docFLIGHT SAFETY Technology and the Human Factor
download 
Report Transcription
FLIGHT SAFETY Technology and the Human Factor
FLIGHT SAFETY Technology and the Human Factor A pilot’s perspective by Prof. dr ir J.A. Mulder Delft University of Technology Contents • • • • • • • How safe is it? The common causes of accidents The Flight Deck: past, present and future…. Automation and Situation Awareness Review of a famous accident Lessons learnt How safe will it be? Dependent Failures Independent Events A B P (A & B) = P (A) · P (B) Dependent Events A B P (A & B) > P (A) · P (B) P (A & B) = P (A) · P (B/A) The pilots of an Air France Airbus A330 that crashed into the Atlantic Ocean two years ago apparently became distracted with faulty airspeed indicators and failed to properly deal with other vital systems, including adjusting engine thrust, according to people familiar with preliminary findings from the plane's recorders. The Wall Street Journal (2011 May 24, Pasztor, Michaels) •The aircraft slowed to a stall shortly after the autopilot disconnected. The pilots faced a series of automation failures and disconnects related to the plane's airspeed sensors. •Within 4 min 28 sec 16 ACARS fault messages were sent to home base on faults resulting from these unreliable airspeed sensors (display indications, auto thrust, TCAS, …..). •Loss of Situation Awareness. More examples of common cause accidents LY1862, 1992 OO-DLL, 2003 UA232, 1989 JA8119, 1985 El Al LY 1862, 1992: Pylon failure DHL OO-DLL: Hit by missile Japan Airlines JA8119: Lost vertical tail United Airlines UA232: Engine desintegration Cockpit Douglas DC-3, first modern transport aircraft Flight deck Lockheed Constellation, 4 man crew Navigator Flight Engineer Flight deck Boeing 737-300, FMC Flight deck Boeing 767-300, FMC, EFIS Rasmussen’s ‘Skills, Rules, Knowledge’ framework, from pilot to supervisor • Skill based behavior • Rule based behavior • Knowledge based behavior • Manual control, effort, training, the pilot as ‘ace’ • Handling the auto pilot, procedures, check lists • Feed Flight Management System (FMC) with information, direct the flight through the the coupled FMC Invest in pilot skills! Advanced flight simulators! Lufthansa_Airbus_320_crosswind_landing_wing_strike.wmv So, we have to do better! Better Safety & Performance by: • Technical advances in – Aerodynamics, structural design & materials, systems – Engines – Avionics (Fly by Wire, ‘Glass cockpit’, triple redundant auto flight systems with autoland, Flight Management System (FMS), TCAS, GPWS) • Human Factors – – – – Crew Resource Management (CRM) Automation Situation awareness Training, checking Flight deck (r)evolution LOW SITUATION AWARENESS Ironies of automation Aircraft are open systems water out water in electricity Aircraft are open systems But … automation will proceed Crew Resource Management (CRM) • 80% of non-technical accidents due CRM failure: ‘individual pilots do not crash airplanes, crews do’ • Good leadership: – be a strong leader, but not autocratic – delegation of responsibilities – communicate, support, joint decision making • Pilot training in CRM – missions in flight simulator – videotaped sessions, debriefing Human-Machine Interface (1) Intuitive 3D perspective display Human-Machine Interface (2) low situation awareness Display of commands, do what you are told…. 5 NM PZ CPA IF (tCPA< look-ahead) AND (|CPA|< 5 NM) THEN conflict = TRUE ELSE conflict = FALSE Human-Machine Interface (3) optimal situation awareness Ecological display, see what you should do! max min Last resort: ‘Care-free’ handling and navigation! On October 4th 1992 a Boeing 747-200F freighter aircraft, Flight LY 1862, departing from Schiphol, crashed into an apartment building in the Bijlmer neighborhood of Amsterdam killing 43 people. Flight LY 1862 failures • • • • • • • • • Structural failure pylon eng # 3 due to fatique Destruction of wing pylon eng # 4 Wing leading edge damaged Loss of hydraulic systems 3 and 4 Loss of electrical systems Partial and complete loss of control surfaces Reduced thrust, increased aerodynamic drag Asymmetrical thrust, aerodynamic asymmetry Asymmetrical mass distribution Route to disaster Flight 1862, Amsterdam, October 4th, 1992 Failure mode analysis El Al Flight 1862 Failure Mode Configuration Aircraft Systems Hydraulic systems 3 and 4 off Engine 1 and 2 thrust asymmetry Lower rudder lag Mass Properties Engine no. 3 and 4 weight loss, 4,014 kg each Pylon no. 3 and 4 weight loss, ± 1,000 kg each Lateral center of gravity displacement Total weight loss: 10,0028 kg Aerodynamics Lift loss due to wing damage (∆Lwing) Rolling moment due to wing damage (∆Lwing) Drag due to wing damage (∆Dwing) Yawing moment due to wing damage (∆Nwing) Pitching moment due to wing damage (∆Mwing) Right inboard aileron and spoiler 10 and 11 aerodynamic efficiency loss Control surface lost 50% Hinge moment loss / half trim rate Control surface available Flight 1862 damaged aircraft flight mechanics V β ∆Lwing Yδr T2 T1 W*sin( φ) W*sin(φ) ∆Dwing Yβ ∆Lwing + Lδr φ NT + ∆Nwing Nβ + Nδr W δr Yδr What was learnt? • Extreme example of common cause • Situation awareness was poor on aircraft status, lateral navigation and vertical navigation (kinetic and potential energy management) • Unaware of reduced safe flight envelope • Workload (manual control) prevented ‘high level’ decision making Defenses against Common Cause failures •Improved design, materials, maintenance, systems •Automation to reduce crew workload •Focus on ways to improve situation awareness •Crew resource Management & training •Advanced measures which will exploit (remaining) physical options for survival in case of…. Advanced Flight Control: YES! • All transport aircraft will be ‘Fly by Wire’ • Much redundancy in sensors, systems, control effectors, aerodynamics, computers (infinite capacity) • Controllers work with nonlinear aircraft dynamic models (NDI) • On-line model identification, sensor integrity checks, use all information to estimate state • Adaptation, reconfiguration, control allocation, keep aircraft in computed adapted safe flight envelope • Care free maneuvering, navigation How safe will it be? • Automation (and systems)! • Need still Human Pilot, open system • Support the pilot through improved Situation Awareness • The unthinkable is bound to happen sometime. Not 100% but close, very close.
