|
-
POSTING RULES

-
Donate yearly (please).
-
Advertise in here!
-
Today's Posts
|
Insert Pics
|

07-08-2006, 08:51 AM
|
 |
|
|
Join Date: Feb 2005
Location: Torquay, Victoria, Australia
Posts: 826
|
|
No Steam
Modern Airliners don't use backup steam guages......... or vacuum pumps.
Back up Instruments are all electirc, LED displays.
But they have a miriad of electrical power suplies. Generators, Batteries and RATs.
Pete.
__________________
Peter James.
Australia Down Under.
|

07-08-2006, 01:07 PM
|
|
Banned
|
|
Join Date: May 2006
Location: Phoenix, Az
Posts: 920
|
|
Weakest Link
Quote:
|
Originally Posted by Sam Buchanan
Yukon has decided that:
Wow.....what kind of engine('s???) are you planning on using in your RV???
Matter of fact, I am afraid the pilot of my airplane falls into the catagory of "may or may not work"......... 
|
That's a fact Sam, I am definitely the weak link in the machine!
I'm using the engine that brother Van tells me to use. You guess which one.......Never heard anyone describe it as "might work, might not"
|

07-08-2006, 03:15 PM
|
|
|
|
Join Date: Jun 2006
Location: Canby, Oregon
Posts: 18
|
|
What are the odds of this happening?
Hello Everyone:
First, some background:
1) Do not have my certificate ... yet
2) Have not started an RV ... yet
3) This is my first non-test post on this forum.
From Kahuna's provided failure data:
BMA has had 4 freezes in 250 flight hours
GRT has had 1 freeze in 250 flight hours
My understanding is that these failures were prior to his dual failure described in his post.
Admittedly, these calculations are crude and based on very limited data, but I have been trying to convince myself that this dual failure was somehow just bad luck. Assuming his average flight is 2 hours long ...
Probability of Failure for his BMA is 4/250/2 = 0.032 per 2-hr flight
Probabiliy of Failure for his GRT is 1/250/2 = 0.008 per 2-hr flight
Based on this data, the chances of both units failing on the same 2 hour flight is (0.032)*(0.008) ~ 0.000256 or about 1 in 4000.
I agree, it is possible that the two units just independantly failed due to "bad luck", but 4000 2-hour flights is a lot of stick time (8000 hrs!) I guess it gets me thinking about a common assignable cause ...
Are the re-boot numbers that Kahuna listed typical for others with EFIS equipment? If they are significantly higher, perhaps they are indicative of another potential issue?
Regards,
Tim
|

07-08-2006, 10:26 PM
|
 |
|
|
Join Date: Sep 2005
Location: Southwest Michigan
Posts: 180
|
|
Quote:
|
Originally Posted by FiveNinerTIM
I agree, it is possible that the two units just independantly failed due to "bad luck", but 4000 2-hour flights is a lot of stick time (8000 hrs!) I guess it gets me thinking about a common assignable cause ...
|
In the case of the GRT there is a definate and known assignable cause. It's a bug in the code that is repeatable. I believe the jury's still out on the BMT.
|

07-08-2006, 10:50 PM
|
|
|
|
Join Date: Jan 2005
Location: Kirland, WA
Posts: 200
|
|
Quote:
|
Originally Posted by FiveNinerTIM
...
Based on this data, the chances of both units failing on the same 2 hour flight is (0.032)*(0.008) ~ 0.000256 or about 1 in 4000.
|
A crash rate of 1/250 hrs is pretty bad, 4/250 is really bad on my arbitrary scale...
Even so you came up with 1 in 4000 flights. What percentage of those flights are in hard/approach IMC? 1 in 200? Add to that the fact that an autopilot or other redundancies add another factor of safety.
It seems to me that the 2*efis + autopilot + redundant power takes a lot of problems before you are out of options. I would bet that the number of people who are saved by efis/gps/autopilot provided situational awareness exceeds the number lost by multiple failures.
I compare Kahuna's setup to the 172 with a single vacuum pump, no GPS that I got my instrument ticket in and have to laugh...
__________________
Chuck Bass
Kirkland WA - KPAE
RV-4 /VAF#720/500hrs
0360/CS/PMag
Blackjack Squadron
|

07-09-2006, 08:17 AM
|
 |
|
|
Join Date: Mar 2006
Location: Tucson, AZ
Posts: 823
|
|
IF A=B, THEN ACTIVATE, ELSE (do something else).
Quote:
|
Originally Posted by joe gremlin
In the case of the GRT there is a definate and known assignable cause. It's a bug in the code that is repeatable. I believe the jury's still out on the BMT.
|
Exactly Joe. You are exactly correct. The programmer created a set of instructions that said IF the synthetic approach function (SAP) is armed and destination runway data is not available, try to activate the localizer arm function (LOC in the ARM menu). When it failed to activate that arm, that froze the display. There was no logic offered to tell the program what do to if the localizer arm function failed to respond.
All conditional programming logic SHOULD be coded IF (some condition exists), THEN ACTIVATE LOCALIZER ARM, ELSE (do something else).
Every attempt to activate a device should have a timeout routine if it cannot activate the device rather than just sit there and hang.
It?s no different than the A&P who uses a common steel bolt with a tensile strength of 50,000 psi instead of using an aircraft bolt made from corrosion resistant steel and heat treated to a strength in excess of 125,000 psi explaining, ?GEE, that?s all I had on hand?.
Comparisons to 777's are about as valid as comparisons to my 150 or Wilbur & Orville's airplane. If people are going to bet their lives on these devices, programming should be examined for details as basic and obvious as this.
|

07-09-2006, 08:27 AM
|
|
Banned
|
|
Join Date: May 2006
Location: Phoenix, Az
Posts: 920
|
|
Reliability
"Comparisons to 777's are about as valid as comparisons to my 150 or Wilbur & Orville's airplane. If people are going to bet their lives on these devices, programming should be examined for details as basic and obvious as this."
No, sir, comparisons with transport aircraft are completely valid because they illustrate the difficulty of writing reliable software, even with an unlimited budget.
As far as your Cessna 150 goes, I wouldn't be bragging about that!
|

07-09-2006, 12:08 PM
|
|
|
|
Join Date: Sep 2005
Posts: 1,110
|
|
Quote:
|
Originally Posted by MrNomad
All conditional programming logic SHOULD be coded IF (some condition exists), THEN ACTIVATE LOCALIZER ARM, ELSE (do something else).
Every attempt to activate a device should have a timeout routine if it cannot activate the device rather than just sit there and hang.
|
This reminds me of my first manager. He would lecture us on how the software should never crash, and whenever something failed he would lecture us on the "proper" behavior...as if we intended for it to fail or crash. LOL. Worst guy I ever worked for. I ended up leaving after 9 months. I manage a team of engineers now, and everytime I'm about to ask someone "What the heck were you thinking when you did that?", I think of him and bite my tongue.
Here's the fact of the day: No program will ever be 100% reliable and bug free. Here's another one: no mechanical or electro/mechanical device will ever be 100% reliable and bug free. So now what? Do you lock yourself in a cave? Are unreliable mechanical components better than unreliable (usually MORE reliable, BTW) software?
We already know that the version in question was out for BETA testing. The bug report came in, was fixed the same day and a fix was on their website. I just simply fail to see where all the rants against these engineers is coming from. The whole process from beginning to end worked precisely as intended.
Only a fool would "bet" their lives on an EFIS, or any other device. I would certainly trust my life, however, to a panel designed for reliability through a reasonable amount of redundance and backup.
The fact that 2 completely different EFIS failed at the same time in this case is just fantanstic and something that I'd never heard of before (that 1 in 4000 number is bogus. You can't do statistics with 1 data point running BETA software). Okay, fine...sometimes engines throw rods. What do you do now, fly gliders instead? Careful...gliders have been known to crash because of system failures too!
__________________
John Coloccia
www.ballofshame.com
Former builder, but still lurking 'cause you're a pretty cool bunch...
Last edited by jcoloccia : 07-09-2006 at 12:19 PM.
|

07-09-2006, 12:49 PM
|
|
Banned
|
|
Join Date: May 2006
Location: Phoenix, Az
Posts: 920
|
|
Beta Testing
"We already know that the version in question was out for BETA testing. The bug report came in, was fixed the same day and a fix was on their website. I just simply fail to see where all the rants against these engineers is coming from. The whole process from beginning to end worked precisely as intended."
So I guess the question now is why anyone would enter the IFR environment with Beta software?????
|

07-09-2006, 03:48 PM
|
 |
|
|
Join Date: Jul 2005
Location: Detroit, MI
Posts: 1,587
|
|
Trapping programming errors
GRT Version 28 is/was indeed a beta and their website warns of this. Yes, it's true there has never been an OS or an application that cannot fail. Yes, you should try to trap all errors. However, IF-THEN-ELSE logic is generally not effective at that. By definition, you have to think of all the ELSE conditions. Some languages are better than others at error trapping. Java comes to mind as does C++. If you write everything [what I like to call] backwards, it does help. For example "if (perform-X != 0) invoke error-handler". This is not perfect but it helps. Of course, using any Windows product means you accept the weaknesses MS built into the OS. That's true for any OS, but infamously true for MS. BTW:I note that GRT uses only a two-fingered salute. . Even if we had perfect programs, the electronic hardware could fail, as could the connectors. What about lightning?
I've been impressed with how much thought GRT gives to failure modes, cross checking within the unit and isolating the components within the unit. For me, their stuff with appropriate backup is as good or better than steam gages in the same price level (total panel). For you, well that's a personal decision.
I think that taking shots at GRT's programmers is probably not the most effective way to analyse the situation, even when they screw up. Do you fly IFR over fog or hostile terrain? On one engine? Without a parachute? without a hand-held radio? When a little fatigued? Is anyone innocent of all these risks all the time?
__________________
H. Evan's RV-7A N17HH 240+ hours
"We can lift ourselves out of ignorance, we can find ourselves as creatures of excellence and intelligence and skill. We can be free! We can learn to fly!" -J.L. Seagull
Paid $25.00 "dues" net of PayPal cost for 2015, 2016, 2017 and 2018 (December).
This airplane is for sale: see website. my website
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 11:46 PM.
|