Systems – Page 17 – John Vincent

Digital Hazards

I agree[1]. The INTERNET information super highway isn’t so different from the highways we use to get around. Both have traffic. One presents hazards that are not always obvious and the other is riddled with hazards, many of which we can see. They are similar hazards, in that someone raiding your personal data can have just as devastating an impact as your car running off the road.

Giving people mandatory training before they venture out into the world of INTERNET banking, and the mad whirl of social media has merit. This will not reduce serious problems to zero, but it can mean fewer people suffer financial misfortunes and reputational nightmares.

I know this thinking is hard for anyone with an inbuilt downer on the notion that Governments should intervene to protect citizens from every threat. This is fine. There should be a reasonable threshold set before rules and regulations are grasped as a weapon against potential harms. Everyone has a responsibility to look after their own health and safety to the greatest extent that they can. That’s where there’s marked limitations in the case of the digital landscape.

Even for those aware of live digital threats the means to address them are not well known or easily accessible. The human factor plays a part too. Many people are reluctant to admit that they may have been dupped or take for a ride in the wild west of the INTERNET.

On another subject, but not unrelated, is that we live in a world of gurus and commentators. This predates social media but that has heightened the trend. It’s as if well-informed person A says, “don’t stick your finger in the fire” and nobody listens. However, when well-known person B says the same everybody listens. All the time the facts remain the same.

Sadly, this works with disinformation as well as the truth. There’s a propensity to wish to agree with people that we imagine others agree with at the same time. It’s a cosy security blanked. There was once a saying that; nobody ever got the sack for hiring IBM. This phrase captures the belief that those others can’t all be wrong and even if a choice is wrong for me, I’m not alone.

Such blame avoidance is pessimistic thinking. It elevates the fear of failure and places it at the heart of decision making. A balance is better. Awareness of hazards is the first step in managing risk.

[1] https://www.bbc.co.uk/programmes/b006qj9z

Time & Tech

It was a Financial Times newspaper poster that warned of UK job losses on a mass scale. It captured the pervasive idea that, as in the industrial revolution, huge changes in working conditions and types of jobs were come down the line. Technology would radically reshape employment. Those in comfortable jobs would not be imune from change.

One whole broadsheet page carried a message. Center of a picture was a large, polished metal dustbin. Contrasting and overspilling it were white shirt collars. The background was blank. The stark message was – the silicon revolution will mean an end to white collar jobs. I think the advertisement was placed by the trade union: Association of Scientific, Technical and Managerial Staffs (ASTMS)[1].

This was the 1970s. A time when speculation about the impact of computers in the workplace was rife. It was before the Personal Computer burst onto the scene. Names like IBM and the Digital Equipment Corporation (DEC) were dominant. I wonder what it would be like if I could step into a time machine and return to that era. To let them know what really happened as technology advanced unrelenting for the next four decades.

In many ways white collar jobs, or office jobs, have not disappeared. If anything, the numbers employed, where a computer is an essential part of the everyday work has increased dramatically. Yes, there’s not so many white collars as digital communications allow people to work at any location. The workplace dress code, if there is one, has left the standard suite and tie behind.

Taking a broad view, the “silicon revolution” has improved life for many. Gone are huge typing pools, mechanical calculators, and Orwellian workplaces. Card file indexes, drawing boards, and toxic chemical copying machines look prehistoric in black and white pictures from the 1970s.

In that conversation with an office worker of that time, what they may be shocked to hear is that the diversity of companies shaping their workplace will narrow down to a small number of vast American names. The expected liberalising impact of technology, that makes information available to everyone, anywhere and at speed will have the perverse effect of narrowing minds.

What do I take from this journey to the past? It’s that the impact of technology is shaped by the choices we make. However, we choose with little idea of the longer-term influence technology has on our lives.

POST: Timeline | The Silicon Engine | Computer History Museum

[1] https://en.wikipedia.org/wiki/Association_of_Scientific,_Technical_and_Managerial_Staffs

SPO 3

Now, there’s an activity with two humans in the loop. Given the physics involved the goalkeeper should be beaten every time. Well, I’m saying that assuming a high level of expected performance on the part of the footballer taking the penalty. I guess that’s why we are often critical when they miss. In the last few weeks there have been more than a few examples to watch.

What we know is that football penalties are much more than mechanical actions and reactions. However, there’s a degree of mythology about the inevitability of human factors taking control of the outcome: goal or no goal. I’d like to think that there’s an ever-shifting blend of what physics does to the ball and what the human does. Is it always possible to predict the slipperiness of a spinning ball traveling at speed that is then touched by the fingertip of a goalkeeper?

What if the footballer taking the penalty, was an “intelligent” machine. That is a machine with a sensor array and computational capability that far exceeded normal human performance. Such advance automation could calculate the most probable reaction of a goalkeeper based on history and the immediate movements they make right up to the last millisecond before the ball is struck.

Assuming the machine was limited in term of the force it can apply to the ball, it could still adjust its actions as soon as any new information was available. I’m not saying the outcome will always be better for the machine football striker. However, it could reduce the scope for error and randomness to dictate what finally happens.

So, with that argument, in aviation, I’m saying it’s not right to say that Single Pilot Operation will always be worse than two crew operations. Don’t get me wrong, those people aggressively advancing the idea that the intelligent machine will always be better than a human are missing something too.

One thing that highly capable automation could have to bring to the party is not only early detection and diagnosis of problems but a massive library of stored experience. How we embed and constantly update that flight experience is an almighty challenge.

Afterall, the dread in aviation is knowledge with hindsight. It takes the form: “You should have known. Why did you let this incident happen?”

I’m now tempted to think of a Star Trek analogy. Every second an aircraft of a type is flying, experience of its operation is being accumulated. If there are hundreds of a type flying at any moment across the globe, that’s a lot of data to collect and absorb and think about before acting.

The fictional and scarry Borg are cybernetic creatures linked by a hive mind and they know a thing or two about assimilation. Granted that’s farfetched as analogies go but my point is that I believe we are generations away from that kind of capability. Not only that, just as humans fail so any such “intelligence” designed by humans will fail to.

SPO 2

An instant reaction to Single Pilot Operations (SPO) is like the instant reaction to completely autonomous flight. “I’m not getting on an aircraft without a pilot!” Then to justify that reaction fatal accidents of the past are cited. Typically, this is to remind everyone of the tragic Germanwings accident[1]. It was 24 March 2015, that an Airbus A320 was crashed deliberately killing all onboard.

However, it’s wise to remember that the likelihood of incapacitation[2] is much greater than that of the malicious behaviour of the pilot in command. Cases of malicious behaviour leading to a catastrophic outcome are truly shocking but extremely rare.

One fatal accident, that is still disputed is EgyptAir Flight 990[3] that killed 217 people in 1999. The possibility of inflight pilot suicide is unnerving, since on the face of it there is little any of the aircraft’s cabin crew or passengers can do to stop it.

This could be a future opportunity to use automation to prevent these scenarios occurring. Afterall the aircraft knows where it is and that a sustained high-speed dive towards the ground is not normally intended. A safety system exists to do this[4], but its outputs are not connected to the aircraft’s flight controls.

Humans being adaptable, extremely creative and capable of highly irrational actions, it’s unlikely that malicious behaviour resulting in aviation accidents will ever be reduced to zero. This is said regardless of the procedures or technology involved. The fate of flight MH 370 remains a mystery.

Thus, the prominent safety issue in respect of SPO is pilot incapacitation. Where the pilot in command is no longer able to perform as expected. That is, if the aircraft flown is not capable of safely landing itself. The objective always being safe continued flight and landing.

I’ve had the “1% Rule” rule explained to me by a notable aviation doctor, but I must admit I didn’t fully take it in. So far, the rule has stood the test of time. When the pilot in command of a Czech Airlines aircraft collapsed and died on route from Warsaw to Prague in 2012, the co-pilot took over and everyone got home safely.

Any automated co-pilot must be at least as capable as a human co-pilot in all aspects of operation of an aircraft. The key word here being “all”. It’s not enough to have the functions necessary to undertake safe continued flight and landing. Task such as communicating with the cabin crew and passengers must also be considered. Including preparation for an emergency landing.

[1] https://www.bbc.co.uk/news/world-europe-32072218

[2] http://www.avmed.in/2012/02/pilot-incapacitation-debate-on-assessment-1-rule-etc/

[3] https://www.theguardian.com/world/2002/mar/16/duncancampbell

[4] https://skybrary.aero/articles/terrain-avoidance-and-warning-system-taws

Single Pilot Operations

Single Pilot Operations is not new. What’s new is considering this way of working for everyday public transport operations of large aircraft

Research is of fundamental importance. It seems obvious to say so given the benefits it has given us. When proposals come forward to exploit new technologies there needs to be that moment when everyone steps back and takes a long hard look at the implications of its use.

In basic technical research it’s not the most important consideration is to focus on the drivers for change. They can be multifarious: economic, environmental, social, safety, security, political, and maybe just a matter of preference. Policy directions are taken by the industry and governments not constrained by what is happening now as much as what might happen tomorrow.

Research has delivered incredible safety improvements in aviation. This is not only in the basic design and construction of aircraft but all aspects of their operation. So, to see that the European Union Aviation Safety Agency (EASA) sponsoring research to study the implications of aircraft Single Pilot Operations[1] is a wholly good measure.

My history goes back to the early days of fly-by-wire aircraft systems. This is where the mechanical and physical connection between an aircraft pilot’s actions and the control surfaces that determine flight are replaced by digital computers. Back in the 1980s, a great deal of research and experimental flying proved the technology to make fly-by-wire work. It first found favour with the military. One reason being that an aircraft’s capability could be extended well beyond what was formerly reached. This change was introduced with caution, analysis, testing and much detailed risk assessment.

At the time, there was a significant body of professional pessimists who predicted a diminishment of aviation safety. Today, four decades on, studies show that even as air traffic has increased so civil aviation safety has improved. A momentous achievement. An achievement that has, in part, been because of the well-regulated adoption of advanced technologies.

It is important to look at potential changes with an open mind. It’s easy to come to an instant opinion and dismiss proposals before a detailed study has been conducted. The detailed technical research can then be part of the challenge and response that is necessary to before approval of any major change. First difficult questions need to be tabled and thoroughly investigated.

[1] https://www.easa.europa.eu/en/research-projects/emco-sipo-extended-minimum-crew-operations-single-pilot-operations-safety-risk

Bandwidth

There’s a mismatch. It really is the case that there are more demands for attention than any normal person can address. Certainly, social media has a habit of burning up time. TV channel numbers expand like prolific rabbits but ironically there’s nothing worth watching or so it’s said. Daily newspapers are in decline, but supermarket shelves remain covered with expensive colourful magazines packed full of advertising. So many demands for our attention but the 24-hour day is much the same as it was in stone age times.

I did start a “to do list” in the assumption that it would help. Get me organised. Problem is that such lists fill up quickly and each task linger like a sword of Damocles[1]. Due dates slip into the past. It’s not a good way to reduce a dynamic stack of e-mails or clear a cluttered diary. Such lists are more a source admin than they are a source of free time.

One descriptive word that’s more than familiar to an engineer is that of “Bandwidth.” In this case lack of it. In the technical world it’s a range of frequencies within a set band. That notion of a limitation exists because a band is not boundless.

For my e-mail list. The contemporary form of an in-tray full to the brim with paper. This means that time is not expandable in such a way as to address everything that demands attention. Even though, it’s true that a great deal of time-wasting junk is quickly consigned to the waste bin.

As a species we have not evolved to cope with the ever changing digital world. The speed with which information can move is unrelenting. Harsh weather, day, night, the global expanse, nothing slows it down. Anyone with an internet connection is quickly hooked. Disconnection become imposible.

The difficulty is the mix. Irrelevant drivel takes the same path as communications of great value. The job of sorting this out, to make stuff usable, takes time that squeezes out new contracts or new projects. Finding energy and mental capacity to deal with digital clutter drains the batteries.

The new art is knowing what bandwidth, to manage this deluge, you can muster and for how long. Then being disciplined enough to use the delete button more often. To be less bound by a drive to answer every question. To be less impacted by views and opinions that pass by like rocket ships.

[1] The expression comes from the Roman politician, orator, and philosopher Cicero (106-43 BC). And I thought it was Biblical.

Step on the Moon

This coming Wednesday it will be 50-years since the last human footstep was made on our Moon. On 11^th December 1972, Apollo 17 arrived on the surface of the Moon. Although 10 Apollo missions were planned to step on our Moon only 6 were made. The last man on the Moon left on 14^th December 1972. Eugene Cernan was the astronaut who made that last footprint[1].

This last week, I listened to an online lecture called: “Return to the Moon: “Apollo” for a new generation”. Professor Craig Underwood gave that lecture[2] at Surrey University. He reflected on the success of the Apollo moon landing missions between 1969 and 1972.

Just as he did it gave me cause to reflect on the impact that space adventure had on my boyhood self. Those years from age 9 to 12 must have had a profound impact on not only Eugene Cernan but Professor Underwood and me. We each became electrical engineers.

We became captivated by the unbounded capacity of engineering to change the world around us. It’s true that’s a double-edged sword in that both positive and negative transformations can occur. Notably, we can see that with the current use of airborne drones. On the one hand they can be used to deliver medical supplies on the other hand they can deliver devastation in war.

Here in the UK, we have a lot to thank Gerry Anderson[3] too. The creator of Thunderbirds, Captain Scarlet, Stingray, Joe 90, UFO and Space:1999 had a market impact on both the Professor and me. Colourful fantasy it may have all been, but those stories captured the imagination a generation.

The British TV series UFO and Space:1999 envisioned a permanently stationed Moon base. The leaps of the imagination in the 70s were partly due to the real achievements of the Apollo missions. Maybe it was beyond us to have a working base on the Moon by 1999 but now it’s starting to become a practical possibility.

Today, Sunday, NASA’s Orion capsule arrives home[4]. All being well, the spacecraft will splashdown in the Pacific Ocean after a 3-week trip around the Moon. I wish the project good fortune.

POST: Sunday 17:40 GMT. The Orion spacecraft, which is to carry astronauts to and from the Moon, has splashed down in the Pacific Ocean after its test flight

[1] https://thelastmanonthemoon.com/

[2] The Institution of Engineering & Technology

[3] https://www.gerryanderson.com/

[4] https://www.nasa.gov/exploration/systems/orion/index.html

Bird Strike 2

What makes a bird strike different is that it’s an unpredictable collision. If we talk about aircraft collisions with terrain the outcome is predicable bad. All that kinetic energy must go somewhere. So, a high-speed vehicle hitting something that is immovable is not going to end well.

Now, it must be said that some hunting birds can dive at incredible speeds. More typically, a large bird in flight between feeding sites isn’t going to be traveling fast. In fact, it may as well be viewed as a static object relative to an aircraft in flight. A bird in-flight is unlikely to be able to take avoiding action. For a pilot the action of “see and avoid” may work in respect of other aircraft but a bird ahead is no more than a pinprick in the sky.

These factors make aircraft bird strikes inevitable. That said, the range of outcome because of impacts are rarely at the severe end of the scale. One reason for this is the effort made at design certification to ensure an aircraft is sufficiently robust. Damage can occur but if the aircraft design and test processes have been rigorous everyone should get home safely.

I remember paying particular attention to the zonal analysis done by several major manufacturers. In my experience the most difficult designs are for those of business jets and large helicopters. One of the design challenges in both cases is the limited physical real estate within the aircraft structure. Weight is another big consideration. This leads to cramming essential avionics and electrical systems and their interconnections into confined spaces.

Zonal analysis is about ensuring there’s segregation between different systems. Afterall what’s the point of having two Attitude & Heading Reference Systems (AHRSs)[1] and putting them next to each other in the nose cone of an aircraft. That’s not a good design strategy. One damaging impact must not take out two essential independent aircraft systems.

It’s just as important to ensure an aircraft’s wiring isn’t all bundled togther and taken through one connector. That may save money on electrical parts but it’s not going to work after being hit hard by a 5kg goose.

These issues will need particular care in the new electric vertical take-off and landing (eVTOL) aircraft that are on the drawing boards. Choosing a safe architecture, manufacturers must balance the use of creative design solutions, to produce a competitive product, with limited physical space.

A couple of key words in the certification requirements concern hazards that are anticipated. Bird Strike is hazardous and aircraft systems and equipment must “perform their intended function” should it occur. See EASA Special Condition for small-category VTOL aircraft, Subpart F[2].

POST: Good to see the bird strike criteria Joby’s airworthiness criteria: A blueprint for the nascent eVTOL industry – Vertical Mag

[1] https://helicoptermaintenancemagazine.com/article/layman%E2%80%99s-guide-attitude-heading-reference-systems-ahrs

[2] https://www.easa.europa.eu/sites/default/files/dfu/SC-VTOL-01.pdf

Bird Strikes

Birds and aircraft share the same airspace. This is not a beneficial relationship for either.

I watched two rather aloof Branta canadensis in our local park the other day. They seemed oblivious to all the other birds on the priory pond. I’d certainly describe these two birds as being well fed. Given their stature and size, they looked formidable. These resident North American visitors are not to be messed with and are only eclipsed by the Swans on Reigate’s pond.

This species of bird has adapted well to living in urban and suburban areas and are frequently found on lakes, ponds, and rivers. I used to see large flocks of them gather on the river Thames. That was only a couple of miles from London Heathrow.

Even though they are numerous in the UK these birds are protected by law (Wildlife and Countryside Act 1981[1]). Today, the population numbers may be as high as 62,000 breeding pairs[2]. Although these birds have the capability to fly great distances they tend to hang around where there’s a reliable source of food. Bird populations are changing their behaviours as a result of climate change.

Geese fly in the typical V-formation which is called a “wedge” or skein. From time to time, I see them fly over my house at a few hundred feet as they move between local lakes and ponds. They are easy to spot and often noisy as they elegantly traverse the sky.

Birds and aircraft share the same airspace. This is not a beneficial relationship for either. Strikes occur around the world every day. In the history of aviation, there have been hundreds of aircraft accidents and more than 47 fatal aircraft accidents caused by bird strikes[3].

It must be said that most bird strikes cause little damage to aircraft but that is highly dependent upon the size of the unfortunate bird and their habits. The story can be very different when an impact is with a Canada goose. Their large size and tendency to fly in flocks can have a devastating impact. On 15 January 2009, a US Airways Airbus A320 aircraft[4] ended up in Hudson River as the result of an encounter with such birds.

The risk of collision between birds and aircraft have always been part of aircraft operations. As a result, measures are taken to certify aircraft to be robust in the event of such collisions. Additionally, there’s a great deal of effort made at major airports to keep birds away from active runways.

Most of the bird threat to aviation safety exists when travelling at speed at relatively low altitudes. Bird strikes happen most often during take-off or landing. This makes me think that bird strikes are going to be a regular feature of the operations of Urban Air Mobility (UAM) / Advanced Air Mobility (AAM). The use of use highly automated aircraft may offer the opportunity to provide sophisticated bird avoidance features. However, so far, I’ve detected no talk of such features.

POST 1: A useful safety booklet Large Flocking Birds (skybrary.aero)

POST 2: A recent Boeing 737-800 serious incident LinkedIn

POST 3: An example of what can happen from 2019 Ural Airlines Flight 178 – Wikipedia

POST 4: Another useful safety booklet Bird strike, a European risk with local specificities, Edition 1 – Germany | SKYbrary Aviation Safety

[1] https://www.legislation.gov.uk/ukpga/1981/69

[2] https://www.wildlifetrusts.org/wildlife-explorer/birds/waterfowl/canada-goose

[3] https://www.skybrary.aero/sites/default/files/bookshelf/615.pdf

[4] https://en.wikipedia.org/wiki/US_Airways_Flight_1549

Practicable

I am in two minds. When I see the words: “in so far as practicable” I can think; great, a degree of flexibility. On another occasions when I see the self-same words I think; that’s too vague and indistinct. It can easily circumvent more strict language.

Practicable is a perfectly useful word. The idea that it’s practical to do something and likely to succeed can be a matter of reasoned judgement. However, there lies the crux of the problem. It’s the subjective of that judgement, as to what’s practical and will it succeed, that becomes the possible difficulty.

If there’s a clause in a group’s constitution or working arrangements that says: “in so far as practicable” then it can become open season for someone to avoid a commitment or go their own way. That can be to shoot a big hole in a set of agreed expectations.

A lot depends on where the burden of proof sits. In other words, I may assert that something is not practicable but is it then for someone else to prove me wrong? Or do I have to provide the necessary proof?

There are elements of degree here too. If the assumption is that a judgement can be a snap judgement that’s one thing. However, there may be an assumption that a judgment is based on a rigorous level of analysis and reasoning.

The term “in so far as practicable” is most useful when applied thoughtfully and with honest intent. That the person applying this caveat would work hard to undertake whatever obligation was written and only as a fall back, having been unable to meet an obligation, revert to the use of these words.

Context and circumstances weigh heavily on what is practicable. An easy task on a sunny day can be a nightmare in a thunderstorm. Some legal clauses go as far as “insofar as is reasonably practicable in the circumstances”.

I guess I’m coming around to the wish that the “ALARP” concept (short for “as low as reasonably practicable”) would be sparingly used. ALARP weighs risk mitigation, elimination or reduction against time, trouble, and money. That’s a balancing act where there’s no perfect answer.

ALARP is a basic concept in health and safety law, but it hasn’t caught on in aviation or at least safety of flight. It’s not that aviation is blind to the fact that flight safety can be a priority, but it will never receive infinite time, trouble, and money.

It’s more that with flight there’s always a choice. It’s a “go – no go” choice. If adequate risk mitigation, elimination or reduction is not available the reasonable choice is to stay on the ground.