Menu Sign In Contact FAQ
Banner
Welcome to our forums

Removing the human factor from potential aircraft accidents?

Airborne_Again wrote:

Most formal methods do not check for overflow. That would not be in the “requirements specifications”, so to say. The B-Method which was used in the Paris Metro Line 14 project is an exception — it does check for overflow.

As I wrote, it wouldn’t even need a formal specification for this. I wrote that tool myself. It checks for them because I consider overflows to be embarrassing. I usually don’t want it and if that’s the case, it shouldn’t be possible. The same goes for division by zero. And it depends on the language/ platform. One has to love compiler optimizations in C for example.

LeSving, I’ll take your word for it that the change in speed would be insignificant to the customers and the saving would go to the bottom line. On a related note, I sure would like something between a ship (too slow) and an aircraft (often unnecessarily expensive).

Martin wrote:

Software I use would have found that one (and it wouldn’t even need a formal specification, arithmetic overflows are by default treated as undesirable). Well, unless I decided it wasn’t desirable to check for it. Otherwise it would have “forced” me to account for that possibility. The issue with this approach is that you can have a significant amount of additional code.

Most formal methods do not check for overflow. That would not be in the “requirements specifications”, so to say. The B-Method which was used in the Paris Metro Line 14 project is an exception — it does check for overflow.

(For the record, Formal Methods is my main area of professional expertise. I have worked in it both as an academic and as an industrial practitioner.)

ESKC (Uppsala/Sundbro), Sweden

Martin wrote:

You’re forgetting the customer. Customers want speed and are often willing to pay for it. Yes, ships are slow, but how much lower speed would customers be willing to accept?

They are willing to pay for aircraft speed, otherwise it doesn’t matter, international shipping takes 2-3 months regardless. At those speeds what’s important is planning. 5-10 years ago large vessels traveled at 25 or more knots. Today they travel at 20. The speed is just an optimization of cost.

The elephant is the circulation
ENVA ENOP ENMO, Norway
Oxford (EGTK), United Kingdom

Peter wrote:

Fortunately a theory is demolished by contrary empirical evidence

In scientific terms, yes (and I realize I am taking you out of context)….but as humans unfortunately we are capable of hanging on to the most fantastical stories, myths and beliefs in the face of sometimes overwhelming negative empirical evidence…such cognitive dissonance means we develop ever more complex justifications for maintaining the original premise…

There are many such religious beliefs in aviation….like turning out of the wind or stabilized approaches are holy… perhaps having a machine devoid of such religious predisposition make the decisions is ultimately what will make flying safer…

Richard Collins: Aviation myths

Last Edited by AnthonyQ at 18 Sep 01:49
YPJT, United Arab Emirates

Software I use would have found that one (and it wouldn’t even need a formal specification, arithmetic overflows are by default treated as undesirable). Well, unless I decided it wasn’t desirable to check for it. Otherwise it would have “forced” me to account for that possibility. The issue with this approach is that you can have a significant amount of additional code.

Fortunately a theory is demolished by contrary empirical evidence

Administrator
Shoreham EGKA, United Kingdom

what_next wrote:

E.g. by pulling up on it’s own if the crew does not react to a GPWS warning within a specified amount of time.

All you have to do then is fly low (where consumption is high) and wait for the fuel to run out. Really, by the time you create a plane that can protect itself from any attack by malicious pilots, you would have a plane that doesn’t need pilots. If you gave them any tool that would allow them to override the computer in case it did something wrong, it could be abused and used to crash the plane. At best both pilots (or a pilot plus someone else, say a purser) would be required so you would need two mad mans on board instead of one (but it creates the possibility that one tricks the other and then incapacitates him, especially if the other person isn’t a pilot and doesn’t understand the systems well; PS: or simply seizes an opportunity when the system genuinely acts up).

Last Edited by Martin at 17 Sep 19:19

Peter wrote:

Formal methods do not work for nontrivial projects.

Of course they do. Cost involved is often an issue.

Peter wrote:

Well, they can be applied but they don’t result in zero bugs. Look at the B787 which will get a stoppage of both engines after several hundred days of on time. I bet formal methods were used there.

Software I use would have found that one (and it wouldn’t even need a formal specification, arithmetic overflows are by default treated as undesirable). Well, unless I decided it wasn’t desirable to check for it. Otherwise it would have “forced” me to account for that possibility. The issue with this approach is that you can have a significant amount of additional code.

LeSving wrote:

Yes, but at some point the logics of hubs makes no sense anymore. Travelling 2-3 times the needed distance, using 4-6 times the hours, is no recipe for good fuel economy and less maintenance costs. It’s certainly a waste of crew time, and cost.

An airline doesn’t have to care as long as you pay for it. If there are enough passengers to sustain a direct line, someone can open it. Smaller jets are available, not to mention turboprops which should be more efficient. We’re back at the “how big a portion of the costs are the pilots?” And how would it effect the economy of such a direct line to cut them out.

172driver wrote:

whereas Airbus decided they needed to sink some billions into a prestige four-holer. Which is dying.

Well, they started in the 80s (the official announcement was I think in 1990). A long, long time ago. And I think it’s a good machine for transcontinental work between major cities.

LeSving wrote:

There is no idea going slower because crew cost would eat up the potential saving.

You’re forgetting the customer. Customers want speed and are often willing to pay for it. Yes, ships are slow, but how much lower speed would customers be willing to accept? In the end, how much would your bottom line improve by having slower ships (as customers would want to pay less for slower service)?

Shorrick_Mk2 wrote:

Probably an appropriate point to mention Auto GCAS then.

You just beat me to it…… quite impressive.

Peter wrote:

But as with Germanwings there is no solution to this.

There is a solution to (almost) everything. Modern FBW planes are, under normal circumstances, able to protect themselves from pilots trying to exceed the normal flying envelope. They have a ground proximity warning system installed. All that’s required is a (software) connection between GPWS and envelope protection. E.g. by pulling up on it’s own if the crew does not react to a GPWS warning within a specified amount of time.

EDDS - Stuttgart
103 Posts
Sign in to add your message

Back to Top