Do Computers Make Planes Less or More Safe?

The controversy is kept going by accidents and incidents involving fly-by-wire computers. And again and again pilots, such those of the Lufthansa plane that almost crashed in a crosswind in Hamburg, run into new, nasty surprises that none of the engineers had predicted.

The engineers don't allow such unforeseen events to unnerve them, at least not visibly. "Redundancy" is the magic word with which aircraft developers attempt to placate pilots. So many computers are operating in parallel, they say, that problems in one computer do not spell disaster. Five flight computers are installed in an Airbus like the A330: three primary and two secondary flight computers. To provide the greatest possible security against a complete crash of the system, the software is written in different countries, by different companies and in different programming languages.

But even this much redundancy cannot provide 100-percent protection. Digital chaos erupted on board a South American airliner as it approached Chicago. Because of a broken spring, the main switch of one of the flight computers would not remain in the "On" position and began to rapidly switch the computer on and off. The resulting confusion disabled the other flight computers.

In 2005, the pilots of an Airbus plane en route from London to Budapest experienced something that, according to the engineers' logic, shouldn't even happen: the failure of all monitors except the one displaying the error messages. The system was so severely disabled that the pilots were unable to transmit a "Mayday" alert.

Part 4: The Glass Cockpit

Until they finally managed to reboot the failed system, the pilots had to rely on the emergency instruments, which have been located on the instrument panel since the early days of modern aviation, such as an artificial horizon and an altimeter based on barometric pressure.

In the latest generation of airplanes, the emergency messages also appear on a screen. Pilots refer to the modern-day cockpit, riddled as it is with monitors, as the "glass cockpit," unlike the cockpit of the past, which pilots affectionately called the "clock shop." If the Budapest flight had been part of the new generation of aircraft, would the monitor displaying the error messages have gone dark, as well?

In February 2005, the computer that monitored and controlled fuel levels on board an A340 failed en route from Hong Kong to London. One engine shut down and a second one stalled, but because the A340 has four engines, an emergency landing in Amsterdam went off without a hitch.

These mishaps raise the question of whether we will ever be able to rule out the possibility that an unrecognized error is lurking somewhere deep in the network of computer units, in the cacophony of programming languages and the interplay of zeroes and ones. For instance, when a Malaysia Airlines Boeing 777 went out of control four years ago, experts later discovered that a software update was incompatible with the preinstalled programs. "It would make me very worried about the future if we didn't get these kinds of problems under control," says NTSB expert Haueter, who is calling for new standards in the certification of automated systems on aircraft.

Join the Discussion
blog comments powered by Disqus
You Might Also Like...