Aardvark Daily

Please visit the sponsor!

Die by wire?

A very interesting event occurred over the weekend.

The world's fleet of A320 airliners was temporarily grounded for safety reasons.

Airbus was the first commercial airliner manufacturer to switch to "fly by wire" (FBW) control systems, quite a few years ago.

The rationale for this change was that by placing computers between the pilot and the aircraft's control surfaces, pilot error could be reduced and lives saved.

For example, one of the most dangerous situations for an aircraft is the stall. This occurs when the wing passes a critical angle of attack and a sudden loss of lift occurs. There have been many instances where this has happened as the result incorrect control inputs by pilots and despite warning strategies such as "stick shakers", stalls are still an ever-present danger.

A FBW system with computers monitoring every input can eliminate the chances of a stall by filtering the pilot's control inputs and ensuring that the wing never reaches the critical angle that induces such a stall.

Of course there is another school of thought when it comes to adding mountains of safety technology to an aircraft and that is "the more there is, the more there is to go wrong".

There have been instances where allowing a computer to over-ride the control inputs of a pilot has resulted in disaster. However, such cases are far fewer than the number of times a FBW system has intervened to save the day.

One of the problems of FBW is that it relies on software, often lots of software.

As anyone who's ever used a computer knows (yes, that's you), software can have bugs and complex software can have very subtle bugs that are only triggered once in a lifetime. In the case of FBW software, that may be the the end of that lifetime.

Airbus took the rare but essential step of grounding its fleet of A320 airliners over the weekend because of a bug in its FBW software. In particular, the software that creates a system called the ELAC. This code controls the elevators and ailerons of the aircraft and runs on two separate computers, for redundancy purposes.

In October, Airbus had rolled out an update to the ELAC software which seemed fine -- until one aircraft encountered an uncommanded elevator input that saw it dive steeply for around five seconds.

Not only did this darken the underwear of the pilots but it also caused several injuries, something that is simply not acceptable in the risk-averse world of commercial aviation.

Subsiquent investigations pointed to the second ELAC computer having perhaps suffered bit-flip as the result of the ionizing radiation often encountered at high altitudes where there's far less of the earth's atmosphere to protect from such things. Under normal circumstances the ELAC-1 system should have immediately taken over and maintained the aircraft's course and attitude but as a result of the recent update, this handover was way too slow.

The solution?

Well just as when Microsoft stuff up a Windows update, Airbus has rolled back the latest update and are now operating on the previous software version for these systems.

Apparently this will solve the problem.

However, you have to wonder, especially given the high levels of solar activity (flares, CMEs etc) that are going on right now, just what are the risks of FBW systems at very high altitudes?

Imagine of ELAC 1 and ELAC 2 both got hit by some kind of burst of radiation and both failed at the same time. Remember that *all* the pilot's control inputs are moderated by these computers and if they both fail I suspect very bad things would happen.

Maybe if they could be rebooted and the affected memory re-initialised then control could be regained but would that happen before the aircraft hit the ground or perhaps broke up due to overspeed in a steep dive?

To be honest, I would have expected that these computer systems would have been heavily screened against such radiation but Google's Gemini says:

Ah well, nothing is guaranteed in life... except death.

Carpe Diem folks!

Please visit the sponsor!

Here is a PERMANENT link to this column

Rank This Aardvark Page

Change Font