What the engineers at Airbus and Harland & Wolff have in common
Thinking about the unintentional and contra-indicating stall warning signal of AF 447 I was struck by the common theme between the AF 447 crash and the Titanic’s sinking. In both we see a system being operated in a way unanticipated by the designers, with this unanticipated operation subverting their design’s safety barriers.
In the case of the Titanic it was the decision by the OOW to put the helm hard over that negated the watertight subdivisions of Harland and Wolff that were predicated on a head on collision. In the case of AF 447 it was the aircrews flight into a deep stall with it’s low forward air speed that negated the stall warning protection.
In neither case were these implicit assumption about how the system should be operated clearly communicated from the designers to the operators. As a result the operators had no idea that their actions would have the consequences that they did. Had these assumptions been made visible one can imagine the interesting discussion that might have ensued.