Previous IssueIndexNext IssueInfoSubmit ArticleFTPDo not even think about clicking on this button
 

The Risks Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8: Issue 59

Tuesday 18 April 1989

Contents

o More on the British Midlands 737 crash
Robert Dorsett
o Computers and Food Poisoning [anonymous]
o The dangers of electric seatbelts (was: windows)
Clements
o Re: The dangers of electric windows
Daniel Klein
o Newspaper Cartoons and Computer Infallibility
G. McClelland
o Re: Thoreau and Navigation
David A Honig
o "Journalist Vigilantes"
Walter Roberson
o Hazards of RF near electronic controls
Dana Myers
o Info on RISKS (comp.risks)
---------------------------------------------

More on the British Midlands 737 crash

Robert Dorsett <mentat@dewey.cc.utexas.edu>
Tue, 18 Apr 89 14:47:36 CDT 
The following editorial appeared in the 1 April 1989 issue of FLIGHT
INTERNATIONAL.  It seems to indicate that a bevy of old, controversial issues
are bubbling to the forefront again:  technical training for pilots, cross-type
ratings, cockpit design, EROPS reliability, and computer-assisted information
systems.

  In the hours that followed the crash of a British Midland Airways Boeing
  737-400 on Britain's M1 motorway, the airline industry harbored fears that
  the accident held terrible significance for the burgeoning business of flying
  twinjets for long distances over water.

  Dual engine failure was soon ruled out as a cause of the British Midland
  crash, but with last week's publication of its special bulletin on the
  accident, the United Kingdom Air Accidents Investigation Branch has raised
  new issues with equal significance to extended- range operations (EROPS). ...

  What possible significance can the crash of a short-haul airliner on a hop
  from London to Belfast have to the safety of aircraft crossing and recrossing
  the world's oceans?

  While the AAIB's special bulletin makes no attempt to determine the
  accident's cause, or to apportion blame, it details a sequence of events
  which could easily have occurred in mid-ocean, with equally disastrous
  results.

  The sequence begins with the failure of a fan blade in the 737's left
  engine, producing symptoms which the crew wrongly diagnosed as a problem with
  the right engine.  Those symptoms included vibration, plus smoke and the
  smell of burning carried by the air conditioning in the cockpit.

  After examining systems recovered from the crashed aircraft, the AAIB is
  certain that the cockpit instruments correctly indicated severe vi- bration
  in the left engine.  Investigators note, however, that pilots distrust
  aircraft engine vibration indicators, based on experience with earlier
  electromechanical instruments.  Crews seem unaware that electronic indicators
  on later 737-300's and the 737-400 are more accurate.

  Another example of mythology triumphing over knowledge is the apparent
  perception among 737 crews that cockpit air conditioning comes solely from
  the right engine, and that smoke and burning smells in the cockpit tend to
  indicate fire in the right engine.  In fact, air supplied to the cockpit
  comes from both engines, in a 70:30 right: left mix.

  Whether either of these misconceptions played a part in the British Midlands
  crash is not addressed in the AAIB's special bulletin, but FLIGHT understands
  that accident investigators have become increasingly concerned at the level
  of technical knowledge expected of airline pilots.

  The issue of technical knowledge takes on new significance in a two-crew
  twinjet flying 1200 nm from the nearest airport.  Theoretically, the
  information systems in modern widebody airliners should provide the crew with
  everything they need to know, and prompt them to take timely and correct
  actions to cope with any emergency.  This assumes that the crew understands,
  and trusts, what the system tells them, however.

  In mid-ocean, a high degree of mutual man-machine trust is essential.
  Information supplied to the crew must be trustworthy--and be known to be
  trustworthy--and knowledge must triumph over crew mythology.  That means
  better technical training for pilots.  The alternative for safe EROPS is to
  reintroduce that much-maligned breed, the flight engineer.

  Three months after the M1 crash, the AAIB is still piecing together what
  happened on Flight BD092, despite having ready access to the crew, the
  wreckage, and good recorded flight data and cockpit voice.  It will be months
  before the final accident report is published.

  If an EROPS aircraft goes down in mid-ocean, what the cause might never be
  discovered" (sic).
---------------------------------------------

Computers and Food Poisoning

<[anonymous]>
Tue, 18 Apr 89 11:07:37 PDT 
A controversy is currently before Congress over a Dept. of Agriculture plan to
cut in half (from around 2000 to around 1000) the number of meat plant
government inspectors.  Part of the rationale for this change (which is being
protested by numerous consumer watchdog groups and many meat inspectors
themselves) is that a new computer system allows for very precise "targeting"
of the plants which are most likely to have problems, thusly (supposedly)
allowing for fewer visits to plants the computer considers "safe" based on
various parameters (including past history, etc.)

However, in testimony before Congress, current inspectors have (at risk to
their own jobs) testified that the computer system being used is not reliable.
Reports have indicated that it makes mistakes about even very "simple" data
items, including sending inspectors to plants when they are closed.  This
certainly doesn't raise one's hopes about the more complicated data factors the
system must also handle! One inspector pointed out how the computer forbid him
going to a particular plant because the model deemed that plant "safe".  But
based on his own knowledge, he went there anyway, and found serious food
poisoning contamination.

Most watchdog groups feel that we need MORE meat inspectors, not less.  For the
federal government to use questionable computer models as an excuse for
slashing meat inspection seems to show extremely poor judgement and a
considerable risk.

Anyone for a burger?

  [If you do eat meat, support your friendly natural meat producers.  The
  computer model undoubtably ignores growth hormones, dyes, antibiotics in
  the grain feed, etc., even at dangerous levels.  By the way, whistleblowers
  seem to deserve some anonymity, for otherwise the watchdog might get turned
  into a hotdog.  (Bribing the inspector with free drinks might be called
  `Wetting your Whistleblower'.)  PGN]
---------------------------------------------

The dangers of electric seatbelts (was: windows) (RISKS-8.58)

<clements@BBN.COM>
Tue, 18 Apr 89 15:21:06 -0400 
On my last vacation trip, I rented a car with "Automatic Seat Belts".  In this
particular car, at least, these have a very powerful motor and no manual
override once they start moving.  I found them really scary.

When I commented on them while returning the car, the agent said (paraphrased):
"Yeah, they're pretty bad.  We had one catch a lady's earring in the belt and
it ripped part of her ear off."
---------------------------------------------

Re: The dangers of electric windows [RISKS-8.58]

Daniel Klein - 412/268-7791 <dvk@SEI.CMU.EDU>
Tue, 18 Apr 89 11:16:04 EDT 
One nice thing about driving an Alfa Romeo (which has power windows) is that in
my 1978 model, a hand crank was provided as a manual override to the power
motor (the crank was stored in the glovebox).  The newer models don't have this
feature since, according to the mechanic, the window motors just never went bad
(I'll believe him - my 1987 has had *nothing* go wrong anywhere on the entire
vehicle).

Of course, in the event of a water landing, I will simply pop the roof and
punch out vertically.  And they tell me the Alfa isn't a practical car! :-)
                        -Dan
---------------------------------------------

Newspaper Cartoons and Computer Infallibility

<MCCLELLAND_G%CUBLDR@VAXF.COLORADO.EDU>
Tue, 18 Apr 89 07:39 MST 
  From today's Hi & Lois newspaper cartoon strip:

  Clerk [to Hi]:  I'm afraid we're out of stock on that item, sir.

  Hi:  I found it on the rack.  I just want to buy it.

  Clerk:  Sorry, but we can't sell something the computer says we don't have...

                                                  [More like Hi and Dry!  PGN]
---------------------------------------------

Re: Thoreau and Navigation

David A Honig <honig@BONNIE.ICS.UCI.EDU>
Tue, 18 Apr 89 08:30:05 -0700 
> It should be borne in mind, however, that Thoreau was speaking of the
> tables calculated by HUMAN calculators, not machines.  ...

Agreed, the tables were computed by humans, but then, who writes software, who
designs hardware?   :-)

The general issue is:  What are the risks involved in trusting one's artifacts,
whether they are instruments, tables, computational theories, algorithms,
machines, etc.?
---------------------------------------------

"Journalist Vigilantes"

<Walter_Roberson@carleton.ca>
Tue, 11 Apr 89 20:11:17 EST 
An article by Gary Marx, in the local weekend paper, but apparently reprinted
from The Christian Science Monitor, discusses the trend towards TV news shows
using videos filmed by amateurs with video recorders. The article, entitled
"\Bold{Cower!} You're on candid camcorder" in the local edition, mentions
several points quite familiar to long-standing RISKS readers (eg, "It is
possible to create images not found in reality and to mix real and imaginary
images,"), but is interested as one of few publically newspaper articles that
concern themselves specifically with the risks to privacy that technology can
easily bring about. Some parts extracted from the article:

 'Information technology in private hands can offer documentation and
alternative views. [...]
  Without appropriate policies, there is a danger of creating a group of
journalistic vigilantes who will offer fraudulent or contrived news, invade
privacy, and debase the quality of television news. [...]
  Camcorders are at least visible, but tiny hand-held video cameras the size
of a deck of cards can also be purchased along with cameras hidden in picture
frames, mirrors, briefcases, and even books.
  Our lives may increasingly become episodes in someone's version of
\it{Candid Camera}. [...]
  Video cameras must be considered alongside other potentially invasive
information technologies such as miniature voice-activated tape recorders,
devices for remotely monitoring telephone and room conversations, computer
dossiers, electronic location monitors, and drug testing. [...]
  These new technologies are likely neither to be as harmless as advocates
claim nor as dangerous as critics fear. Their impact will be determined not by
anything inherent in the technology but by the choices we make. "

     -- The Ottawa Citizen, Sat. Apr. 8, 1989, pg B6

 [The trailer notes that Gary Marx is the author of \it{Undercover: Police
Surveillance in America}. ...]

  Walter Roberson <Walter_Roberson@Carleton.CA>
---------------------------------------------

Hazards of RF near electronic controls

Dana Myers <dana@bilbo.LOCUS>
Wed, 12 Apr 89 11:51:50 PDT 
  Dave Horsfall writes:

>  (my 2m HT has) just 3 watts and a rubber ducky... very inefficient

  Well, it may not be really efficient at getting your signal anywhere far, but
a short antenna like that can have very high RF voltages present. I know my
Kenwood TR-2600 (1 or 3 Watts between 144-148 MHZ) would easily reset the
telephone on my desk before we upgraded to a Rolm system, which appears to be
resistant. It isn't the power that upsets electronic devices - it usually is
the voltage. There may be parts of an electronic control which resonate at high
frequencies, and therefore build up large levels of voltage, enough to force a
low logic level high, etc. It is hard to foresee that in the design of a system
which is intended to operate at much lower frequencies.

  The Otis 401, though it did malfunction, also detected the malfunction before
doing anything dangerous. This is a case where the designer could not prevent
RF from upsetting the controls, but did build a mechanism to gracefully cope
with the upset. Even if the control was encased in an RF tight box (which would
likely increase the cost significantly), the ability to cope with RF or EMI
induced upset must be there. Since it isn't often that the control will be
inundated with RF at close range, the design need really only cope the
infrequent case that upset occurs.

Dana H. Myers, WA6ZGB, Locus Computing Corp., Inglewood, CA

---------------------------------------------

Previous IssueIndexNext IssueInfoSubmit ArticleFTPDo not even think about clicking on this button
 

Report problems with the web pages to the maintainer