"Never trust human life solely on software." -- Dr. Nancy G. Leveson, MIT
Dateline: August 2005. Imagine that you're the captain of this Malaysia Air Boeing 777. You can be challenge the computers thanks to this Aardvark2zz video:
Focus on the lower-left display cluster. Left-to-right, the autopilot and autothrottle computers are climbing at 276 knots and have the nose four degrees up. The plane is passing 35,730 feet towards 40,000 feet at 1,400 feet-per-minute. The two upper-left green dash lights show that the computers are running the show.
The Designers have transformed you into a grade-school hall monitor.
The two white knobs at lower-right are the throttles. The U-shaped manual control yoke sits above them, though in the plane is between your stomach and the flight displays.
You have no way to know that your 777's self-healing computers have been hiding a Trojan Horse software snake for four years. The triple-redundant ADIRU flight display computers that "can never fail" are about to crash.
You have one foot on a computerized banana peel.
At 0:43 on the video: BANG! You hear BEEP, BEEP, BEEP, BEEP and see your center screen display both too slow and too fast:
AUTOPILOT OVERSPEED PROTECTION
AUTOPILOT STALL PROTECTION
AUTOPILOT PITCH FAILURE
You shrug and think: Can't be-- we're doing 276 knots -- gotta be stray electrons.
Things get worse a second later at 0:44 as you see:
ADIRU FAILURE (above the control yoke -- same as Air France 447)
Three seconds later at 0:46, you hear a siren grind: RRRR, RRRR, RRRR, RRRR.
The top-left green autopilot light goes out. The Trojan Horse software bug escapes, sending your plane into convulsions. The bug jerks the nose up to eighteen degrees at 3Gs that SLEDGEHAMMER you down in your seat. In six seconds, the software bug is skyrocketing the plane up at 10,400 feet-per-minute.
An electronic mutiny.
BEEP, BEEP, BEEP! accompanied by more grinding sirens: RRRR, RRRR, RRRR.
You don't know it, but you've entered the first stage of a rare phugoid that will take you on a wild roller-coaster ride.
Image: Jeff Scott
You grab the yoke and shove forward gingerly, knowing that you could over-G the plane, wrinkle the fuselage and injure passengers if you shove too hard too fast.
Nine seconds later at 0:55, just when you need all the thrust you can get so the wing doesn't stop flying, the Three Stooges computer yanks the throttles to idle. But you don't see this 'cause you're concentrating hard, trying to ride this Brahma bull.
At 0:56: You ZOOOM through 38,000 as the Computer's idled autothrottles allow the speed to fall from 276 to 250. By 1:05, the software bug makes the nose rise to an unholy twenty degrees! The speed plummets through 218.
BEEP, BEEP, BEEP, BEEP!
Watch the control yoke. For each shove you make, the Computer's autothrottles fight you and do the exact wrong thing. It's Man vs. Computer; the Computer is winning.
By 1:09, the speed falls to 204 knots.
BEEP, BEEP, BEEP, BEEP!
You seethe: I get it, already! Would'ya shut up so I can concentrate!
BEEP, BEEP, BEEP, BEEP!
Your feel your heart jackhammer; your palms sweat.
By 1:21, the Computer's autothrottles allow the speed to fall to a dangerous 175 knots. They finally wake up and add power, though waaay too late to prevent a stall.
Autothrottles jerked a China Air 747 up to a wild 53 degrees. That 747 stalled, then augured-in tail-first in a 264-person fireball.
So you're in deep trouble.
Your copilot hollers, "Do something or we're gonna fall outta the sky!"
You yell back, "What's happening? Find something in the damned checklist!"
At 1:25, the speed falls to 166. You hear stall warning machine gun blasts: RATA-TAT-TAT! RATA-TAT-TAT! as the Computer warns, STALL! STALL! then jackhammers the yoke so violently, BRRRRRRRR, you have to grab hold with both hands and SQUEEZE. You watch your knuckles turn white.
BEEP, BEEP, BEEP, BEEP! RATA-TAT-TAT! RATA-TAT-TAT!
Your copilot frantically feathers through the bible-sized checklist, then exclaims, "There's nothing here!"
Designers considered this software failure impossible; you're on your own.
At 1:28, the Three Stooges attempt computercide by yanking the throttles to idle.
At 1:29, you start plummeting out of the sky at the dive-bombing fighter-plane rate of 8,000 feet-per-minute. You float up against your seat belt at minus 2Gs as you hear your copilot radio, "MAYDAY! MAYDAY! MAYDAY!"
You picture passengers floating like weightless astronauts.
At 1:42, you realize that the autothrottles are making things worse, so press a throttle button and toggle the autothrottle engage dash switch to OFF. You glance at the center screen to confirm and see:
You manually shove the throttles up to max and think: Whew! At least I've figured out that part of this riddle. I'm finally in charge.
But it ain't over. You're not aware that these Freddie Kruger autothrottles are still alive, ready to muck this show up even worse.
Can you see how we know this? The answer next time.
By 1:52, everything's looking good. You've shoved the throttles to max, the speed is increasing through 188 knots, you've returned this beast to level flight.
By 2:30, you're in level flight; the speed is a safe 240 knots. You rejoice: Hooray!
Though watch the throttles.
By 2:39, the Freddie Kruger autothrottles you think you turned off sense the speed too slow, so firewall to MAX, force the nose up, and start the phugoid rollercoaster all over.
Yes, Virginia, there is a Santa Claus and these were the same ADIRU computers that caused Air France 447 to fall from the sky.
"Over eleven years, ADIRU cockpit computers have caused over 300 accidents and incidents." -- Australian Transportation Safety Board
"Unless software designers are aware of crashes, there is danger that future avionics will suffer flaws." -- Dr. C. W. Johnson, Computing Science, University of Glasgow, Scotland
"The Boeing 777 has the computing power of a 1985 32-bit Intel 386 processor." -- Dr. R. John Hansman, MIT Aeronautics and Astronautics
Next: why these computers went renegade. Dr. C. W. Johnson and Avionics.com contributed.