Ethiopian Airlines Crash; Another 737 Max

Larry in TN said:
MCAS is part of the STS. The STS, and all electric trim, is disabled with the switches in cutout. This was confirmed in the data from the Ethiopian DFDR preliminary report. The MCAS commanded nose-down trim but the trim did not move after the switches were in cutout.


The fold-out handles are 90° (of rotation) apart on the two trim wheels. This is so that the two pilots can work together and at least one will always have leverage at any point in the rotation.
Click to expand...

Hard to do when they're both pulling back on the columns for their lives, as evidenced by the amount of pressure applied.
 
AKiss20 said:
I don’t think we have evidence of that yet (without hearing the CVR it’s hard to tell). Given the question of the aero forces and the previous accounts of how difficult it is to re-trim (there was a previous reply in this thread describing how it required unloading the stab to actually turn the wheel) it’s possible the FO simply couldn’t turn the wheel manually and reported that as “not working.”
Click to expand...

Or (speculating) he didn't try hard enough: given his inexperience, he may have been unaware of the large amount of force required.
 
dmspilot said:
Or (speculating) he didn't try hard enough: given his inexperience, he may have been unaware of the large amount of force required.
Click to expand...
Possible although I assume he did a runaway trim scenario in the sim (I don’t know what is required to get the type cert). Even if he did, two open questions are

A) what is the expected resistance to trimming manually due to aero loads and is it reasonable to expect all pilots to be sufficiently strong to counter those loads

B) how accurately do sims represent the resistance of the trim wheel
 
Last edited:
Ravioli said:
Today some "expert" was saying if you turn something off, you leave it off. Is that right?

I think if a breaker pops, you reset it ONCE. If it pops again, you go without. Same thing with cycling other circuits.

Is it different for the big planes? <- actual question.
Click to expand...

That's easy to say in an armchair, but with the ground getting real big real fast I don't doubt they tried turning the juice back on. It was the last thing that actually turned the trim wheel.
 
Greg Bockelman said:
Seems like after 8 or 10 or a dozen such events one would figure out something was wrong. Wonder what took him so long to figure out something was wrong.
Click to expand...
I think he did figure it out. And to work on the problem, its been discussed that the Lion PIC let the SIC "fly" the aircraft to work on a solution. This accident may see a similar situation except this SIC had only 300hrs TT. While aviate, navigate, and communicate are the bare bones of flying, it does take some experience to make them work.
 
Chip Sylverne said:
That's easy to say in an armchair, but with the ground getting real big real fast I don't doubt they tried turning the juice back on. It was the last thing that actually turned the trim wheel.
Click to expand...

ARMCHAIR ALERT. I'm a lowly private pilot. Was trained to reset breaker only ONCE. My question was based on that.

Where is your "don't doubt" coming from? You flying the 737MAX?
 
Ravioli said:
ARMCHAIR ALERT. I'm a lowly private pilot. Was trained to reset breaker only ONCE. My question was based on that.

Where is your "don't doubt" coming from? You flying the 737MAX?
Click to expand...

"Don''t doubt" comes from trying to put myself in that cockpit. I realize I am going down rapidly, the windshield is full and getting fuller. I know that the only that is going to save me is to get the damn trim wheel moving ANU. I can't do it by hand. I can't get the f'n thing to budge. Airspeed is building, over speed clackers raising hell, but I can't reduce power because it's keeping the nose up. The stick shaker is going off and the airplane is screaming at me I'm going to stall. Both of us have been pulling like hell doing static curls on the columns for three minutes but not getting any positive response, and we're fading fast. The last time the trim wheel moved was under electric power, my saviour. I don't know about you, but at that point, it's not outside my imagination to think of me grabbing at that last straw, even if it's not in the rule book. They played by the rules, and the rules let them down. Maybe had they a been trained to better understand the system, they might have quickly engaged the cutouts again, and the gambit would've worked.

What you're telling me is that facing certain death, when the only possible way out is pushing that breaker in a second time, you wouldn't do it because it's against the rules.
 
Last edited:
Fascinating narrative. Has it been published in either of the MAX incidents?

or is it your ARMCHAIR assessment?
 
Ravioli said:
Fascinating narrative. Has it been published in either of the MAX incidents?

or is it your ARMCHAIR assessment?
Click to expand...
Are you saying that we unwashed masses can't kibitz?
 
Doug F said:
I apologize if this has already been posted but I didn't read the entire 15 pages of this thread. There have been several questions about the forces required to manually change stab trim. While this video doesn't provide a numerical answer, and they're in a simulator, it does appear that it's not all that easy and 2 arms make it work better (after watching this I want my crew to have them a set of guns). I have no idea if this guy is legit but he does appear to have access to actual aircraft and simulators so I'm guessing he's not totally talking out his rear end.

There's another vid I just noticed that is specifically about the Max 8.

I'd love to hear from actual Max 8 pilots how close these presentations are to reality.
Click to expand...

After watching the first video of this 737 driver and the procedures to be taken shown in the simulator portion of the video, I can only come to the conclusion that memory items and procedures were either missed or not performed in a timely manor..
 
1RTK1 said:
After watching the first video of this 737 driver and the procedures to be taken shown in the simulator portion of the video, I can only come to the conclusion that memory items and procedures were either missed or not performed in a timely manor..
Click to expand...
Sure. But my conclusion is that your conclusion is wrong. That video wasn’t shot in a Max 8 and that wasn’t an MCAS malfunction. Notice around 17:20 in the video where the trim starts running away. He has the ability to stop the trim using the stab trim brake (as the plane is trimming AND, he pulls on the yoke which is the natural reaction, and the stab trim stops), which keeps the trim from getting too far out of normal. The MCAS is not stopped by the trim brake, so you are going to have continuous AND trimming as you are trying to figure out what’s going on. Also note that this setup is completely different than what the accident aircraft had. They were inundated by alerts, warnings and the constant stick shaker. It’s a cool video, but again, it misses the mark. If nothing else, he should have let it run and not used the trim brake to stop it.
 
Tantalum said:
**If it is actually true that manually trimming the plane may have aerodynamic forces that are too great then that is a massive design issue. My whole point this whole thread has been "shut the system off, manually trim it, as any other trim runaway situation calls for" <- but if that is not actually a realistic option.. then we are in deed talking about a major problem. I would love to know what the theoretical max loads required are would be
Click to expand...
This is right from the 737 QRH:

"Excessive air loads on the stabilizer may require effort by both pilots to correct mis-trim. In extreme cases it may be necessary to aerodynamically relieve the air loads to allow manual trimming. Accelerate or decelerate towards the in-trim speed while attempting to trim manually."
(Emphasis mine)

Like I said before, when it’s that much out of trim, it’d be near impossible to turn the wheel. We’d do it in the plane with just 30-40 knots our of trim and it was a bear. These guys were probably over 100 knots out of trim, I don’t think they’d ever be able to move that wheel.
 
Sluggo63 said:
Like I said before, when it’s that much out of trim, it’d be near impossible to turn the wheel. We’d do it in the plane with just 30-40 knots our of trim and it was a bear. These guys were probably over 100 knots out of trim, I don’t think they’d ever be able to move that wheel.
Click to expand...
:hairraise:
 
Chip Sylverne said:
"Don''t doubt" comes from trying to put myself in that cockpit. I realize I am going down rapidly, the windshield is full and getting fuller. I know that the only that is going to save me is to get the damn trim wheel moving ANU. I can't do it by hand. I can't get the f'n thing to budge. Airspeed is building, over speed clackers raising hell, but I can't reduce power because it's keeping the nose up. The stick shaker is going off and the airplane is screaming at me I'm going to stall. Both of us have been pulling like hell doing static curls on the columns for three minutes but not getting any positive response, and we're fading fast. The last time the trim wheel moved was under electric power, my saviour. I don't know about you, but at that point, it's not outside my imagination to think of me grabbing at that last straw, even if it's not in the rule book. They played by the rules, and the rules let them down. Maybe had they a been trained to better understand the system, they might have quickly engaged the cutouts again, and the gambit would've worked.

What you're telling me is that facing certain death, when the only possible way out is pushing that breaker in a second time, you wouldn't do it because it's against the rules.
Click to expand...

Some others have written similarly here, pointing out the situation in depth and the difficulty because you went into the details of what is happening instead of fragmented pieces of information. Instead of bullet points. Great post.

The pilots did the procedures, reportedly, several times but it didn’t help.

Then folks asked why the flaps were retracted. This doesn’t definitively prove it, but just read that another different (unrelated to MCAS) software bug was in the system, and it had to do with flaps. They don’t get more specific, but here is the story

https://www.washingtonpost.com/worl...ory.html?noredirect=on&utm_term=.c4b3e0e6b216
 
So, could a possible “fix” be to just remove MCAS from the software? Surely stall warning and stick shakers are enough to keep 2 professional pilots from stalling a 737, no?

MCAS seems like a “seemed like a good idea at the time” sort of thing.

Another fix could be 3 AoA vanes, and they “vote” to determine which has failed, but that would be a much more expensive retrofit than just different software.
 
dans2992 said:
So, could a possible “fix” be to just remove MCAS from the software? Surely stall warning and stick shakers are enough to keep 2 professional pilots from stalling a 737, no?

MCAS seems like a “seemed like a good idea at the time” sort of thing.

Another fix could be 3 AoA vanes, and they “vote” to determine which has failed, but that would be a much more expensive retrofit than just different software.
Click to expand...

Since there now is also reported another software bug, unrelated to the MCAS software, that affects the flaps in some way...it seems like a major code review/code audit, and specially testing criteria ought to be a step Boeing takes.

Updating code gets too routine, easy. It is HARD to test all changes of code, and be sure that you are testing everything you must. As a programmer, when I started I quickly learned to not say "well, the changes I made will not affect THAT, they are totally seperate". It's a lot more important not to get complacent, but virtually ALL of the software companies do. As code gets more complex, it takes more time, thought, planning and discipline to make sure it is bug free.
 
dans2992 said:
So, could a possible “fix” be to just remove MCAS from the software? Surely stall warning and stick shakers are enough to keep 2 professional pilots from stalling a 737, no?

MCAS seems like a “seemed like a good idea at the time” sort of thing.

Another fix could be 3 AoA vanes, and they “vote” to determine which has failed, but that would be a much more expensive retrofit than just different software.
Click to expand...

My understanding is the plane will fly without MCAS, but it won’t conform to the 737 type performance requirements.
 
LongRoadBob said:
Since there now is also reported another software bug, unrelated to the MCAS software, that affects the flaps in some way...it seems like a major code review/code audit, and specially testing criteria ought to be a step Boeing takes.

Updating code gets too routine, easy. It is HARD to test all changes of code, and be sure that you are testing everything you must. As a programmer, when I started I quickly learned to not say "well, the changes I made will not affect THAT, they are totally seperate". It's a lot more important not to get complacent, but virtually ALL of the software companies do. As code gets more complex, it takes more time, thought, planning and discipline to make sure it is bug free.
Click to expand...

Automated testing is the best way to test software these days, but whatever method you use, it depends entirely on the test scenarios. You can only test the things that you can imagine.

The MCAS issues was not so much a software issue as an issue with getting the data from the AOA sensor. The software testing failed to imagine a sensor failure, so they had nothing in place to deal with that.

If I remember correctly, the fix for MCAS sets limits on how much the system can correct. I’m not very comforted by this as a fix, nor by the attitude I read about with the executives flying on a MAX for testing and saying “see, it works”. The fix says “a little, but not too much”? The attitude (IMHO) says they don’t appreciate the seriousness of the task.

The standard is “Must never get it wrong.”
 
One defect in humans is that for familiar situations we expect a certain amount of exertion to cause a certain amount of work to occur. So we may, in a given situation, try harder than normal, but not hard enough, perhaps for fear we will break something. A local shop's front door was binding due to frost heave, and most customers walked away, thinking the door was locked.
Regardless of the outcome of the investigations, and the design of the MCAS, there were "work-arounds", if implemented properly, and in good time. That's why the guys up front get the big bucks.
 
kayoh190 said:
Normally I'd tell you that the switches will completely disable the electric motor, thereby making it impossible for MCAS to do its thing, but Boeing made me feel like such an idiot for not even knowing about MCAS to begin with - I admit that I no longer have much trust in my manual these days. That said, I find it much more likely that the pilots restored power to the motor in a last ditch effort to trim the nose up than MCAS being able to run with the switches in the off position.
Click to expand...

And how well do you really understand the myriad of other computer algorithms that drive systems on the 737 or other advanced aircraft that you’ve flown?
 
Bill Jennings said:
It now seems obvious that there needs to be a means of disabling MCAS without disabling power trim. Although then the question is would the power trim have been powerful enough to overcome the aerodynamic forces in that situation?
Click to expand...

Remember this scene from ‘Gettysburg’.

There is no time at low altitude, need everything off, fly manually.
 
SkyDog58 said:
And how well do you really understand the myriad of other computer algorithms that drive systems on the 737 or other advanced aircraft that you’ve flown?
Click to expand...

My question that he’s answering isn’t about the software, it’s about the circuit and whether the switch is a complete and total removal of power to the trim motor.

I asked that because the control column cutout exists and doesn’t impact MCAS, although it does impact control column inputs.
 
bflynn said:
Automated testing is the best way to test software these days, but whatever method you use, it depends entirely on the test scenarios. You can only test the things that you can imagine.

The MCAS issues was not so much a software issue as an issue with getting the data from the AOA sensor. The software testing failed to imagine a sensor failure, so they had nothing in place to deal with that.

If I remember correctly, the fix for MCAS sets limits on how much the system can correct. I’m not very comforted by this as a fix, nor by the attitude I read about with the executives flying on a MAX for testing and saying “see, it works”. The fix says “a little, but not too much”? The attitude (IMHO) says they don’t appreciate the seriousness of the task.

The standard is “Must never get it wrong.”
Click to expand...

Yes. Also a dedicated testing team that have a huge desire to find a problem.
As you say, "Must never get it wrong".

Even in such situations, there are deadlines, all push to meet them, corners get cut. "good enough" "that shouldn't be a problem"

I work on systems that are in banking. Not AS critical as airplane software by a good margin, but we are talking about money.
The system used a very fast "transport" unit that feed documents (checks or in Europe, giros) from a hopper past a high-speed camera, read OCR lines and did character recognition, ink jet unique numbers on the back of each document, and made desicions on which pockets to send the items to depending on other things at 200 inches/sec.

The team that programmed this (way back when) were kind of the elite programmers. They were proud of the complex realtime decisions that had to be programmed, and all with proprietary hardware, and interfaces to that and other.

So,anyway, the team leader was a guy name Milt. He was like THE expert. He assembled his team often and they went over issues, design and other. This was a project for a customer in europe. One of his folk asked "yeah, but milt, what if there is race conditio and X happens just before Y" (whatever). Milt replied "can't happen, no way".

You probably see where this is going but... The guy argued with him. Back and forth. Finally he gave up, after Milt got a little hot and said "Man I'm telling, if that happens I'll EAT MY HAT!"

The programmer went back to his terminal and coded an error message with the type description simple as "Milt, eat your hat" that would go to the screen that shows all errors.

They test, extensively, send to the customer, everythings going fine and suddenly huge stop in the system with the cryptic message "Milt, eat your hat!"

It happened a LOT. It caused downtime and many problems processing. We'd be in meetings with the customer, and they'd go into their language which we couldn't understand and then hear them disgustedly says "blada blada blada, MILT EAT YOUR HAT"

They sent all kinds of folk, down to where we had bus analyzers hooked up trying to catch a spurious signal.
They found it in the end, but that phrase was legendary for a good many years.

The other takeaway from this, the progammer or folks reviewing the code never changed his comical error message to something like "interrupt from X and Y received, DEADLOCK!" and that also should never happen, but often does.
 
Ravioli said:
Did Milt stop wearing hats or go broke replacing them?
Click to expand...

Heh...as far as I saw, he never wore one. He did often play with a jojo though. In meetings and other places.
You'd be like three guys standing around talking, and "whizzz" jojo comes right by your head, and again on the other side...
it was kinda disconserting.

Programmers (at least in Berkeley and that area) liked to be a little different :)
 
Sluggo63 said:
This is right from the 737 QRH
Click to expand...
Thanks! That's insane. So there actually is a flight regime, IE, right after take off, where if the MCAS goes haywire you physically may not be able to recover.
 
Sluggo63 said:
Excellent technical explanation and theory as to what happened and why. Better than anything I’ve seen to date.

https://leehamnews.com/2019/04/05/bjorns-corner-et302-crash-report-the-first-analysis/#more-29839
Click to expand...

My takeaway is the sequence of events seems the plane put itself in a test regime before the crew decided to become test pilots.

Granted, a third eye, or a ton of combined experience could have contributed to a different outcome.

I keep going back to what differentiates serial MCAS inputs (designed commanded trim) from an uncommanded event since that seems to be the one thing has to be recognized, executed, and recovered from during a critical phase of flight.

Maybe I’m just small brained.
 
Tantalum said:
Thanks! That's insane. So there actually is a flight regime, IE, right after take off, where if the MCAS goes haywire you physically may not be able to recover.
Click to expand...

To be accurate, there is a flight regime where if you get to far out of trim you MUST relieve the aerodynamic pressure to re-trim manually. If you are too low, you can't push over to relieve the pressure without hitting the ground. MCAS coupled with a bad AOA appears to be how they got that far out of trim that low.
 
Sluggo63 said:
The MCAS is not stopped by the trim brake
Click to expand...
But it is stopped by the primary electric trim.

If the nose is "heavy", don't you trim it back up? Doing that stops MCAS.

dans2992 said:
Surely stall warning and stick shakers are enough to keep 2 professional pilots from stalling a 737, no?
Click to expand...
Despite numerous media reports, MCAS is not a stall protection system. It is a Maneuvering Characteristics Augmentation System. It corrects a "too light" pitch feel in certain situations.
 
Larry in TN said:
But it is stopped by the primary electric trim.

If the nose is "heavy", don't you trim it back up? Doing that stops MCAS.
Click to expand...

For a period of time. If MCAS re-activates, is that considered normal or abnormal.
 
Kenny Phillips said:
Only if MCAS is getting the proper signals, which appears to be the crux of the whole mess.
Click to expand...
I have no idea to what you are referring. MCAS is stopped by the application of primary electric trim and primary electric trim will continue to work to remove the nose-down trim that was added by MCAS.

TCABM said:
For a period of time. If MCAS re-activates, is that considered normal or abnormal.
Click to expand...
That is normal. MCAS pauses for five seconds then, if the triggering conditions are still present, will activate again.

The Captain of the Lion Air accident airplane kept the airplane in-trim through 21 MCAS activations by doing exactly as I described. He then transferred control to the First Officer who did not re-trim after each MCAS activation and it took only five unchecked activations to go from in-trim to full nose-down trim.
 
Larry in TN said:
But it is stopped by the primary electric trim.

If the nose is "heavy", don't you trim it back up? Doing that stops MCAS.
Click to expand...

The Bjorn's Corner article explains that. At fast speeds at low altitudes, "the least trim action and the aircraft reacts violently. Any trimming is in short blips." The pilots did trim nose-up in a couple short blips. But then MCAS activated again, at 375 knots, a speed it was never designed for, and the plane almost went negative G. The g-forces may have caused the pilots to lose their grip on the control column allowing the nose down even more. The aircraft speed is now so high that they may have experienced "blowback" with recovery practically impossible.
 
Larry in TN said:
That is normal. MCAS pauses for five seconds then, if the triggering conditions are still present, will activate again.

The Captain of the Lion Air accident airplane kept the airplane in-trim through 21 MCAS activations by doing exactly as I described. He then transferred control to the First Officer who did not re-trim after each MCAS activation and it took only five unchecked activations to go from in-trim to full nose-down trim.
Click to expand...

So, how does one determine when an abnormal event is occurring, considering MCAS only provides input during certain phases of flight?
 
SkyDog58 said:
And how well do you really understand the myriad of other computer algorithms that drive systems on the 737 or other advanced aircraft that you’ve flown?
Click to expand...

All I can do is understand them at whatever level given by my manual. But until now, at least they were *in* my manual! :)
 
TCABM said:
So, how does one determine when an abnormal event is occurring, considering MCAS only provides input during certain phases of flight?
Click to expand...
I think that's part of the problem. When I think of "runaway trim", like many people, I think of a constant trim in one direction. This situation is intermittent trim and might have caught the crew by surprise. I think of the old story of putting a frog in hot water vs starting in cold water and raising the heat gradually. BUT - after continually correcting a trim (21 times) in the same direction, maybe that should be an indication that something is wrong?
 
Matthew said:
.. after continually correcting a trim (21 times) in the same direction, maybe that should be an indication that something is wrong?
Click to expand...

But 21 times worked although 5 didn’t. That’s a duration of input vs number of inputs problem.

The problem I see with both instances is you have trust the plane is doing what you want it to do, up until it isn’t.

And I’m really trying understand what’s the indicator for that.
 
Random data point (which is probably mentioned somewhere, but I didn’t see it): it takes about 30 revolutions of the trim wheel to move the stab 2.5 degrees.
 
You must log in or register to reply here.
Back
Top