Posted on 05/13/2010 8:59:30 PM PDT by ErnstStavroBlofeld
Or, as I've often seen, an unexpected combination of inputs that did not make it into the software specification.
I've seen it at lots of lower levels, but two major high level ones come to mind -
The F-16 fly by wire computer that would have rolled the plane inverted if it crossed the equator.
The F-22 landing software that destroyed one of the prototypes.
...and you could probably add the MD-11 of FedEx that was destroyed in Japan in 2009.
No-one has come up with a fail-safe testing methodology for software...
In full disclosure - spoken by a hardware engineer...
Click on pic for past Navair pings.
Post or FReepmail me if you wish to be enlisted in or discharged from the Navair Pinglist.
The only requirement for inclusion in the Navair Pinglist is an interest in Naval Aviation.
This is a medium to low volume pinglist.
That’s a really interesting question.
Interesting article but not a lot of detail about what happened, but let me fill in a few blanks...
On a conventional steam catapult, the 2 steam piston assemblies tow the shuttle down the catapult track when steam is introduced into the cylinder behind them. At the far end of the steam cylinders are a pair of waterbrakes, and on the front of each piston assembly is a tapered spear. When the spear enters the waterbrake it displaces the water out, and it can only escape between the opening between the spear and the waterbrake mouth, which decreases in size the further it enters the brake. This system brings the spears and shuttle which weigh in at about 5,000 pounds to a dead stop in about 5 1/2 feet. The pressure inside the brake surges to well over 10,000 PSI in an instant, and the front structure of the whole flight deck is what absorbs all of that energy. The waterbrakes can stop the shuttle and spears up to around 180 knots, and any speed above that is considered a runaway shot and will do serious damage to the entire launching engine.
There is a hydraulic driven cable system that is used to retract and tension the shuttle assembly, and it slows the shuttle down as it comes aft during retraction. Behind the shuttle, and mounted in the flight deck is hydraulic equipment that is used to help pre-tension the aircraft before the launch, and the tracks themselves have special guides to direct the nose-tow steering on aircraft so it can engage the shuttle.
As I understand it, EMALS does not need a retraction and tensioning system as it uses reverse polarity in the launching engine to retract the shuttle. If too much power was applied during retraction, it could easily damage a whole bunch of other equipment in the aft end of the cat track, simply because that end of the machine is not designed to absorb that much energy from a runaway shuttle assembly.
EMALS is a major new technology that the Navy has been working on for decades, and believe me, it is not the first time the Navy has broken/destroyed a test catapult/airplane/deadload at Lakehurst while trying to develop a new system. I’ve seen more than one set of waterbrakes with a pair of steam pistons welded into their mouths from a runaway shot on a steam cat, and I have no doubt EMALS can destroy itself in new and every bit as spectacular and expensive ways...
You get to take off tail first?
That’s SO 17th century.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.