Been watching some episodes of Mayday / Air Crash Investigation on YouTube.
Seeing some really stupid stuff.
Like: air traffic control centers - more than one - with just exactly enough staff to handle normal traffic, under normal conditions, properly... assuming no one ever takes a potty break. Any complications, and they're overloaded.
And: air traffic control centers with inadequate redundancy in radar and communication systems, so preventive maintenance means taking critical functions offline.
And then there's the lack of redundancy in aircraft systems. We've all heard the propaganda about how totally redundant everything is, and how critical electronic systems are supposed to be not only triply redundant but from multiple vendors so that a shared design flaw won't take out all three systems, and, and....
Well, having worked for a while in the telco-electronics space, and having seen the standards for redundancy in big-name central offices, where even a momentary disruption of message traffic is considered completely unacceptable, I tend to freak out when looking at how airplanes are wired.
A few years ago, I read the tale of an early 50s jet fighter lost in the dark with no radio and only minimal (vacuum-powered, no electricity needed) instruments after a single short circuit took out the entire electrical system.
Then I happened to look at the wiring diagram for a popular modern light plane. No redundancy! One short, or one loose wire, and you lose your radio and all electrically-powered instruments.
But surely airliners...?
Nope.
Thoroughly modern airliner lost after a fire in a single electronics compartment (shared between critical systems and entertainment systems) knocks out all the instruments. OK, so the fire was another factor in the crash, but losing all the fancy flight electronics on an airliner because of a single, localized fire?
And: slightly less modern airliner runs out of gas. Engines stop turning. Cabin lights go out: fine. Navigation and communication go out: WTF? You mean there's no battery backup for nav & comm? Probably no backup for the powered actuators, either (which take a darn sight more power than the electronics)? Not even a RAT?
Yikes.
Update: yet more instances of electricity and hydraulic pressure being lost because the engines stop. A thought: why the smeg can't the APU be started in flight? And, perhaps, be provided with its own little reserve fuel tank good for maybe half an hour?
Comments