EASA and Airbus today have issued an emergency airworthiness directive for the A320 family following the investigation of an incident earlier this year in which an aircraft rapidly lost altitude. That flight, operated by JetBlue in a flight from Cancun to Newark on 30 October experienced an un-commanded drop in attitude that resulted in passenger injuries, requiring an emergency landing in Tampa.
Airbus message to operators and media
“Analysis of a recent event involving an A320 family aircraft has revealed that intense solar radiation may corrupt data critical to the functioning of flight controls.” The subsequent investigation identified a vulnerability with the ELAC B hardware fitted with software L104 in case of exposure to solar flares. “This identified vulnerability could lead in the worst case scenario to an un-commanded elevator movement that may result in exceeding the aircraft structural capability,”
“Airbus has consequently identified a significant number of A320 family aircraft currently in-service which may be impacted.”
“Airbus has worked proactively with the aviation authorities to request immediate precautionary action from operators via an Alert Operators Transmission (AOT) in order to implement the available software and/or hardware protection, and ensure the fleet is safe to fly. This AOT will be reflected in an Emergency Airworthiness Directive from the European Union Aviation Safety Agency (EASA).”
Airbus acknowledged that its recommendations will lead of operational disruptions to passengers and customers and apologize for the inconvenience. The company indicated it will work closely with operators, while keeping safety as its number one and overriding priority.
The Airworthiness Directive
That AD can be found here at the EASA website. The AD will affect approximately 6,000 A320 family aircraft, including A319, A320, and A321 models. This is the largest AD in the 55 year history of Airbus and comes just after the A320 family overtook the Boeing 737 as the most delivered commercial aircraft in the world. The AD requires reverting to an earlier version of software for the elevator-aileron computer and is a relatively simple two hour fix for most of the 6,000 plus aircraft affected.
But for about 1,000 of those aircraft, there is a hardware aspect that will also be required, increasing the scope and time for the repair. These repairs are necessary as the existing software, if not corrected, could lead in the worst case to un-commanded elevator movement that could result in loads exceeding structural limitations. Translating, that means that movements could potentially be strong enough to cause the aircraft to crash in a worst case scenario, which has not happened.
The difficult part for airlines is that passenger flight must not be made until repairs are completed, which typically involves a ferry flight to a maintenance facility to complete the require actions. That will entail pulling the aircraft out of service until the repair is made and re-inserting the aircraft into the schedule, likely with another repositioning flight. For those aircraft that require hardware, however, the shop visit will be slightly more extensive and time consuming.
Timing and Disruptions
The software issues will impact airlines differently, based on the software version installed on their aircraft. In this instance, American Airlines has about 340 of its 480 A320 family aircraft impacted, which it should clear by the end of Saturday, while United’s fleet had only six aircraft affected, and Delta about 50 of its neo models. Around the world, schedule disruptions will be the result of this action for multiple airlines, however.
For airlines with robust internal MRO capabilities, the disruption should be able to be handled relatively quickly to return aircraft to service after a software change and testing. But for airlines without internal MRO capabilities, including many low cost carriers flying the type, they will need to find a maintenance center to undertake the repairs at a time when MRO capacity is already constrained. The shortage of maintenance availability could result in added delays for carriers without in-house MRO capabilities.
In the United States, this AD comes during the midst of the Thanksgiving holiday season, which has the largest traffic of any annual holiday period. While the outbound portion of travel was not impacted for holiday travelers, the return portion will be, and is likely to be exacerbated by a major winter storm and air traffic control staffing. This could result in major delays for passengers on some airlines.
The Bottom Line
The loss of data for the system has been determined to be excessive solar radiation causing data loss by corrupting memory in the computer that utilized a new version of the software that was installed shortly before the incident. At the time of the JetBlue flight, we were experiencing a major solar event that enabled the Aurora Borealis to be seen even in some southern US states, a rare occurrence. But aviation safety events are, fortunately, rare occurrences and the industry always reacts when new knowledge becomes available, as in this case. The result, despite a temporary inconvenience, will be safer skies hereon out.
This does, however, reveal additional issues with software, a vulnerable element on an aircraft. After the experience of MCAS on the Boeing 737 MAX, additional scrutiny on software and fly-by-wire controls has been undertaken by the FAA and other regulatory authorities worldwide. It is now likely that countermeasures to solar flares will be required for future aircraft with similar fly-by-wire systems. Engineers at the aircraft OEMs are already evaluating that possibility for their other models, and double-checking their shielding and looking for potential data vulnerabilities.
Fortunately, in this case, no fatal crashes have occurred as a result of the software problem, the root cause of data corruption was identified, and corrective actions developed to correct them within 30 days. Decisive action is important when it comes to safety, and kudos to Airbus and EASA for their diligence, and coming up with a quick fix.
Views: 0
