Last Thursday, a Boeing 777 crashed while on final approach at London’s Heathrow Airport. The initial report from the UK’s Air Accidents Investigation Branch (AAIB), indicates the plane did not respond after the pilots pushed the throttles forward for more power. The aircraft landed about 1000 feet short of Runway 27L. 152 people were on board and 13 people were injured.
How is it that a US$200 million airplane does not respond when the throttles are pushed forward? This plane, and many others like it, — including some newer GA piston powered aircraft — utilize computer software to control all aspects of engine operation. This system is called Full Authority Digital Engine Control (FADEC). Read more about FADEC after the jump…
The primary advantages of a FADEC system are ease of operation, better fuel usage, engine protection from out of spec limitations and the list goes on and on. The Cirrus SR-22 utilizes a FADEC system which removes the mixture leaver from the cockpit. The FADEC system controls the fuel flow and spark plug timing. What an awesome deal — no more jacking around with the mixture control during various aspects of the flight. …Or is it?
There are also some downsides to FADEC. A common argument in the disadvantage column is that a software defect can be critical if not fatal. Even the best computer systems are still designed by humans and subject to bugs.
FADEC and aircraft manufactures argue that redundant system components can help mitigate this risk, but as years of managing network equipment for a living has taught me, failures on systems with redundant components never seem to fail clean. You can test and test in the lab by removing hardware and manually creating crash conditions, but in the real world, the active system usually gets stuck in a funky state and the backup system never seems to take over the whole system.
It will be interesting what the investigation teams find on this crash in London.
The Times of London has a great story about the accident at Heathrow Airport.