Page 1 of 1

Nanny autopilots

Posted: Sat Apr 20, 2019 11:42 pm
by Rich
The "flight envelope protection" craze is causing inclusion of things that aren't ready for prime time. First the 737 Max and now this:

https://www.flyingmag.com/faa-grounds-c ... ision-jets

I have also noticed a function of the GFC500 that smacks of this kind of thing.

Re: Nanny autopilots

Posted: Sun Apr 21, 2019 10:04 am
by krellis
The Boeing 737 Max MCAS is a whole different animal. It was installed as a "patch" for a handling quality issue at high AOA and high power. Stick force gradients are spelled out in FAR Part 25 and my understanding is that the Max was quite different in this corner of the envelope vs the earlier 737 models. Boeing wanted a common type rating with minimal differences training. Not excusing how they implemented MCAS, however. I fly the 737NG but not the Max.

The ESP on the Garmin is designed to help with loss of control. You can inhibit it (at least on the experimental G3X) and the blue LVL button can be used when disoriented. Personally, I think it's a good feature to have, especially when flying single pilot IFR. I have the Garmin system on RV-7A and will have it on the RV-10 I'm building. The RV-7A is very responsive (some call it twitchy), so a good autopilot adds a margin of safety. I don't find ESP to be a nanny.

Re: Nanny autopilots

Posted: Sun Apr 21, 2019 2:28 pm
by Rich
My point is that these capabilities need to be implemented in a fail-safe way, regardless of the motivation. Otherwise they cause negative outcomes.

An example of a fail-safe for a feature would be the cruise-control on my motorcycle. Though the CC is not in itself a safety feature, in order to avoid the theoretical outcome of a run-away condition, there are numerous normal actions a rider would naturally take in response to such an event, such as hitting either brake or pulling the throttle. The bike has dual-inputs for these various things and cross-checks that all are functioning. If any of the cross-checks fails, the CC is disabled and can not be armed. So the worst case is you just have to control speed normally. That is fail-safe.

BTW, the "nanny" reference is meant to be a humorous endearment, sorry about that. I drive a nanny car that, after every drive, offers me a critique of how well I did with respect to conserving fuel. Gotta love it. Of course, it also has auto-braking TCS/ABS, etc. common these days. No complaints from me.