Case Study: Boeing 737 Max

Project

  • This work was done as part of an Engineering Psychology class.

  • The brief was to take a real-world system or problem and use research to identify an underlying contributing factor and suggest solutions for the same.

  • As an exercise in critical thinking and application, this project was scoped to assess our logical thinking.

Overview

I used the case study of the Boeing 737 Max crashes in 2019 and aimed to investigate a potential contributing factor to the crashes.

Problem Description

  • On two separate occasions within a span of six months, two Boeing 737 Max aircraft crashed, killing all people on board. The underlying cause of the crash was identified as the inadvertent activation of the Maneuvering Characteristics Augmentation System (MCAS).

My question

  • How could an unsafe flight system pass through multiple stages of testing without a flaw being highlighted?

Importance

  • If there is an underlying issue with the testing and safety evaluation procedures used by Boeing, then it could also affect other systems and lead to other deadly crashes.

  • Although this was a class assignment, this research could inform decisions regarding safety evaluation procedures.

Work

Reading

I researched and read news articles, transport safety reports, and journal articles concerning the Boeing 737 Max crashes. My aim was to identify factors and constraints that guide safety decisions. Moreover, I wanted to identify the current safety evaluation procedure that Boeing uses.

These were the key insights I obtained:

  • Boeing was in a race with Airbus to deliver more efficient airplanes while keeping the major flight handling dynamics identical to previous models so that commercial operators would not have to spend money to train pilots on new equipment.

  • According to the National Transportation Safety Board (NTSB), to bypass the need for additional training, manufacturers are required to test the assumptions that system malfunctions are readily recognizable and do not require exceptional piloting skills to counteract.

  • Boeing tested these assumptions in a simulator by simulating an MCAS malfunction. They concluded that MCAS malfunctions are readily recognized and that the aircraft can be returned to a steady level of flight without additional training.

    • Underlying problem: Boeing simply simulated the MCAS malfunction by mimicking the flight dynamics that would result if the MCAS malfunctioned.

    • They did not account for all the additional alerts that could accompany the MCAS malfunction if it was caused by the failure of an element that was connected to other systems as well. This is what happened in the crashes; a sensor that was integral to other flight systems failed. In these situations, the pilots did not act in a manner consistent with Boeing’s evaluations because Boeing had not evaluated human interaction with the system in such a situation

My solution

  • Essentially, in a highly automated cockpit such as that of Boeing aircraft, the operator is a supervisory controller responsible for overseeing the functioning of the automation.

  • Based on my research, I identified a method of modeling human-machine interactions that can predict different ways an operator may potentially interact with a system.

  • Skill, Rule, Knowledge (SRK) Based Behavior Model

    • According to the SRK model, there are three distinct types of human-machine interactions which have different implications for how a human will interact with a system.

    • Skill-based behaviors are automatic, do not require conscious control, and are smooth and integrated.

    • Rule-based behaviors consist of actions that follow the template – if state X then action ­­­­­Y. This means that rule-based behavior involves the recognition of a system state and the subsequent activation of a response

    • Knowledge-based behavior has the highest degree of cognitive demand and is used for novel problems that cannot be solved with standard procedures. In this type of behavior, plans of action are explicitly formulated, based on an analytical integration of the knowledge of the system.

    • Recognizing that it is impossible to foresee every possible situation a pilot may find themselves in, I proposed that the best way to devise a foolproof safety evaluation procedure would be to conduct a cognitive task analysis based on the SRK model to identify how a pilot may interact with the system in all types of situations right from the easiest (skill-based) to the most difficult (knowledge-based).

    • Based on this, these different types of interactions can be simulated in a flight simulator and the error-prone points in the human-system interaction can be identified and subsequently rectified. Designing the safety evaluation in this way is systematic and much more comprehensive. It ensures that all levels of interactions are thoroughly tested and a safe product is delivered.

Outcomes and Reflection

As a class project, there was little scope for implementation. However, my professor thought that my proposed solution was actionable and I ended up getting an A grade for the paper.

  • I learned the importance and real-world application of theoretical concepts.

  • I understood the benefits and implications of good research in the real world