Aviation Maintenance Free e-Mail Newsletter Free Aviation Job Alerts
Home Avionics Aviation Maintenance Rotor & Wing Air Safety Week Aircraft Value News Regional Aviation News Very Light Jets
View by Category:  Military | Commercial | Business & General Aviation | Rotorcraft | Air Traffic Control | Maintenance
Advanced Search


Aviation Today Market Leaders
Subscribe
Repair Center Directory
Industry Leader Profiles
Monthly E-letter
Information
Aviation Industry Expo 2008

Top Stories
BPA Statements
Commercial Media Kit
General Aviation Media Kit
Subscribe
Jobs
Podcasts
Webinars
Videos
Blogs
Databases &
   Buyer's Guides
White Papers/
   Technical Reports/
   Supplements
Research Reports
Article Archives
Press Releases
From the PR Wires
Industry Links



Top Stories
Aviation e-letter
Financial Center
Calendar
Media Kits
About Us
Contact Us

Services
Print This Page
Email This Page
Archives
Get Copyright PermissionsCopyright Permissions
Related Stories
Who Leads Our Maintenance Industry? Safety Case Studies MX SAFETY Tool Crib Change Agent About People Avionics Etc.

Saturday, April 1, 2006

Avionics Etc.

Fuel Me Thrice

by John Sampson

Technology advances yet flaws abound. Consider three examples regarding an airplane's fuel state.

The first, in 1983, involves an Air Canada B767 that glided to a landing after its engines quit from fuel starvation. Three weeks before the accident, while the fuel quantity indicating system was being tested, the gages started blanking. The fault was very intermittent, however, so the aircraft was being flown. On the night before the accident, the problem reappeared, and the same mechanic trouble-shot it, unaware that it was the original problem in the same aircraft. It was diagnosed as a failure in the digital fuel quantity processor but there were no replacements.

It was a dual-channel system that provided quantity measurement via calculation and indication. Dual redundancy gave it an ability to operate on a second channel if one failed. To do that, the system relied upon a built-in test to recognize faults within the system.

This redundancy was flawed. A dry solder joint on the inductor between one coil wire and its terminal post was sufficient to fail the primary processor. The inductor coil in the second processor would have taken over if the redundancy had had true fail-safe integrity. It didn't, and investigations later revealed a design error.

The processor failed to switch from the defective channel to a working channel because the faulty joint had caused a voltage drop in the power supplied. Although ignorant of why, the mechanic found that by juggling the two processor's breakers he could regain fuel readings. The tripped breaker was covered with tape to prevent it being reset. No record was made of the grounds for that action. The 767's Minimum Equipment List (MEL) allowed operations with a faulty fuel processor. At Dorval Airport in Montreal, the same mechanic carried out a manual drip check of the aircraft's tank levels before its trip to Edmonton.

While waiting for the fuel truck he double-checked the system by resetting the breaker. As expected, the gages blanked again. When the fuel truck arrived, the reset "faulty" breaker was overlooked. With gages now inoperative, the dispatch ground crew performed a drip test and estimated that 7,682 liters of fuel remained in the tanks. The flight from Montreal to Edmonton, including a brief

stop in Ottawa, required 22,300kg of fuel. The mechanics needed to work out how many liters made up 22,300kg. They could then subtract the 7,682 liters already in the tanks, and use the fuel gauge on the refueling truck to tell when they had reached the right number of liters to total 22,300kg. The 767 was the first Air Canada aircraft type to use metric units (kilograms) rather than imperial (pounds). Metric was being phased in across Canada, and the conversions were still causing confusion.

As a result, the flight departed with 10,000kg, less than half the amount of the fuel load for reaching Edmonton. Yet the flight operated legally because the MEL permitted departure based on a drip test and no gages.

Flick forward to Feb. 8, 2005, around 22 years later. A Virgin Atlantic A340-600 lost an engine enroute due to fuel starvation. Its FCMC (Fuel Control & Monitoring Computer) has two redundant processors, each capable of fault-testing and seamlessly taking or ceding control. Pilots trust it and so normally monitor the ECAM engine page and rarely check tank levels on the fuel page. Unfortunately, due to a design defect, certain failure modes can negate redundancy and allow a failed processor to assert itself. The pilots are unamused as their next engine starts to flame-out due to fuel transfer failure. Thoroughly perplexed, they divert into Amsterdam. Later that year, on August 6, 2005, a Tuninter ATR72 splashed down off Palermo. It was out of gas and 16 drowned. Investigators found that a fuel quantity indicator (FQIS) for an ATR42 had been installed. Its outward appearance is identical and the gages are interchangeable.

The catch is that fuel calibration by the wrong gages leads to gross under-refuelling. Additionally, as with the A340-600, no independent system for low fuel-feed levels existed. The ATR's low fuel lights operated off the FQIS gages, according nil redundancy at all ... and the pilots weren't keeping a fuel log.

It seems the advance of technology is rife with flaws. Pilots try to cope with understanding automated systems--and fail to a state of mute acceptance. The only person (beside the design team) who is capable of understanding the inherent flaws and vagaries in a system is the avionics technician who manages and fixes it. Wouldn't it be ideal if such a person were to responsibly identify and highlight the known flaws in "his" system? It might lead to less tripping over the lack of triple redundancy.


Post a Comment

Name:
Email:
Comments:

Please enter the letters or numbers you see in the image.

 
Your message will be reviewed before it is posted.
Copyright © 2008 Access Intelligence, LLC. All rights reserved. Reproduction in whole or in part
in any form or medium without express written permission of Access Intelligence, LLC is prohibited.







121five.com