MAX får kritikk for utgammelt datautstyr - Curt Lewis

THE ANCIENT COMPUTERS IN THE BOEING 737 MAX ARE HOLDING UP A FIX

The perils of fixing a hardware problem with software

Abrand-new Boeing 737 Max gets built in just nine days. In that time, a team of 12,000 people turns a loose assemblage of parts into a finished $120 million airplane with some truly cutting-edge technology: winglets based on ones designed by NASA, engines that feature the world's first one-piece carbon-fiber fan blades, and computers with the same processing power as, uh, the Super Nintendo.
The Max has been grounded since March 2019, after some badly written software caused two crashes that killed 346 people. And while Boeing has received plenty of scrutiny for its bad code, it's the Max's computing power - or lack thereof - that has kept it on the ground since then.

EVEN BY LATE-'90S CONSUMER TECH STANDARDS, THE FCC-730S WERE BEHIND THE CURVE
Every 737 Max has two flight control computers. These take some of the workload off of pilots, whether that's through full automation (such as autopilot) or through fine control adjustments during manual flight. These computers can literally fly the airplane - they have authority over major control surfaces and throttles - which means that any malfunction could turn catastrophic in a hurry. So it's more important for manufacturers to choose hardware that's proven to be safe, rather than run a fleet of airplanes on some cutting-edge tech with bugs that have yet to be worked out.

Boeing took that ethos to heart for the Max, sticking with the Collins Aerospace FCC-730 series, first built in 1996. Each computer features a pair of single-core, 16-bit processors that run independently of each other, which reduces computing power but also keeps a faulty processor from taking down the entire system.

Even by late-'90s consumer tech standards, the FCC-730s were behind the curve. By the time they went to market, Nintendo had already replaced its 16-bit SNES console with the Nintendo 64 (the first game console to use - you guessed it - a 64-bit CPU), and IBM had created the world's first dual-core processor.

Of course, old and slow isn't always worse: the 737 Next Generation series is the safest narrow-body airplane ever made, in part due to these reliable, if unspectacular, computers. To keep costs down, Boeing wanted to reuse them in the next iteration of the 737 as well. The Max might still be flying today if those computers simply had to perform the same tasks that they had for almost 30 years.

But Boeing needed them to do much more.
The important thing to know about the 737 Max is that it was a rush job. In 2010, Boeing's only rival, Airbus, unveiled the A320neo, a direct competitor to the 737 Next Generation that could fly farther on less fuel and with lower emissions than any other narrow-body airplane. Boeing was caught by surprise: while Airbus had developed the neo in secret, Boeing's engineers had spent five years debating whether to design a new 737 replacement or simply update the airframe, without resolution. The neo changed that in a matter of months.

TO HIT THAT AMBITIOUS LAUNCH DATE, BOEING WOULD HAVE TO TAKE SHORTCUTS ON JUST ABOUT EVERYTHING ELSE
But in order to offer its own new product when the new Airbus came out, Boeing would have to rush the airplane out the door in just five years - less time than it took to develop either the 777 or the 787. The main selling point of the new 737 was clear: new engines that would increase the airplane's fuel efficiency and range. But to hit that ambitious launch date, Boeing would have to take shortcuts on just about everything else.

The new engines, which were larger and heavier than the ones on the Next Generation, did indeed make the Max just as fuel-efficient as its rival. But they also disrupted the flow of air around the wings and control surfaces of the airplane in a very specific way. During high-angle climbs, this disruption would cause the control columns in the airplane to suddenly go slack, which might cause pilots to lose control of the aircraft during a dangerous maneuver.

Boeing could have fixed this aerodynamic anomaly with a hardware change: "adaptive surfaces" on the engine housing, resculpted wings, or even just adding a "stick pusher" to the controls that would push on the control column mechanically at just the right time. But hardware changes added time, cost, and regulatory scrutiny to the development process. Boeing's management was clear: avoid changes, avoid regulators, stay on schedule - period.

THE DEVELOPMENT TEAM ATTACKED THE HARDWARE PROBLEM WITH SOFTWARE
So the development team attacked the hardware problem with software. In addition to the standard software suite on the 737 Max's two computers, Boeing loaded another routine called the Maneuvering Characteristics Augmentation System (MCAS). It would run in the background, waiting for the airplane to enter a high-angle climb. Then it would act, rotating the airplane's horizontal stabilizer to counteract the changing aerodynamic forces.

On paper, it seemed elegant enough. It had a side benefit, too: the Federal Aviation Administration (FAA) doesn't scrutinize software as hard as it does any physical change to the airframe. So MCAS was approved with minimal review, outdated computers and all.

But Boeing's software shortcut had a serious problem. Under certain circumstances, it activated erroneously, sending the airplane into an infinite loop of nose-dives. Unless the pilots can, in under four seconds, correctly diagnose the error, throw a specific emergency switch, and start recovery maneuvers, they will lose control of the airplane and crash - which is exactly what happened in the case of Lion Air Flight 610 and Ethiopian Airlines Flight 302.

The second crash grounded the 737 Max. Since then, Boeing has been working to fix the software issue and get the airplane approved by regulators. But it's been slow going.

BOEING TOOK A SHORTCUT BY CREATING A SOFTWARE FIX WITHOUT ENSURING THE HARDWARE COULD HANDLE IT
In June 2019, Boeing submitted a software fix to the FAA for approval, but subsequent stress-testing of the Max's computers revealed more flaws than just bad code. They are vulnerable to single-bit errors that could disable entire control systems or throw the airplane into an uncommanded dive. They fail to boot up properly. They may even "freeze" in autopilot mode even when the airplane is in a stall, which could hamper recovery efforts in the middle of an in-flight emergency.

Despite all of this, Boeing insists that it can fix everything with software. Boeing has elected not to go with a new, more powerful computer or to add more of them to the two already there, in order to better distribute the workload. For comparison, Airbus' A320neo has computers of similar vintage - but it has seven of them.

Boeing is "dedicating all resources necessary to ensure that the improvements to the 737 MAX are comprehensive and thoroughly tested," a spokesperson told The Verge. "We do not anticipate changes to the hardware."

So far, the FAA agrees: it completed its review of the software earlier this year, and it seems to be on board with the proposed software fixes. But returning the Max to service isn't as simple as getting the agency's approval on the software. Because Boeing essentially bullied the FAA into certifying the Max in the first place, the agency is eager to prove that it knows what it's doing now. Its inspectors are scrutinizing the airplane with less pressure to rush, and they have found several new issues with the airplane: faulty wiring, debris in the fuel tanks, and wing components that don't meet FAA standards.

Even so, the FAA's reputation is already ruined. For decades, aviation regulators have relied on reciprocal agreements to speed up the process of certifying airplanes in other countries: if an airplane is approved by one regulator, it's almost always approved by all of them. Now, however, Europe, China, and India each want to certify the airplane independently, which will add months to the timeline.

Once the Max gets the regulatory green light, it will still be several months before it can carry passengers again. In January, Boeing announced that in order to get certified to fly the Max, pilots will have to go through full-motion simulator training (once, that is, the simulators are updated with the final approved software package). This is a full retreat from one of the airplane's original selling points: that pilots only needed a one-hour iPad lesson to fly the new 737 model.

The problem is that there just aren't that many simulators to go around. There are only 34 in the entire world, with only two companies approved to make more.

THE VERY SHORTCUTS THAT BOEING USED TO RUSH THE MAX INTO PRODUCTION ARE NOW KEEPING IT ON THE GROUND
To put this in perspective, let's use Dallas-Fort Worth. It's home to two airlines: Southwest and American. Between them, they have 13,000 737 pilots and only one 737 Max simulator. Assuming four hours of simulator time per pilot and running the simulators 24/7, it would take both airlines about six years to get everyone approved to fly the Max. And there are 50 other airlines with Maxes in their fleets and pilots to train.

So the very shortcuts that Boeing used to rush the Max into production are now keeping it on the ground. It was once the fastest-selling airplane in history. Now, nobody wants to touch Boeing airplanes: in January and February, the company took only 18 new orders, an 80 percent decrease compared to 2019. Its competitor, Airbus, recorded 296.

Despite the Max's declining popularity, Boeing remains optimistic about the Max's future prospects.

"Our estimate for returning the 737 MAX fleet to service remains the middle of 2020," said Boeing's spokesperson.

Nothing, it seems, will prompt the FAA to send this particular design back to the drawing board. Instead, Boeing will once again attempt to compensate for a hardware flaw on the 737 Max with slightly rewritten software. It's the same design philosophy that created this catastrophe for Boeing in the first place - and it's the same philosophy that has failed, so far, to produce a safe and reliable airplane.