Your browser isn’t supported anymore. Update it to get the best YouTube experience and our latest features. Learn more
Read the original article
Comments
By MobiusHorizons 2025-02-110:271 reply I found this to be a fascinating dive into a potentially serious safety concern. I was impressed how simple the mitigations could be based on the recommendations in the report. I find the evidence credible for an attempt to burry the issue, but honestly I don't understand the motivation. At this stage I feel Boeing and the FAA could really stand to gain some good press from being extra proactive about such issues. Especially when the proposed mitigations seem like they would be relatively easy to implement, and should not be expensive for airlines from what I can see. It seems like the source being the engine manufacturer and consequently having the potential of affecting other jets including potentially the airbus A320 would only improve the incentives for Boeing to get out ahead of this, and demonstrate a safety culture. Does anyone understand the motivations that could lead to the response we have seen from the FAA and Boeing?
By apical_dendrite 2025-02-1123:091 reply From what I've read, CFM and Boeing committed back in December to making the software fix that's suggested in the video. https://aerospaceglobalnews.com/news/bird-strike-incident-se...
Why FAA and EASA didn't require any procedure changes in the interim to prevent the issue is a very good question.
Can they force an install? Or will it be a choice?
I like Mentor Pilot and Air Disasters, so I know I’ve heard of a few where the problem that caused an accident was already known and a fix was available but the airline just chose not to do it because they had that option. Or it was scheduled but hadn’t been performed yet because it wasn’t thought to be that critical.
Having the FAA mandate the fix seems like it would be a much better option.
Yes the FAA can issue what are called Airworthiness Directives and require an issue be resolved in the timeframe and manner they specify.
The timeframe could be anything, but common forms are like:
- Within the next X (flight) hours or Y calendar days
- You don't have to, but additional inspection needed every X hours or Y days until you do
- At next annual inspection
- Immediate/before flying again (usually called an Emergency AD)
I know the FAA can, I was referring to the manufacture. If Boeing makes a software patch do they have any way of forcing everyone to install it other than asking the FAA to issue a directive?
By AdamJacobMuller 2025-02-123:301 reply They might be able to, but, if they are effectively saying "our product is broken and you can't use it until you do X" they could be responsible for massive contractual liabilities.
By MichaelZuo 2025-02-126:051 reply Based on what legal reasoning…?
I haven’t heard of any similar successful court cases in recent years in the US.
Based on aviation law they can notify the certification authority of a mandatory fix which will be then required to be applied for users to aircraft operators to apply. If necessary with 0 deadline, i.e. "if the plane is on the ground it's not flying till the following change is applied"
By MichaelZuo 2025-02-1217:311 reply Can you cite which parts of “aviation law” could have a decent chance of leading to the aformentioned outcome?
By p_l 2025-02-1220:43 General worldwide: Chicago Convention aka ICAO convention (currently under auspices of UN), Annex 8 [2] and Annex 6 [3].
For USA [4], Title 14 of Code of Federal Regulations, Chapter I Subchapter C, Part 39
For EU [5] Article 76 (6) of the Basic Regulation (EU) 2018/1139
[1] https://www.icao.int/publications/pages/doc7300.aspx [2] https://ffac.ch/wp-content/uploads/2020/09/ICAO-Annex-8-Airw... [3] https://ffac.ch/wp-content/uploads/2020/09/ICAO-Annex-6-Oper... [4] https://www.ecfr.gov/current/title-14/chapter-I/subchapter-C... [5] https://www.easa.europa.eu/en/document-library/regulations#b...
By jiggawatts 2025-02-1210:441 reply AFAIK, no.
I read through the 787 Dreamliner manual for setting up the software for patch distribution to the planes, and there are checks and overrides at every step. The whole thing is physically controlled by the owning airline or maybe the leasing company, but not Boeing.
That sounds smart.
I wasn’t thinking a “we’re pushing an update too bad” kind of thing but more a “hey you have to do this to be allowed to fly, your choice” with the weight of law behind it.
By jiggawatts 2025-02-130:12 That guide book was genuinely amazing, it was easily the best-written technical document of any kind that I had read.
The security is dialed up to 11 as well. It explicitly calls out the following scenario:
1) The plane is leased. 2) the maintenance is outsourced. 3) The plane at an airport in an "unfriendly" country. 4) The plane is not allowed to take off until it is patched due to an emergency directive.
That scenario is handled, securely!
There is encryption between the plane and the airport WiFi.
The maintenance crew can also plug in to an Ethernet port near the front landing gear.
There is a VPN back to the patch server managed by the airline.
The VPN host certificate is explicitly whitelisted in the plane.
The plane won't accept a patch unless it has been digitally signed by Boeing, the FAA, the Airline, and potentially the manufacturer and the local equivalent of the FAA!)
The pilot has to enter a 4-digit pin code in the plane.
Most of the associated wiring is only physically connected if there is weight on the front landing gear. You can't "hack" a plane in-flight and patch it with malware, the required cabling isn't connected.
By TheRealPomax 2025-02-121:23 That is to say, they used to. Whether they still do is rather entirely up in the air (wahey).
By p_l 2025-02-1220:59 Sometimes the vendor will provide an optional fix in a safety information bulletin, sometimes they will be mandatory (Sometimes the optional ones become mandatory [1]).
They are coordinated with applicable certification bodies (civil aviation authorities) and distributed as airworthiness directives that can, in fact, force a specific action to be taken.
[1] (writing from memory unfortunately) an airflow modification for 737 NG (iirc, could be older 737, pre-MAX definitely) avionics bay was "optional", as in mandatory only for aircraft flying in hot enough regions. After a near miss in Poland when steadily overheating avionics essentially slowly lobotomized a plane after takeoff. Turned out europe got hot enough for it.
After that incident, Boeing issued a change in safety information bulletin that the modification was now mandatory.
This is a issue that may also affect Airbus aircraft, but so far, it has only caused problems on two Boeing planes. Like MCAS, it was not disclosed to pilots, prompting the FAA to recommend design changes and notify flight crews.
https://simpleflying.com/boeing-cfm-international-update-737...
Unfortunately, it seems that the internal FAA recommendations were not allowed to make their way into any kind of airworthiness directive.
The recommendations include very basic procedure changes that mitigate the near term risks without any significant impact to operation, as well as recommendations for what probably amounts to a software change and upgrades to some of the pilot oxygen masks to effect a permanent fix.
The only reason that we even know about the internal recommendations is that they were leaked to the press.
Boeing released a pilot bulletin that basically says to go through the checklist quickly and to treat smoke in the cabin as a major failure, but stops short of recommending some very, very simple steps in aircraft configuration prior to takeoff that would completely mitigate the issue without negatively effecting flight performance.
The major recommendation in the internal FAA bulletin is to use the APU bleed instead of the main engine bleed air to power the air conditioning and cabin pressurisation during the takeoff phase of flight, below 3000 feet AGL. I can see no reason to drag feet on this recommendation, other than the uncomfortable suggestion that perhaps this issue should have been addressed during certification. (It is yet another difference from older 737 design , like the deadly MCAS system, that was not disclosed to pilots transitioning to the new aircraft)
> […] stops short of recommending some very, very simple steps in aircraft configuration prior to takeoff that would completely mitigate the issue […]
Well, the configuration changes during takeoff mitigate the issue if it happens during takeoff. If it happens at any other time then they don’t do anything to help.
> I can see no reason to drag feet on this recommendation […]
I can. Perhaps the FAA believes that it is better to minimize change fatigue. Since the problem can apparently be fixed in software, and Boeing has decided to make that fix, they might want to write just one airworthiness directive requiring everyone to install it instead of two, one telling pilots to adopt some procedure followed by another telling them to abandon it.
> (It is yet another difference from older 737 design , like the deadly MCAS system, that was not disclosed to pilots transitioning to the new aircraft)
Keep in mind that for most aircraft the airline can pick and choose between different engines. The pilots don’t have to learn the myriad different engineering decisions that go into those engines; from the pilot’s perspective they are supposed to be interchangeable.
By garaetjjte 2025-02-1211:581 reply >Perhaps the FAA believes that it is better to minimize change fatigue.
Additionally you might want to avoid the association that specific pack supplies air to the cockpit, as it varies across generations. https://en.wikipedia.org/wiki/Kegworth_air_disaster
By db48x 2025-02-1212:18 Oooh, that’s rough.
> Well, the configuration changes during takeoff mitigate the issue if it happens during takeoff. If it happens at any other time then they don’t do anything to help.
There are no birds at higher altitudes
By himinlomax 2025-02-138:58 > Keep in mind that for most aircraft the airline can pick and choose between different engines.
737 Max can only have CFM Leap engines.
A320 can have either Leap or PW GTF.
It's not clear that is does affect Airbus does it?
It looks like only the LEAP-1b engines are affected by this, and I was under the impression that LEAP-1b was 737-MAX-only?
(A320 has LEAP-1a as far as I can see).
By unsnap_biceps 2025-02-1122:50 he covers this in the video, but both engines have the same LRD (Load reduction device), but it's more about how the bleed system is done on if it's an impact or not, and he doesn't know if the other planes have the same flaw or not.
By fransje26 2025-02-129:59 From [1], it looks like the 737 flight deck ventilation bypasses the mix manifold.
This does not seem to be the case for the A320 family of jets. [2]
[1] https://www.youtube.com/watch?v=AAy_ch6sfOQ&t=1707s
Of course MCAS was disclosed to pilots, the idea that it wasn’t is ridiculous to the point of absurdity.
Boeing has gone off the rails, but the general lack of nuance in the common narrative about their failures is really over the top.
MCAS is how a fundamentally different plane behaves (in most cases) like a normal 737. The fact that such a system exists is described, and disclosed, in minute detail to pilots when they get their mandatory training on the 737-MAX.
The specific name wasn’t used in the training, and that’s where this ridiculous narrative came from.
By cameldrv 2025-02-1216:44 The manual described Elevator Feel Shift, Speed Trim, and Stall Management Yaw Damper. It describes the scenarios in which each of these systems activate and what effect they have.
MCAS uses the same hardware but has different scenarios in which it activates and has a different effect. Not knowing of the existence of MCAS and not having a viable procedure to deactivate it if it went haywire was critical to the two accidents. I've looked into this a lot and to my knowledge this was never disclosed to pilots.
Can you provide a reference to MCAS being disclosed prior to the two accidents?
By DrNosferatu 2025-02-1212:52 Fascinating how many people had to actively shove this to the side so that it became potentially life threatening:
- CFM designed an engine that, in certain emergencies, dumps oil into the quite possible (actually traditional, if I understand correctly?) human-breathing stream of the aircraft, apparently, without the relevant human-breathing system shutdown mandate when said (or any) emergency system is triggered; [truth be told, we never heard their complete story]
- Boeing integrating said new engines into their new 737MAX without appropriately checking for possible new emergency mode interactions with their life-support (in this case, breathing) systems.
- FAA dropped the ball upon accident investigation;
- FAA removed their employee that then picked up the ball;
- EASA swallowing what they were told by FAA without asking further questions;
Well...
I have worked in many no-harm potential software projects that employed more careful engineering than this.
All hardware projects I worked on employed more careful engineering than this.
Conclusion: It becomes more and more difficult to falsify that Boeing, nowadays, simply abandoned engineering design reviews, and, relies solely on some blend of "agile" methods to design people-carrying airplanes.
