes.
-b
No offense, but I've stopped responding to AC's.
I don't see how it would make a difference. The computers were smart enough to know the speeds from the pitot tubes were bogus, so it handed control over to the pilot - that's really the best it could do. The pilot should already know the ground speed - from the GPS or other instrumentation, and I would think an experienced pilot would be better able to guess at the airspeed than the computer.
WSJ bad... comment links to an extremely important article in Rolling Stone magazine.
could be better translated as... I am a left wing guy trashing the WSJ with my own smear campaign and then going off topic to promote my own agenda by inviting readers to check out another smear campaign conducted this time by Rolling Stone.
This is my sig.
The articles are pure FUD, and the summary is worse.
Thanks for clearing it up... on Airbus, the computers help the pilot, unless the plane is crashing...
This is my sig.
I don't know about the Concorde but in the case of planes like the airbus with the safety measures active you could do a desperate control like full hard right, and the plane will just bank right to the max of 67 degrees.
It just won't end up rolling (unless you turn off the restrictions). BUT the thing is, in most cases that's what the pilot wants anyway, even emergency cases.
You could try a 90 degree bank, but the plane might break up or crash anyway, or you could still end up killing almost the same numbers of passengers. They're not fighter jets with pilots in g suits.
Same thing goes for a "full pull up" to try to avoid hitting stuff. They don't want to stall and lose height (and make it even more likely for a crash). So the plane provides the max power available at the moment, and limits the angle of attack based on the airspeed to something that won't stall the plane.
If that's not enough, I doubt even "direct control" will help.
Sometimes the plane and people in it are just doomed and there's nothing the computers and pilots can do about it once they've gone down that path.
Only way out is to not be in that situation in the first place. Better training, screening, discipline, maintenance etc.
You're right and wrong. If you had said that the primary flight computers are optional, you'd be right, but the computers are most certainly not optional in the Airbus FBW design according to the pilots on PPRuNe and several other sources that I consider highly reliable.
The Airbus design requires at least one of the five flight control computers to be working even for direct law (what most people would call "full manual" control). In the event that the three primary computers are down, either of the two secondaries can take over as a primary and can process the direct law commands from the controls and pass them directly on to the various control surfaces. If all five computers go down, however, IIRC, the only things you can control are the throttle and the rudder. (There's a cable that goes directly from the controls to a box that automatically engages manual rudder control if you lose all five flight control computers.) While it is possible to land a plane under ideal circumstances with just rudder control and throttle, it ain't gonna happen in a bad storm.... There is no direct connection for any other Airbus control surface, as far as I've been able to determine.
Also, the computers did NOT all go down. IIRC, two computers (PRIM1, SEC1) plus the ISIS (Integrated Standby Instruments System) modules failed. A failure in PRIM1 could be caused by a clogged pitot tube, but I don't think SEC1 should care at all about the ADIRU data. Its sole purpose is to be there in case all the primaries go down.
No, something very bizarre happened up there. My first suspect is the Kapton insulation used on the wiring. It has been implicated in two aircraft fires on the ground, and it was used in Airbus aircraft until after this particular A330 was built. If the SEC1 computer was somehow getting sporadic power surges, it's possible that it sent bad control data out to the rudder, snapping off the tail of the aircraft. It's also possible that they attempted a shutdown of a lot of the computers and ended up getting more manual control over the rudder than they bargained for. In full manual, it is completely possible to rip the tail off one of these birds by stomping the pedal too hard....
Indeed, such a tail failure was the cause of the crash of American Airlines flight 587 (an A300). A similar failure occurred in an A310, Air Transat flight 961 (the pilot somehow managed to bring that thing down in mostly one piece), and there's another report of a FedEx A300 exhibiting random tail rudder motion without the pilot pushing on the pedals and that this caused similar severe damage to the rudder. So it would not at all be hard to believe that some computer problem rips the tails off these things occasionally....
Check out my sci-fi/humor trilogy at PatriotsBooks.
Yes, they are heated. Here is a brochure: Thales Airbus sensors and probes.
"Or was this an error of the heating system, or what?"
I don't know the answer, and I don't find anyone claiming to know. I'm guessing that there is a subtle design error. If I could hold a Thales pitot in my hand I might be qualified to theorize why it fails. But I would not be qualified to design a better one, although maybe I could help do the design.
Apparently there are no problems with the Goodrich pitot sensors. (PDF file)
I've been studying how the world deals with issues such as this one. There are cover-ups as money is spent to influence and confuse the media. But now there is a huge difference from 20 years ago. Now the pilots, who don't want to lose their lives, have a voice. There are numerous blogs with many interesting comments. For example, now the media is being fed the apparent lie that the problems with the pitot sensors are new. But someone posted this TFU [technical follow-up], showing a report from December of 1995: TFU 34.13.00.005. Here is someone asking a question about that: Question: The problem was known since 1995. Why such long time for correcting the default?
None of the authors of articles for news agencies seem to have any technical knowledge. In the past it didn't matter, since the rich didn't want you to know. In the past people had to accept whatever the news media said.
Since the Thales sensors are being replaced, the smart thing would be to get one that has just been removed and examine it.
"Twats"? "Cunts"? "Pricks"?
Sheesh! Make up your mind... Can't have it both ways.
Slashdot entertains. Windows pays the mortgage.
No, a handheld GPS would be useless. It can't give you airspeed or attitude. Also, you need line of sight to the satellites. Next time you're on an airliner, try and use a handheld GPS and see how well that works through the skin of the airplane. My Garmin GPSMAP 195 (an actual aviation handheld GPS) cannot always get a satellite fix in a commercial airliner. In an emergency, its not really a big deal where you are or what your groundspeed is. If you don't know your airspeed or attitude (the two things a GPS will *not* give you) you *will* die.
Disclaiminer: I am an aerospace engineer and a pilot.
I may be wrong but it's my understanding that in order for an aircraft to be certified for flight into known icing conditions, the pitot tube must be heated. The question is whether the certification testing was sufficiently rigorous; it's possible this Airbus (and, apparently, several others) were flown in conditions that made the pitot tubes unreliable, but weren't encountered during simulations or testing.
The amount of heat required to keep something ice-free in icing conditions at near-transonic speed is *enormous*, and doing so while keeping the readings accurate is a pretty serious engineering problem.
Nostalgia's not what it used to be.
I can't give you maximum numbers, but I can tell you that I've flown a Cessna 172 backwards. The headwind was faster than 1.3 times the stall speed so I was trying to land and getting blown backwards away from the airport.
Obviously that's less of a problem when you're flying at Mach 0.85, but the winds up there are also faster. The jetstream has been measured at almost 400 km/hour. That's unusual, but gives you an idea of what winds aloft can do.
The error in GPS-reported speed at reasonable speeds is incredibly small, for what that's worth.
Nostalgia's not what it used to be.
You forgot some steps:
A330:
1. Computer in control every flight for months
2. Pilots' skills and awareness degrade.
3. Sensors fail
4. Computer: "sorry dudes, you're on your own"
5. Rusty, out-of-the-loop pilots thrown into control
6. Pilots: "Fuck, I'd better troubleshoot the computers"
Here's the same for a B767:
1. Pilots in control, maintaining their skills, developing aircraft and weather awareness
2. Sensors fail
3. Seasoned pilots: "Fuck, it's a good thing I can fly this thing in my sleep"
Wah!
"so how would a plane without computers have fared any better?"
In a plane without computers, the airspeed indicator would show lower than actual airspeed. Pilots are trained to recognize this happening. The failure would have been isolated. If fluctuating sensor readings were the trigger that crashed other computers and took pilot attention away from actually flying the aircraft, 447 would have arrived that fateful day. That doesn't mean computer controlled planes are bad though, because the computers also make a lot of the mundane tasks of flying infinitely easier.
"It's also complete bullshit to say that the pilots can't override the computers. In normal flight, the computers *aid* the pilots. "
I'm not saying which is better, because each has advantages, but in newer Airbuses this is demonstrably false. Airbuses use fly by wire. The plane controls have no direct connection to the control surfaces. The yoke is a digital encoder that sends data to the flight control computer, which moves actuators on the control surfaces. If the right computer goes down, you have absolutely no control of an Airbus aircraft.
"closer to the stall speed than a Boeing pilot would ever dare to go. Meanwhile, the pilot can look out the window instead of at an instrument panel!"
In a possible collision, pilots absolutely do not look at the instruments, they look out the window. The advantage to Boeing manual flight controls is in an emergency, pilots can make flight commands outside of the engineering specs of the plane. Frequently the plane will survive, and the extra maneuverability might prevent the collision. I am sure there is significant code in the Airbus that tries to recognize evasive maneuvers, and allow commands outside of the normal fight envelope.
"avoiding a collision is easier in an Airbus, because pilots can just pull the stick back hard and the computers will automatically give the best possible climb performance"
Theoretically this is true, but it doesn't always work that way. The Airbus in New Jersey allowed the rudder pedal movements of the First Officer to snap the vertical stabilizer off the plane.
"the aircraft didn't "let him" because even maximum performance wasn't enough and the plane would have dropped like a stone had it been a Boeing. The computers probably saved everyone who did walk away from that crash!"
http://en.wikipedia.org/wiki/Air_France_Flight_296
The cause of the accident is disputed, but there is enough evidence to implicate the computers as the cause of the crash and not the savior of some of the people. The altimeter supposedly read 100 feet while the plane was at 30 feet. The plane also didn't respond to take off power, possibly because it was stuck in landing configuration. Additionally much evidence was destroyed or improperly handled.
"IF the computers actually malfunction, they will turn themselves off. If they don't, the pilots can turn them off manually."
They don't, they flag their output as suspect and disconnect from the flight control computer. The flight control computer in an Airbus can not turn off or you lose control of the aircraft.
Well let me tell you. You absolutely can not do it. When your airspeed indicator is faulty you have to set to a power setting in a table based upon configuration of the plane. You have no idea how fast it is going.
Googled isle gnu linux, lessee. Isle of Man. Isle of Wight. Hmmm. I ain't gettin' it, either.
Hmmm, Linux isn't technically gnu. Googled isle linux. Hmmmm. Isle of Man. Green Isle, MN. Nah, this joke's stupid.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Don't trust a 'fly-by-wire' aircraft. If the FLCC goes tits up, you're hosed. There is no dead sticking one in....
Why the hell was an ENTIRE DISCUSSION THREAD moderated as -1 Redundant? It's not like we were just parroting exactly what someone else said, this thread was so deep the mods had to mod -1 to the PARENT and THE GRANDPARENT to which I replied. That takes a whole lot of mod points!
Yeah, go ahead and mod down threads of discussion with critical insights, I guess that's what Slashdot is all about.
Man is the animal that laughs.
And occasionally whores for Karma.
As I understand it, a secondary can over as a primary only if all three primaries are down, not if only one primary goes down. So PRIM 1 not having air speed indication should have no impact on SEC 1. That said, I am not an Airbus engineer, so I'm certainly not authoritative on that. As for why Air France is suddenly concerned about replacing those tubes, AFAIK, they were in the process of doing that safety upgrade anyway. With this accident showing loss of air speed info, even if that wasn't the cause of the crash, they knew their pilots would be up in arms demanding that they speed up those upgrades.
Okay, I just found a better list of ACARS messages, and they're definitely not quite what I had read thus far. This paints a more interesting picture. The analysis, however, is wrong in a number of ways. Whoever wrote that didn't understand the formatting of the messages. For example, "34111506EFCS2 1,EFCS1,AFS,,,,,P" means that EFCS2 was reported bad by EFCS1, whereas the person who wrote up the analysis believed that this meant EFCS1 and EFCS2 were faulty. This same mistake occurs in several places. Be aware that AFAIK a single ACARS message will not indicate a failure in more than one component, so any analysis that suggests otherwise is likely a misinterpretation. :-)
In the first minute, the traffic collision avoidance system (TCAS) failed, the rudder travel limiter failed, EFCS 1 reported that it believed either that EFCS 2's pitot data (presumably coming from ADIRU 2) was bad (according to the spec) or that EFCS 2 had a power failure (according to the Airbus manuals), depending on which spec you believe.... In the same minute, EFCS 2 reported a failure of EFCS 1 because PRIM 1 had failed (don't know exactly what failed).
Two minutes later, ADIRU 1 and ADIRU 3 officially declared ADIRU 2 to be wrong. Then, ADIRU 1 and ADIRU 3 disagreed about air speed. Because ADIRU 2 was previously thrown out as nonfunctional, the computers couldn't cope and could no longer provide airspeed readings, so the pilots would have needed to check air speed against GPS and disable one of the remaining ADIRUs. In this same minute, the ISIS gyros malfunctioned, suggesting that the plane was probably slammed really, really hard. EFCS 1 also reported that EFCS 2's altitude information was also wrong (again, presumably coming from the same bad ADIRU as the faulty airspeed info from earlier). So clearly ADIRU 2 is utterly hosed at this point, but ADIRU 1 and 3 also aren't entirely in agreement, either on airspeed, I think....
One minute later, there was a fault reported in both Primary 1 and Secondary 1. In the same minute, the Auto Flight System (AFS) was reported as nonfunctional by the FMGEC. My guess is that these faults were probably caused by the pilots power cycling hardware to try to get things working.
Finally, in the last minute, the cabin pressurization system reported a fault.
The thing that is most disturbing in my mind is that the very first actual failure was an indication that the rudder limiter had failed.... Again, we're back to the rudder....
Check out my sci-fi/humor trilogy at PatriotsBooks.
Since the DS was sold during the '70s, if Citroen was in your country until the early '80s, then cars with power brakes (not power-assisted) were sold in your country; which was, I think, my original point.
The real "Libtards" are the Libertarians!