Hacker News new | past | comments | ask | show | jobs | submit login

> The National Transportation Safety Board determines that the probable cause of this accident was the inadequate consideration given to human factors limitations 1n the inspection and quality control procedures used by United Airlines' engine overhaul facility which resulted in the failure to detect a fatigue crack originating from a previously undetected metallurgical defect located in a critical area of the stage 1 fan disk that was manufactured by General Electric Aircraft Engines.

https://www.ntsb.gov/investigations/AccidentReports/Reports/...




Cropping the cause is misleading, this is all under cause:

> determines that the probable cause of this accident … Aircraft Engines. The subsequent catastrophic disintegration of the disk resulted in the liberation of debris in a pattern of distribution and with energy levels that exceeded the level of protection provided by design features of the hydraulic systems that operate the DC-10's flight controls.

Under recommendations:

> Encourage research and development of backup flight control systems ·for newly certificated wide-body airplanes that utilize an alternative source of motive power separate from that source used for the conventional control system. (Class II, Priority Action) (A-90-168)

> Conduct system safety reviews of currently certificated aircraft as a result of the lessons learned from the July 19, 1989, Sioux City, Iowa, DC-10 accident to give all possible consideration to the redundancy of, and protection for, power sources for flight and engine controls. (Class II, Priority Action) (A-90-169)

>Analyze the dispersion pattern, fragment size and energy level of released engine rotating parts from .the July 19, 1989, Sioux City , Iowa, DC-10 accident and include the results of this analysis, and any other peripheral data available, in a revision of AC 20-128 for future aircraft certification. (Class II, Priority Action) (A-90-170)

Etc. So calling this a design issue rather than an inspection issue is quite reasonable. Inspections are guaranteed to eventually fail, the aircraft being 100% dependent on them is a recipe for future disasters.


In aviation safety investigations, all contributing factors are considered, and there are usually multiple factors involved in any incident.

My purpose of quoting that wasn't to be a wholly inclusive description of the situation (that's what the full report is for), it was to refute the above idea that engine defect was not the root cause.

> So calling this a design issue rather than an inspection issue is quite reasonable. Inspections are guaranteed to eventually fail, the aircraft being 100% dependent on them is a recipe for future disasters.

Likewise, we don't just require "good designs" instead of inspections, because even a "good design" will experience failures. In the swiss-cheese model of safety, all of the slices are important. In this case, the inspection was the first failed slice.


> was to refute the above idea that the engine defect was not the root cause

You misunderstand what a root cause is. An accident has multiple root causes in the swiss cheese model.

Each process update is supposed to address a root cause.

This is separate from contributing factors. IE: It happened at night.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: