[Info-vax] OT: Aircraft pitot tubes and clustering.

[JF Mezei]

David Mathog wrote:

> This could happen if the most common tube failure mode was to take the 
> output voltage to ground or supply voltage.  Then if two failed in the 
> way they are most likely to they will read exactly the same thing.
> Presumably the software should reject readings in these failure mode 
> voltage ranges out of hand, but it might not.

One of the instances as I recall was that 2 of the speed computers
dropped their readings to about 60 knots (while at cruise speed). The
computer  accepted those values because 2 or the 3  sensors provided
values that were close to each other, and then declared the plane was
stalling because it wasn't going fast enough. Pilots knew better and
just kept level flight. A few minutes later, readings became normal
again and autopilot could be re-engaged.  (autopilots are programmed to
disengage when they no longaer have sufficient validated inputs).

The problem is that there is no window/camera that gives pilot a view of
the pitot tubes during flight, so when those shenenigans happen, it is
hard to know exactly what has happened. The working theory is that ice
builds up to a point where they start to block the air inlet.  (the
pitot tube has an air inlet at one end, and a pressure sensor at the
other. The greater the airspeed, the greater the pressure measured by
the pitot tube. A computer then converts this analogue measurement to a
aiurspeed based also on current altitude (measured by a static pressure
sensor that is not affected by the airspeed). (as aircraft goes up, the
air becomes thinner, so the pressure exerted on the pitot sensor decreases).

The working theory is ice build up on the pitot tubes. Those are heated
to prevent this from happening.



This accident is interesting from a "debugging" point of view because
during a couple of minutes, the aircraft,s computer did begin to emit
warnings to the maintenance centre (via satellite). And That dozen
messages is all they have to work with unless they recover the black
boxes. (The also know that the aircraft hit the water in one piece with
significant vertical speed, based on some of therecovered debris, that
the aircraft did not depressurize at altitude (masks did not deploy) and
that flight attendants did not all retur to their seats.

But, with those messages that they did receive, they are going through
the source code to find every possible code branch that could have
generated that message. For instance, they have found that one message
would have been followed by a message one minute later, and that second
message was not received, indicating that the link/aircraft stopped
functioning between those 2 messages.

For those who prefer Boeing over Airbus, you should know that the 2 new
aircraft Boeing came out with since the early 1990s are also FBW, fully
computer driven. (the 777 which came out in 1995 and now the 787). The
737 and 747 predate computers and in order to have their looser
regulations grandfathered, Boeing did not make significant changes to
the way the aircraft functions). The 737 is, in many ways, not as safe
as the younger A320 because the A320 has to abide by newer, stricter,
regulations while the 737 doesn't.


The succesful ditching of the A320 in the Hudson river earlier this year
validates the concept of computer assisted flying. The pilot did not
have to worry about the perfect angle for the aircraft after it lost
both engines, the computer did that, including the maximum lifting of
the nose before impact with water without inducing a stall. (The A320
interestingly has a "ditch" button on the console which, with one
button, causes all orifices to close to help make the aircraft more
watertight and prevent water ingested by engines from being sents into
the cabin via the air inlets. (This is often used during de-icing
operations).