In the last 3 parts, we have covered just 2 basic types about failures that can be encountered in any flight. Now, that’s those that effect single systems, and their subsystems and those that impact a whole aircraft as a common effect.
The single failure cases were considered assuming that failures were independent. That is something fails but the effects are contained within one system.
There’s a whole range of other failures where dependencies exist between different systems as they fail. We did mention the relationship between a fuel system and a propulsion system. Their coexistence is obvious. What we need to do is to go beyond the obvious and look for relationships that can be characterised and studied.
At the top of my list is a condition where a cascade of failures ripple through aviation systems. This is when a trigger event starts a set of interconnected responses. Videos of falling dominoes pepper social media and there’s something satisfying about watching them fall one by one.
Aircraft systems cascade failures can start with a relatively minor event. When one failure has the potential to precipitate another it’s important to understand the nature of the dependency that can be hardwired into systems, procedures, or training.
It’s as well to note that a cascade, or avalanche breakdown may not be straightforward as it is with a line of carefully arranged dominos. The classical linear way of representing causal chains is useful. The limitation is that dominant, or hidden interdependencies can exist with multiple potential paths and different sequences of activation.
The next category of failure is a variation on the common-mode theme. This has more to do with the physical positions of systems and equipment on an aircraft. For example, a localised fire, flood, or explosion can defeat built-in redundancies or hardened components.
Earlier we mentioned particular risks. Now, we need to add to the list; bird strike, rotor burst, tyre burst and battery fires. The physical segregation of sub-systems can help address this problem.
Yes, probabilistic methods can be used to calculate likelihood of these failure conditions occurring.
The next category of failure is more a feature of failure rather than a type of failure. Everything we have talked about, so far, may be evident at the moment of occurrence. There can then be opportunities to take mitigating actions to overcome the impact of failure.
What about those aircraft systems failures that are dormant? That is that they remain passive and undetected until a moment when systems activation is needed or there’s demand for a back-up. One example could be just that, an emergency back-up battery that has discharged. It’s then unavailable when it’s needed the most. Design strategies like, pre-flight checks, built-in-test and continuous monitoring can overcome some of these conditions.
The wind blows, the sun shines, a storm brews, and rain falls. Weather is the ultimate everyday talking point. Stand at a bus stop, start a conversation and it’ll likely be about the weather. Snow, sleet, ice or hail the atmosphere can be hostile to our best laid plans. It’s important to us because it affects us all. It has a common effect.
We started a discussion of common-mode failures in earlier paragraphs. We’ll follow it up here. Aircraft systems employ an array of strategies to address combinations and permutations of failure conditions. That said, we should not forget that these can be swamped by common-mode effects.
Environmental effects are at the top of the list of effects to consider. It’s a basic part of flying that the atmosphere changes with altitude. So, aircraft systems and equipment that work well on the ground may have vulnerabilities when exposed to large variations in temperatures, atmospheric pressure, and humidity.
Then there’s a series of effects that are inherent with rotating machinery and moving components. Vibration, shock impacts and heat all need to be addressed in design and testing.
It is possible to apply statistical methods to calculate levels of typical exposure to environmental effects, but it is more often the case that conservative limits are set as design targets.
Then there are particular risks. These are threats that, maybe don’t happen everyday but have the potential to be destructive and overcome design safety strategies. Electromagnetic interference and atmospheric disturbances, like lightning and electrostatic discharge can be dramatic. The defences against these phenomena can be to protect systems and limit impacts. Additionally, the separation or segregation of parts of systems can take advantage of any built-in redundancies.
Some common-mode effects can occur due to operational failures. The classic case is that of running out of fuel or electrical power. This is where there’s a role for dedicated back-up systems. It could be a hydraulic accumulator, a back-up battery, or a drop-out ram air turbine, for example.
Some common-mode effects are reversable and tolerable in that they don’t destroy systems and equipment but do produce forms of performance degradation. We get into the habit of talking about failure as if they are absolute, almost digital, but it’s an analogue world. There’s a range of cases where adjustments to operations can mitigate effects on aircraft performance. In fact, an aircraft’s operational envelope can be adjusted to ensure that it remains in a zone where safe flight and landing are possible, however much systems are degraded.
Probabilities can play a role in such considerations. Getting reliable data on which to base sound conclusions is often the biggest challenge. Focusing on maintaining a controllable aircraft with a minimum of propulsion, in the face of multiple hazards takes a lot of clear thought.
Previously, we walked on a path through some simple statistics as they relate to aircraft systems. Not wishing to sound like the next episode of a popular drama, the only recap needed is, that by making a few assumptions we showed that: where P is the probability of failure and n is the number of similar concurrently operating systems:
A total failure occurs at probability Pn
A single failure occurs at probability n x P
It’s as well to distinguish between the total system and the sub-systems of which it comprises. For example, we can have one aircraft normally operating with four engines. Here we can call each individual engine a sub-system. The word “simple” can best be applied for highly reliable sub-systems where there’s only a few and n is a low number.
Aviation is going through a period of great change. A big part of that change is electrification. Today, there are numerous Quadcopter designs. The name gives it away. Here we are dealing with 4 electric motors connected to rotors. Some new aircraft designs go much further with as many as 18 electric motors. That’s 18 similar sub-systems all contributing to the safe flight and landing of an aircraft.
Superficially, it would be easy to say that if n equals 18 then the chances of the failure of all propulsion simultaneously is astronomically low. That’s true but only if considering the reliability of the electric motors providing propulsion in isolation. Each electric motor makes a partial contribution to the safe performance of the aircraft.
Just as we have with fuel systems in conventional aircraft, in an electric aircraft, each of these sub-systems are dependent upon a source of power being provided. If the source of that power disappears the aircraft’s motor count becomes irrelevant. This is referred to as the consideration of common-mode failures. The electric motors maybe independent in operation but they are all dependent upon the reliable supply of electrical power.
Before a discussion of common-mode failures, let’s go back to the earlier maths. We can see that the loss of one electric motor, amongst 18 occurs with a probability of 18 x P. Unfortunately, in these cases the possible combinations of multiple failures increases.
Given that this subject is so much easier to discuss when dealing with small numbers, let’s consider the Quadcopter. Here there are 4 electric motors and 4 groups of distinct failure condition: 1 motor failed, 2 motors failed, 3 motors failed, and 4 motors failed. For the sake of argument let’s say they perform the same function and call them motors A, B, C and D.
Except for the case where all 4 motors fail, 3 cases produce an outcome with a reduced aircraft capability. We have the way of calculating the probability of total failure and a single failure so it’s the double failure and triple failure cases that are of interest.
Let’s step through the combination of double failures that can occur. Here they are A and B, B and C, C and D, D and A, A and C, B and D. There are 6 unique combinations that make up double failures.
Let’s step through the combination of triple failures that can occur. Here they are A and B and C, B and C and D, C and D and A. D and A and B. There are 4 unique combinations that make up triple failures. We can tabulate these findings for our Quadcopter motor failures thus:
Single
Double
Triple
Total
4P
6P2
4P3
P4
There’s a nice pattern in this table of probabilities. The number of possible combinations of multiple failures grows as n grows.
Now, we get more into the subject of combinations and permutations. The word “combination” is more often in common usage. When we use that word, it really doesn’t matter what order that any failures occur. Often combinations are like other combinations and so each may not be entirely unique in its impact on the flight of an aircraft. Hence the doubles and triples above.
With 4 electric motors there are 24 possible combinations. This is calculated thus:
n! = n × (n – 1) × (n – 2) × (n – 3)
This is pronounced “n factorial”. So, for n = 18 this gets big. In fact, it’s 6,402,373,705,728,000.
However, as we have seen from the Quadcopter discussion it’s the grouping of failure conditions that we are often most interested in. Afterall, for safe flight and landing of an aircraft we need to manage those failure conditions that can be managed. At the same time reducing the probability of occurrence of the failure conditions that can’t be managed.
That’s a lot of work. It may explain the drive to develop autonomous aircraft systems. The case could be made that managing flight is impossible when subject to the vast array of potential combinations and permutation of failure conditions that can exist within a multi rotor systems, where n is large.
It’s a common misconception that the more you have of something the better it is. Well, I say, misconception but in simple cases it’s not a misconception. For safety’s sake, it’s common to have more than one of something. In a classic everyday aircraft that might be two engines, two flight controls, two electrical generators and two pilots, so on.
It seems the most common-sense of common-sense conclusions. That if one thing fails or doesn’t do what it should we have another one to replace it. It’s not always the case that both things work together, all the time, and when one goes the other does the whole job. That’s because, like two aircraft engines, the normal situation is both working together in parallel. There are other situations where a system can be carrying the full load and another one is sitting there keeping an eye on what’s happening ready to take over, if needed.
This week, as with many weeks, thinkers and politicians have been saying we need more people with a STEM education (Science, Technology, Engineering, and Math). Often this seems common-sense and little questioned. However, it’s not always clear that people mean the same things when talking about STEM. Most particularly it’s not always clear what they consider to be Math.
To misquote the famous author H. G. Wells: Statistical thinking may, one day be as necessary as the ability to read and write. His full quote was a bit more impenetrable, but the overall meaning is captured in my shorten version.
To understand how a combination of things work together, or not, some statistical thinking is certainly needed. Fighting against the reaction that maths associated with probabilities can scare people off. Ways to keep our reasoning simple do help.
The sums for dual aircraft systems are not so difficult. That is provided we know that the something we are talking about is reliable in the first place. If it’s not reliable then the story is a different one. For the sake of argument, and considering practical reality let say that the thing we are talking about only fails once every 1000 hours.
What’s that in human terms? It’s a lot less than a year’s worth of daylight hours. That being roughly half of 24 hours x 7 days x 52 weeks = 4368 hours (putting aside location and leap years). In a year, in good health, our bodies operate continuously for that time. For the engineered systems under discussion that may not be the case. We switch the on, and we switch them off, possibly many times in a year.
That’s why we need to consider the amount of time something is exposed to the possibility of failure. We can now use the word “probability” instead of possibility. Chance and likelihood work too. When numerically expressed, probabilities range from 0 to 1. That is zero being when something will never happen and one being when something will always happen.
So, let’s think about any one hour of operation of an engineered system, and use the reliability number from our simple argument. We can liken that, making an assumption, to a probability number of P = 1/1000 or 1 x 10-3 per hour. That gives us a round number that represents the likelihood of failure in any one hour of operation of one system.
Now, back to the start. We have two systems. Maybe two engines. That is two systems that can work independently of each other. It’s true that there are some cases where they may not work independently of each other but let’s park those cases for the moment.
As soon as we have more than one thing we need to talk of combinations. Here the simple question is how many combinations exist for two working systems?
Let’s give them the names A and B. In our simplified world either A or B can work, or not work when needed to work. That’s failed or not failed, said another way. There are normally four combinations that can exist. Displayed in a table this looks like:
A ok
B ok
A fails
B ok
A ok
B fails
A fails
B fails
Table 1
This is all binary. We are not considering any near failure, or other anomalous behaviour that can happen in the real world. We are not considering any operator intervention that switches on or switches off our system. We are looking at the probability of a failure happening in a period of operation of both systems together.
Now, let’s say that the systems A and B each have a known probability of failure.
Thus, the last line of the table becomes: P4 = PA and PB
That is in any given hour of operation the chances of both A and B failing together are the product of their probabilities. Assuming the failures to be random.
Calculating the last line of the table becomes: P4 = PA x PB
In the first line of the table, we have the case of perfection. Simultaneous operation is not interrupted, even though we know both A and B have a likelihood of failure in any one hour of operation.
Which nicely approximates to P1 = 1, given that 1/1000 is tiny by comparison.
The cases where either A or B fails are in the middle of the table.
P2 = PA x (1 – PB) together with P3 = (1 – PA) x PB
Thus, using the same logic as above the probability of A or B failing is PA + PB
It gets even better if we consider the two systems to be identical. Namely, that probabilities PA and PB are equal.
A double failure occurs at probability P2
A single failure occurs at probability 2P
So, two systems operating in parallel there’s a decreased the likelihood of a double failure but an increase in the likelihood of a single failure. This can be taken beyond an arrangement with two systems. For an arrangement with four systems, there’s a massively decreased likelihood of a total failure but four times the increase in the likelihood of a single failure. Hence my remark at the beginning.
[Please let me know if this is in error or there’s a better way of saying it]
Britan was never part of the Schengen Agreement[1]. I get that. In the days when I was commuting backwards and forwards between the UK and Cologne, Germany, I always had to show my British passport. So, although we once had freedom of movement in the European Union (EU) that document was essential to prove identity. Afterall, we do not have Identity cards (ID) in the UK. Even inside the Schengen Area[2] it’s necessary to carry personal identification. I remember being told off by a policeman for not having ID, other than a UK driver’s licence, on a high-speed train on the trip between Cologne and Brussels. He was fine about it, but it was a friendly – don’t do it again.
Generally, British people do travel overseas. Many of us travel for holidays and business, and in Europe, Spain is one of the most popular destinations.
The number of British people holding a British passport could be well over 80%. This is way ahead of Americans, for example[3]. This doesn’t take account of British passports that may have expired or been lost or destroyed. However, the remarkably large number of British people with passports does underline our love of travel.
I came back from a week’s sunshine in Grand Canary on Monday evening. It’s the second time I’ve been through the airport on that island. Entering the spacious modern airport, the first part of the process is relatively easy. Check-in and drop bags were shared with a great number of tired travellers. Even the hand baggage security check was straightforward.
It’s not until the gate number came up, and the long walk to the far end of the terminal was needed did it appear that the British experience was different. The departure gates were in a glass box wrapped around the end of the terminal. To get into the glass box it was necessary to go through passport control.
For those, like me there were electronic passport barriers. The ques there were shorter than the manual checks. The electronic passport barriers worked. However, on the other side of the glass wall was another que and a uniformed official checking passport. After that there was a desk where each passport had to be stamped. So, that’s 3 checks and an official exit stamp.
So, what’s the value of this added bureaucracy post-Brexit? I have no idea. What’s more upon boarding the aircraft for the flight home, the gate staff check passports again. So, that’s 4 inspections of passenger identity. 5 if the check-in desk procedure is included. British passports may have thick cardboard covers, and secure bindings but their strength as an international travel document has diminished since Brexit.
[1] a treaty which led to the creation of Europe’s Schengen Area, in which internal border checks have largely been abolished.
There’s no doubt the relative calm of the beginning of this century, yes, it seems extraordinary to say that has gone and a series of international events confront civil aviation’s way of working. It’s dramatic. In Europe, most countries, and their industries are shifting the way they operate.
Unfortunately, any reasonable observation shows that the situation for aviation is worse in the UK. Well, that is worse than the UK’s former partner States in the European Union (EU).
In times of difficulty partnerships, between counties and in industry help make the absolute most of economies of scale. It’s difficult to plan when constantly firefighting. It’s like that comic story about crocodiles and draining the swam. It’s difficult to think ahead when surrounded by crocodiles.
I agree with the article posted by David Learmount[1]. The massive efforts to achieve international harmonization in aviation regulation, over decades is of incalculable value. I have been lucky enough to work with exceptional people across the globe and played a small part in helping that move along.
In fact, I’d go further than David. I remember, quite a while ago, attending a lecture at the Brooklands Museum[2]. It was about the history of post-war UK Government involvement in aerospace manufacturing[3]. It wasn’t a happy story. It went a bit like a soap opera with technical excellence mixed with commercial incompetence and political interference. The overall lesson was that going it alone, piling on the world beating rhetoric and an inability to forge working alliances spells disaster. Whereas coming together, working cooperatively, and building multinational partnership pays dividends. Airbus being a prime example.
I joined the European Union Aviation Safety Organisation (EASA) as the start of its operation. It was a huge privilege. It was a rare opportunity. I mean, how many people get to set-up a new aviation authority, let alone one that works for so many States in Europe? I was proud that the UK took a leading role in making this venture happen. It was a progression that had been careful and thoughtfully developed and steered over decades.
What we built was a uniquely European solution. It isn’t a federal construction as we see in the United States (US). In Europe, National Aviation Authorities (NAAs) remain a key part of the system. The part that was new in September 2003 was to overcome a major deficiency of earlier cooperative working. That was the unfortunate habit nation States have for saying that’ll do the same thing but then not doing the same thing in practice.
David mentions the tricky subject of UK Additional Requirements for import. This is when the UK demanded a special difference between its aircraft and those of other countries. Often expensive and making it difficult to move aircraft around. I remember some UK Additional Requirements found their way into new European requirements and others were removed. That was a painful transition period. In aviation, technical requirements are often born of experience of accidents and incidents.
Today, the UK Civil Aviation Authority (CAA) works with a set of technical requirements that have been rolled over from the UK’s time as an EASA Member State (2003 – 2021). This presents opportunities to take a new path. Sounds tempting, if only you look at the subject superficially.
International technical standards never stand still. Big players invest resources influencing the direction that they take. Two of the biggest international players in respect of aerospace design and production are EASA and the Federal Aviation Administration (FAA).
So, UK CAA is caught on the horns of a dilemma. Unless it can significantly influence the big players the only practical way forward is to adopt what they produce (rules, regulations, standards, guidance material). Now, the UK CAA has considerable technical experience and maintains a high reputation, but it does not sit at all the tables where the major decisions are made.
This is the concern that David mentions in his article. The unnecessary ideological exit from EASA membership, that came with Brexit places the UK in a third-party arrangement. Not good.
It’s not like the world has suddenly become dull. Frantic development efforts and huge sums of money are being pumped into greening aviation. Part of this is the new Advanced Air Mobility (AAM). Part of this is known as Urban Air Mobility (UAM). Aviation folk love acronyms. It’s almost as if we are back at the beginning of the jet-age[4]. We know how that went.
Not surprisingly, the UK wants to achieve successes in this new field of “green” aviation.
Flying is a heavily regulated industry. So, national, regional, and international rulemaking processes matter. They matter a lot. Harmonisation matters a lot. That’s having common rules and regulations to maximise the size of the marketplace while ensuring levels of safety and security are high.
The bureaucratic burden of Brexit costs. It’s not free. The UK duplicates rulemaking activities because it must independently update its laws, all the secondary legislation and guidance material that comes with aviation. When there’s a significant difference between UK, Europe, US, and the rest of the world it makes business more complex. Often that added complexity comes with no discernible benefits (economic, social, safety, security, or environmental).
The UK should become an EASA Member State once again. Why not? Norway, Switzerland, Iceland, and Lichtenstein are not in the EU but are EASA Member States. Across the globe countries follow EASA rules as they are known to deliver the best results.
12-years have elapsed since an Icelandic volcano’s eruption led to the shutting down of airspace in Europe. Travel chaos resulted, large sums of money were lost, and confidence was shaken. Many, like me, in the aviation world, quickly learnt more about volcanic ash than we ever dreamed possible.
Strangely enough the question: can commercial airline travel disruption be fixed for the summer? Is now doing the rounds. Again, the reason for this question is the consequence of an event that goes way beyond the boundaries of any one country, namely the COVID-19 pandemic. After the troublesome events of early 2010 there was a lot of talk about increasing the resilience of aviation. Now, the subject has come around again. The hot topic is how do we bring people together in this interconnected globe after a major shock to the travel industry?
The UK’s TV Channel 5 has a strong track record of screening documentaries about volcanos. Its audience must really like the drama and scariness of these earthly monsters. Channel 5’s latest offering is the story of the volcanic ash cloud that dominated European skies in 2010[1].
Explosive volcanic eruptions eject pyroclastic fragmented materials, and this case was one of those cases. The lightest material, the volcanic ash, can be carried great distances as we all found out. Volcanic ash has the potential to impact just about every aspect of flying. Close in it’s the aerodromes that get hit. Up in the air there can be effects on aircraft structure, systems, and aircraft engines. Melting ash in the hot section of a jet engine is something to be avoided. It’s not just aircraft engines since ash can abrades and damages parts of aircraft structure, such as cockpit windows, leading edges, paint, antennas, probes and, angle of attack vanes.
Channel 5’s documentary assumed ash was bad. It didn’t explain. It focused more on the experience of travellers and those managing the airspace over the UK. However, it did go into the 1982 incident when a Boeing 747’s engines all stopped after it flew through a dense volcanic ash cloud.
The documentary was right in that Europe was unprepared for volcanic ash clouds of the scale generated by Iceland’s volcanos. One of the problems during the April/May 2010 eruption was that the London Volcanic Ash Advisory Centre (VAAC)[2] computer model was a single source of flight planning data. There was found to be an urgent need for ground and airborne measurement of the actual densities of volcanic ash. Also, the greater use and interpretation of satellite images came into play.
Overall, the 85-minute documentary was enjoyable viewing showing some of what happened. It gave a snapshot from the point of views of both travellers and a few of those trying to resolve the crisis.
I remember that this event was a genuinely high-pressure multidisciplinary problem to solve. It isn’t every day that volcanologists, meteorologists, regulators, researchers, pilots, controllers, and engineers all get around a table. Especially when politicians, industry leaders and the media are all vying for the public spotlight. The outcome, if heeded, should be a much better response to a future airspace crisis.
Aviation is an international industry. Britain has been “No longer an Island”[1] for over 120 years. As the Wright Brothers demonstrated practical powered flight, so the importance of sea travel began a decline. Nothing in history has shaped the British more than our island status. Living on an island has moulded attitudes, character, and politics.
The illusion of absolute national autonomy and sovereignty is shattered by the interconnection and interdependencies established by flight. Aviation’s growth encouraged a lowering of impediments between nations and geographic regions. In some respects, this has been a two-edged sword. On the one hand, there’s more cooperative working across the globe than there has ever been. On the other hand, conflict crosses natural barriers with much greater ease.
Affordable rapid air travel and growing freedom of movement have been a great boom in my lifetime – the jet age. At the same time, it’s not new that nationalist politicians continue to fear the erosion of difference between the British and the nations of continental Europe, brought about by commercial aviation. Ironically, it’s now the newer digital industries that pose the greatest threat to the illusion of complete independence.
In this context the failure to tackle the critical understaffing at British airports is deep rooted. Lots of finger pointing and experts blaming each other with a catalogue of reasons misses the damage that’s being done by nationalist “conservative” politicians.
Staffing shortages, poor planning and the volume of people looking to travel have led to huge queues and many flight cancellations across UK airports.
Yes, today’s travellers have learnt to take a great deal for granted. They are no longer impressed with the ability to check their emails and watch a movie at 30,000 feet above the sea. So, when the basics go wrong, and flights are seemingly arbitrarily cancelled, queues are long and delays are frequent, the backlash is real.
A UK Minister’s[2] reluctance to restore some freedom of movement to European aviation workers to alleviate the current chaos is an example of blindness to reality. Looking at the historic context, I guess, we should not be surprised that this dogmatic UK Government is so blinkered. Any acknowledgement that the imposition of Brexit is a big factor in airport chaos is far more than their arrogant pride can take. Sadly, expect more problems.
Come on, one software control system is much like another. We don’t want to know what’s inside the box. We just want to know what it does. Well, that’s one point of view. Slowly, year by year, as what’s in the box has becomes more and more complex, or at least difficult to understand, so the opinion expressed above gets more airtime. There’s no doubt, I don’t give a lot of thought to how my iPhone does what it does in the palm of my hand. Whereas 30-years ago, I was intrigued to understand how a symbol generator created characters on an aircraft electronic display.
Levels of interconnection, integration and interoperation create independencies that become harder and harder to see and understand. I suppose we ought to coin a new “inter” word to sum up the high density of functions ticking away behind the curtain of everyday acceptance. The hidden workings of machines that we cannot live without. It’s much more than lines of software code that are transforming our lives. And transforming flying. Today, oceans of algorithmic go on data crunching with a high degree of autonomy. Some of it is transparent to a smart set of specialist technical gurus but most of us, even expert us, sit outside the advancing wave of change.
What I find intriguing is discussion about how society will react when super complex systems go badly wrong. We know something of what happens when conventional systems go wrong. A few minutes studying the recent Boeing 737 MAX saga is a good illustration of what can happen.
It’s a rule in my mind that whatever autonomy a system is given, someone somewhere cannot escape accountability for its actions. Yes, dystopia SiFi stories are full of rouge machines running amok. Society will surely not allow that to happen – will we?
Industry and regulators both have an immensely important role to work together to mange risks. Politicians have a basic responsibility to listen to the conclusions of expert findings. When the amalgam of workings inside the box has such features as machine learning we go way beyond the conversional approach to systems. Beyond what we have been doing successfully to assure safety for the last 30-years.
Demands for greater performance means that we cannot be luddite about the use of non-deterministic systems in safety related control systems. Their adaptability, agility and flexibility can help us meet many environmental and societal aims. But the classical questions of – what if? Still need to be addressed in detail to assure resilience, robustness, and basic levels of safety.
And we must do all this at the same time as updating airborne software of some flying aircraft using floppy disks.
There’s no stark dividing line between the criteria that I flashed up in the last few paragraphs. In fact, there will be major aviation projects that bring these all together in a new way. With the gathering pressure to address aviation’s climate impact there’s a strong desire to fly but in radically different ways. Take the blended wing body (BWB) concept[1]. It’s not new to aerodynamics but until recently the concept has remained on drawing boards[2] and in marketing brochures.
It’s likely that the next big adventure in aircraft design will be a shape that has no distinct separation between the fuselage and wings. Such blended structures may have properties that make them much more environmentally friendly. Yet, they will still be able to be operated from relatively conventional airports. If we combine a BWB with high levels of automation and systems integration and throw in hydrogen propulsion for good measure, there are going to be a myriad of emerging safety issues to consider. That’s one for the list.
Electrification is a snowball that’s rolling gathering ever greater speed. Industry has its eyes on high-power fuel cells. Hydrogen-powered fuel cells are a green alternative to combustion engines. They may have few moving parts, but exotic materials and high temperatures present a bucket load of technical challenges it they are to be used at altitude in all weathers. Promising technology may tick many boxes, but can it be made safe? That’s another one for the list.
To fly, and to do it efficiently watch the birds. They have mastered the art of formation flying to harness its advantages. Formation flying may reduce fuel use by minimizing drag. Experimentation with drones flying in formation are being done. However, the use of this way of flying for large transport aircraft is still a research subject[3]. Procedures exits for formation flying for military and general aviation aircraft (aerobatics). What safety issues need attention to make this work for passenger aircraft?
It’s possible to go further for each aircraft in-flight too. The extensive use of artificial intelligence to optimise flight paths has much potential. Since the introduction of Wi-Fi in the cabin, there’s occasions when passengers have better real-time weather information than flight crew. The ability to meet all the collision risk objectives and pick up the most advantageous winds is achievable. Aircraft innovations like tactical trajectory optimisation are great at lowering fuel consumption. Any safety issues emerging from the use of such systems will likely be linked to their level of autonomy.
Integrating autonomous aircraft into controlled airspace is a challenge of today. As we move forward the variety of autonomous aircraft will grow. An application where the commercial marketplace may drive rapid adoption is that of large autonomous cargo freighters. Emphais on the word “large” is appropriate given that it’s 3rd parties that will be at risk in the event of accidents and incidents. The loss of cargo can be insured but how will society react to accidents that may cause fatalities on the ground, if these operations proliferate?
John Vincent 