July 26, 2019 – Airbus and Boeing are the two largest airframe manufacturers in the world. Their airplanes dominate the skies across this planet. As manufacturers supplying commercial aircraft carrying millions of passengers daily, you would think no stone would be left unturned when it comes to discovering problems and fixing them related to safety.
That doesn’t seem to be the case with respect to Boeing considering the two 737 Max 8 crashes that killed 346 on Indonesian and Ethiopian flights, allegedly because of its artificial intelligence controller software, in attempting to interpret faulty sensor readings, overwhelmed the flying capabilities of the human pilots on board. The issue, a combination of software, and bad hardware will likely be the final verdict in the case of both crashes.
Boeing has seen its order book on the 737 Max 8 dry up and may end up being stuck with cancellations on backorders. Considering this aircraft is the meat and potatoes of the Boeing lineup, you would think greater oversight on a known software issue would have been addressed before these crashes. Apparently, not so.
Is this unique to Boeing? No, as we have just found out. It appears that the Airbus A350-941 is having its own software issues. The airplane which is a direct competitor with the Boeing 787 Dreamliner and the 777, not the smaller 737 Max 8, has to be turned off completely every 149 hours or it could experience partial to a total loss of critical avionics systems and cabin environmental controls. Now that doesn’t sound like something good.
Normally airplanes are not shut down even post-flight. So powering down and rebooting is an issue. In the A350-941, the problem was first noted when communication between some of the avionics systems and the avionics network failed including complete loss of some critical functions (see list below). So imagine you are in flight, and the aircraft passes the 149-hour threshold, what would happen? Here’s the list of what we know so far is likely to occur:
- the pilots get the wrong fuel consumption and gauge readings.
- the cabin pressure and air system oxygen supply controls fail.
- wing-ice protection systems become inoperable.
- landing gear operations, both extension, and retraction no longer work.
It appears Airbus has had a patch available for all A350-941 that are currently flying. But patching software on commercial aircraft constantly in use is problematic for airlines that make money by keeping the aircraft flying. The proper procedure one would think would be grounding all A350-941 aircraft that don’t have the latest software update and applying the patch. But that’s not what is happening. Today, before any of these airplanes reach 149 hours of operation they are shut off completely and rebooted. For current A350-941s coming off the production line, the software update has been applied. It’s the legacy airplanes that continue to exhibit this software bug representing hundreds of aircraft in use by commercial operators.
In the digital age we live in, software has replaced analog switches. If you have been watching the coverage of the 50th anniversary of the Apollo 11 moon landing, the space capsule and lunar lander contained a mix of analog and digital technology. The new-fangled computer guidance and landing system on the lunar lander was probably the first compact digital computer relying on integrated circuits and software programs, and without it, Neil Armstrong, Buzz Aldrin, and the astronauts that followed would probably never have stepped on the Moon’s surface. That was only 50 years ago.
Today, our reliance on software inside complex equipment is accepted as the norm. We have thermostats that learn about us because the software algorithms inside are designed to recognize our lifestyle patterns. Our mobile phones, computers, and other digital devices no longer have much that is analog under the hood. If you use Microsoft Windows you have become accustomed to software updates being delivered regularly to our desktop and laptop systems. We are the test animals in the Microsoft software laboratory. And we are not immune from this experience if we use Android and Apple devices which also regularly receive operating system updates.
Now imagine if instead of it being a home, business computer or cellphone, you are operating an aircraft when you get a notification of a necessary software update that requires you to shut down and reboot. You sure wouldn’t want to be flying it when the notification arrives. But here’s the thing. The remedy as suggested, a shutdown and reboot before 149 hours of operation, doesn’t fix the A350-941 problem, and Airbus doesn’t seem to be in any particular hurry to correct the problem in existing fleets even though it has for all new airplanes rolling off its assembly lines.
A last note, the Boeing 787 has also experienced software bugs that back in 2015 led to a directive from the United States FAA, requesting the airplanes be shut down every 248 days to ensure that the fly-by-wire system, lighting, climate control, and other key functions wouldn’t shut down in flight. And as for the 737 Max 8, besides the MCAS maneuvering software and systems failure which I wrote about back in November of last year, a new safety risk, related to a microprocessor in the flight control computer has been discovered. In the last week, Boeing reported a second-quarter loss of $3.38 billion, which followed a first-quarter loss of $1.03 billion, largely attributable to the 737 Max 8 debacle.