When the Boeing CEO had his press conference in April, he said "we've confirmed that the MCAS system as originally designed did meet our design and safety analysis criteria and our certification criteria."[1] I yelled at the screen "you know that means the criteria are flawed, right? If the procedures didn't catch this mistake, that means there are other mistakes that weren't caught!"
A flabbergasted reporter then asks him if he means to say that MCAS was designed to push the nose down 21 times. The CEO then blamed the pilots for not following procedures!
He repeatedly avoids avoiding admitting that any mistakes were made. He was so intent on avoiding blame that he gave me no confidence that Boeing could learn from its mistakes. The longer he talked, the less confidence I had in Boeing as a company.
1. Boeing is not blameless.
2. Boeing has a point about MCAS issues manifesting exactly like another well-known event in other models and having the exact same solution.
3. The well-known solution to the well-known event is one that pilots must memorize because they don't have time to look it up.
4. The pilots seem to have demonstrated that they recognized the problem and, in fact, executed the well-known solution in time. They just failed to complete all the steps for some unknown reason.
5. Points 2-4 don't mean that Boeing is perfect. MCAS needs to be fixed. But it isn't completely absurd to argue that MCAS really is so similar in its misbehavior and so identical in the correct response that a reasonable person might expect pilots to do the right thing even if they had never heard of MCAS.
Taken together, this paints a picture to me that is different than the completely evil, conniving picture I had. I'm not sure where to draw the line between them, but probably not on the extreme end where I had it.
But my point is not so much about Boeing. I was observing the actions of a person who took what I expect to be a very unpopular stand in the face of overwhelming popular opinion. For what? Who cares if somebody else is mischaracterized? There's nothing you can do about it except get yourself muddy. Just let it happen and keep your head down.
I don't know why Walter is speaking up now. I'm not sure how much it changes my opinion. But I still tip my hat to a person who will say what they think is right even when they know they will be burned at the stake for it.
The problem with Boeing isn’t MCAS. The problem is that the company was capable of shipping such a flawed design and then pretending it was OK even in the face of hundreds of deaths. How could you ever trust the output of such a company, especially with your life?
Just firing the CEO isn’t enough, they need to root out everyone complicit in this crime.
>Dennis Muilenberg likely was being fed a diet of wrong and horrible information from lower executives keen on deflecting blame so that they could keep their jobs.
Your job as CEO, or any leader of a large organization civilian or military, is to ferret out when you're being fed loads of BS. It's frustrating because Muilenberg was a engineer and started there as an intern in the 80s, so he at least should have some domain expertise in what the problems were. Perhaps him being a "company man" in this case was a hindrance, or conflicted with the new culture at Boeing that is, apparently, run by MBAs concerned with quarterly profits. In either case, he needed to go as this failure happened on his watch.
>At the climax of the hearing, however, he had trouble explaining what was done about an internal FAA study showing that there would be over 15 crashes of 737 Max aircraft with 2,920 likely fatalities if the MCAS system was not fixed. That study was completed over three months before the Ethiopian airliner crashed.
>In his appearances before Congress, then-Boeing chief executive Dennis Muilenburg couldn't explain other internal documents that showed the company was aware long before either crash of the flaws in the MCAS system that lead to the tragedies.
>One engineering study showed that pilots would have only four seconds to recognize a problem with the flight-control system, and only 10 seconds to respond to it, otherwise there would be a "catastrophic" crash.
Where are the criminal charges, and if this is not a crime, why it is not?
Yes, provided that the reasons of the actual issue are essentially linked to:
1) delegation from FAA to "Boeing internal"
2) poor communication during the design and/or poor review of the decisions made in earlier stages
3) the deliberate taking of shortcuts (changing the amount of correction the MCAS without documenting it or re-running proper tests/verifications)
4) the use of this or that verbal/lexical workaround to avoid a re-certification of the plane, which essentially ended up in hiding info from the pilots
The problem is not limited to the specific issue, the above are IMHO clear signs of a (deviated) modus operandi from the company (but possibly also from the FAA), the same mis-management may have caused (or may not, but there is no way to know) tens of other potential issues that by sheer luck have not caused any accident to date (or have not yet been noticed because they only happen in corner cases).
Previous (historical) recalls and modifications to Boeing airplanes (often mandated - after an accident - on the basis of NTSB reports) were - AFAICR/AFAIK - mistakes "in good faith", this one seems like the result of a general lowering of the processes.
Having worked briefly with software in the aircraft industry I'm terrified at what the Boeing CEO Dennis Muilenburg says.
1. Still not taking responsibility. Dennis: "deep sympathies for the families and loved ones that were affected by these two accidents". Affected? Accidents? This was not accidents but a deep systemic failure within Boeing. People have not been affected, hundreds of people are DEAD and even more lives ruined by losing daughters/sons/parents/...
2. Dennis: "Continue to focus on safety as a core value" which I interpret as "We were very happy to take shortcuts regarding safety previously to reach time and cost targets set by us in management, despite some of our most senior technical staff complaining. We just kept pushing ahead until we found less senior staff that would take on the tasks. The risk was so small and it was the easy way forward. Now we have a hard time to uncover all the shortcuts we have taken. It is hidden in small assumptions and missing analysis in our documentation and our organization does not reward making them visible".
3. Dennis: "Worked our way through the technical details of [the software updates to the MAX] and are in the final stages of preparing that software". Every time I hear words like "final stages..." regarding software projects from management I know something is rotten. Most of the times I hear this a project is in a state where something just has to work because time or money is up, while the real solution can only be found by first taking a step backwards, something that management will not allow.
4. Dennis: "it is important that we just get the airplane back up and flying". Speaks of a company culture that caused this problem to begin with...
The problem for me is not with the error that happened but by the response of the CEO for the accident. People who fly on new planes can't be bullsh*tted that easily, as they read news all the time. The Boeing CEO has no idea how much he is in the center of attention for his clients right now.
---
“No, again, we provide all the information that’s needed to safely fly our airplanes,” he answered.
Bartiromo pressed: But was that information available to the pilots? “Yeah, that’s part of the training manual, it’s an existing procedure,” Muilenburg said.
“Oh, I see,” she said. But in fact, MCAS wasn’t in the manual, unless you counted the glossary, which defined the term but didn’t explain what the software did.
---
A safety critical feature that can down a plane if not disabled in time... tucked away in a glossary.
The documentary 'Downfall: The Case Against Boeing' goes into great detail about the whole ordeal.
Look at how the CEO has handled this mess. It is not the work of someone approaching the problem as an engineer. He is approaching it as a politician, with much heart felt meaningless responses, blame deflection, ignorance of undesireable facts. An engineer's approach would be to identify the problem through logical, rational thought, generate a few choice viable solutions, test each solution for effectiveness, and implement the best combination of them.
And I'd say it is common knowledge by this point that Boeing is ruled by their shareholders' bottom line more than any other metric. So yes, Boeing attempted a business move to counteract the success of Airbuss's new plane by speeding through the design of the Max. Recertification would take too long, losing them market share, so they rode the line as close as they could to avoid recertification and minimize cost. The rushed design meant failures were more likely, the lack of recertification meant the pilots in the cockpit didn't have knowledge to properly deal with these failures, and now we have a lot of dead people. There's not much gray area to this story.
- FAA delegated System Safety Analysis for MCAS and many other certification steps to Boeing engineers (what can go wrong with corporations policing themselves?)
- Political pressures on FAA resulted in signing off on some certification steps before they were completed
- Actual limit of MCAS’s command was not known to FAA, 737 MAX operators and pilots
- MCAS failure was miss-classified as a “hazardous failure” instead of “catastrophic failure”, which would require redesign
Asked whether he believed American pilots would have been able to handle a malfunction of the software, Mr. Calhoun asked to speak off the record. The New York Times declined to do so.
“Forget it,” Mr. Calhoun then said. “You can guess the answer.”
Does it mean that Boeing maintains its position that the MCAS was not "that bad" and it's on the pilots for not handling the Boeing's mistake? Is he suggesting that we should avoid Boeing Aircraft unless the pilots are American?
Out of the six points you mentioned, you blamed everyone, blaming the pilots twice, and merely mentioned this against Boeing:
> The flight computer system and MCAS was implemented problematically, relying on one input because the expected control authority was very low, and then when that was not changed the system was not re-architected.
Do you have a personal stake in Boeing or something? Because you appear very biased indeed. There were several ethical breaches that resulted in these tragic catastrophes.
Everyone hears you, most have taken your words into comsideration but I think the part you're missing is the fact that it was impossible for pilot and airline themselves to remediate problems because knowledge of the system wasn't there until it was too late, and even when information began trickling out from Boeing, it's been so slow, and so insubstantive, as to be worthless, likely because of concerns with legal exposure on Boeing's part.
The pilot's absolutely agreed to fly the plane. As far as they knew, it flew like a 737, and they knew everything they needed to know.
Boeing revealed as little as they did about MCAS to spare pilot's the "gory details" because the plane was allegedly "just another 737".
Information does not perfectly diffuse, and doesn't diffuse at all without effort. Half the outcry over this probably isn't from pilot's or aerodynamicist's at Boeing at all, but from people passionate and informed enough to get the word of the colossal fuck up out in as many ways as possible to the people who need to know it most.
I've been in these threads on Hacker News since the Lion Air incident, and held my tongue at many times. Cautioning more and more that new information will drive the development, but in all likelihood, given the facts we have access to, the problems will have occurred in X, Y, Z spots, all of which have origins within Boeing and the FAA as organizations.
The FAA delegated responsibility for vetting to Boeing. Boeing CHOSE to accept that mantle of trust, then discarded the integrity part as soon as the bottom line was threatened by a competitor.
Airlines fly planes. They don't make them. That was Boeing's job, and they cashed in on the better part of a century of goodwill, and torched the entire pile by delivering a complete failure in terms of their own responsibility to the public.
We get it. You think the pilots and airlines should shoulder the blame too. Understood. Many though, myself included, understand that the world runs on incomplete information transfer between designers and operators, and given that, an enormous responsibility is put on designers of industrial scale systems to take extra care to make sure that "unintuitive designs" are very clearly documented and made known to their operators who will have lives and property on the line.
Buying the planes from Boeing came with an implicit trust on the part of airlines that anything different to look out for would be clearly communicated. That didn't happen. They relied on Boeing doing that part. Boeing failed. The fact that armchair aeronautics engineers got to the root cause in such a short time, with so little information beyond the FDR means that it is not unreasonable for the professional engineers at Boeing whose raison d'être is to design safe planes to have caught it.
I don't think anyone here has such a severe grudge against Boeing's existence to just go after them for merely existing. Many, or at least I, am just awestruck at the magnitude of collective failure that occurred.
The data all points to them. Of everyone involved, they alone had both the means and onus to prevent what happened.
But it didn't. So here we are. Something needs to be done, we have very specific rules about how to do it, but nevertheless, something has to changed.
We owe at least that to the lost that their unwitting and tragic sacrifice shall not have been in vain.
The families that have been broken; the sons, daughters, mothers, fathers, and grandparents who will never arrive at their destination demand it. Our integrity, "Our" being those of the will, hubris, and capability to take the lives and fates of others in the embrace of our works, demands it.
Somewhere, at some point, complacency, and cultural degradation happened for whatever reason.
It must be exposed. The historical annals decorated once more in blood, that we never lose sight of the cost of any shirking of our responsibility again.
How else than this, and the penance/contrition of any directly involved, can justice truly be served?
I read and understood your original point, and that is what I disagree with. You have made a general point about responsibility, but my point is that if we look at the specifics of this particular issue, one cannot expect software testers to anticipate the particular risks that MCAS presented. On the other hand, there are other roles in the airplane development process where the people involved are expected to have the requisite knowledge to identify and judge such risks, and these are employees of Boeing or the FAA (if it turns out that these roles were farmed out to low-bidding subcontractors, that's a separate issue.) These domain experts ruled that MCAS was acceptable as designed, apparently largely on the mistaken grounds that MCAS failure is just like any other trim runaway excursion, a mistake exacerbated by the failure to properly communicate the increased power of the redesigned MCAS among the domain experts.
No sound root-cause analysis will come to the conclusion that the crashes resulted from Boeing contracting out software testing to low-bid contractors. You are making the fallacy of arguing a general point that does not apply in this specific case.
> the horrific culmination of a series of faulty technical assumptions by Boeing's engineers, a lack of transparency on the part of Boeing's management
My experience in this industry is that many of the most important engineering decisions are made by management. Not to excuse their engineers, but on the topic of management getting of lightly, I wonder how many of those "faulty technical assumptions" should fall at the feet of Boeing's management.
Agree willingness to own up and discuss errors is critical to long term airline safety.
However you only seem to be applying this to pilots and not to Boeing!
Isn't the issue with the MAX, and potentially now earlier episodes, that for perhaps perfectly understandable commercial reasons, Boeing and even the FAA haven't been upfront and honest about engineering issues and how to improve stuff - ie they have been guilty of playing the blame game - on to pilots - who are often conveniently dead.
“In one particular FAA test performed on the right simulator, a whistleblower says Boeing officials were present and told the test pilots when to hit the switch that killed MCAS.
When these actions were reported by whistleblowers, they were often ignored or retaliated against, according to the report.”
Their customers would need to be willingly ignoring facts not to be in the known by now. 2019 saw negative sales and the stock market is beginning to react.
Boeing decided it's business as usual when they had a chance to own up to some responsibility. I don't want to get into the details because I wouldn't make them justice, but the list is insane; from impossible engineering choices to brown envelopes (bribes) to the regulators.
They could have said something among the lines of "we are working on improving our processes to avoid future deaths", but instead we hear them blaming the pilots, again: "Calhoun focuses Boeing’s responsibility on faulty assumption around pilot response on MCAS".
As a reminder, MCAS could overpower manual trim and stick inputs. The crew never stood a chance, they were condemned the moment an engineer at Boeing decided it was ok to create a system like that acting on a single sensor that was known to be unreliable, and their process somehow allowed them not to test for its failure.
So, he lied to regulators, persuaded airlines to remove training on MCAS and bragged about it. (knowing it would activate in extreme circumstances)
After he found that boeing had changed the design and made mcas work more often. He did not raise any alarm bells and just kept quiet...
He deserves the trial... He did have at least an ethical obligation of saying "hei guys, I was wrong, design changed, please re-evaluate" even if it meant getting fired.
Also, the fact that Boeing can change design without guarantees that FAA and customers are informed is a bigger problem...
A flabbergasted reporter then asks him if he means to say that MCAS was designed to push the nose down 21 times. The CEO then blamed the pilots for not following procedures!
He repeatedly avoids avoiding admitting that any mistakes were made. He was so intent on avoiding blame that he gave me no confidence that Boeing could learn from its mistakes. The longer he talked, the less confidence I had in Boeing as a company.
I have no idea why this guy still has his job.
[1] https://www.youtube.com/watch?v=xOQmQpKHVWA&t=9m30s
reply