Friday, August 21, 2015

Computer software bugs caused the air traffic control problems at Washington Center

Here is a link to the FAA press release.

There is a moral to this story - and it involves trusting automated systems to do what you expect them to do or the appropriateness of what they are programmed to do.

The Washington Center air traffic control problems and the crash of Air France 447 both involved computer software problems.

The Washington Center problems were caused by a bug - the software had an error that prevented it from doing what the programmers intended.

The Air France crash was caused in part by software that did what the programmers intended.  There, the problem was the failure of the programmers to appreciate how confused pilots would be from computer responses they intended.  One example concerned the stall warning system.

The angle the wing makes with the air is called the angle of attack, AOA.  You can think of it as the angle the wing makes with the direction of travel in the air.  Roughly, wings generate lift that is proportional to the AOA, up to a critical AOA.  Beyond the critical AOA, the airflow over the wing becomes turbulent and the lift is enormously reduced, resulting in a descent in an unstable condition.  This regime is called a stall - the wing is stalled.

The AOA control in an airplane is the stick.  Pulling it back increases the AOA and pushing it forward decreases the AOA.  Thus, the pilot will induce a stall if he holds the stick too far back.  To avoid unanticipated stalls, airliners have what is called a stick shaker and/or stick pusher, along with a computer generated voice that says "stall" or something equivalent.  These safety features operate when the computer senses too high an AOA.

The Air France 447 computer system had these safeguards.  However, the warnings were programmed to stop if the sensed AOA was way too high.  This  reflected the system designers' thinking that such a high AOA indication was more likely due to a system failure than an actual AOA that high.

So, as the pilots pulled back on the stick, they got a stall warning, but due to the weather, the wing went to a way higher AOA and the warning stopped and they no longer thought they were stalled - but they were.  They rode the stall all the way down to the Atlantic, never realizing the problem with the aircraft's responses was that it was stalled.


No comments: