The author of this article
is both a pilot and a software developer. He looks into the root causes
of the Boeing 737 MAX crashes in Indonesia and Ethiopia. Basic points:
* The new aircraft has sufficiently different airframe handling
characteristics to be classified as a new model.
* Boeing didn’t want it to be treated as a new model, because of the
extra regulatory costs, pilot training etc this would entail.
* So they implemented software (“MCAS”) that actively managed the
handling characteristics to make it behave to pilots like previous
* They neglected to tell the pilots about the software.
* It also turns out that correct operation of this software depends on
a hardware component that is known to be unreliable.
Commentary from Bruce Schneier
and Glyn Moody