July 14, 2025, 04:36:00 GMT
permalink Post: 11921851
The extract below shows that from Idle to 83% N1 took 5 seconds after the initiation of a TOGA, so I think your estimate of 30 seconds is probably too high. However, after reading that report, I am of the opinion that AI 171 had no chance of recovering. If the FCS switches had been set to Run within 5 seconds of being set to Cut Off, there might just have been a chance, but it is not at all certain.
July 14, 2025, 17:48:00 GMT
permalink Post: 11922392
Two questions for
tdracer
:
1. What happens to the FADEC channels if both channels have different data / information (e.g. T/L encoders or fuel switches)?
- Will the currently active channel win?
- Or will the most sensible information be used (e.g. keep the engines running)?
- Will there be a disagree message?
- Logged to the DFDR?
2. As per the data sheet the fuel switches are 4 pole versions. 1 pole will be used for each FADEC channel. Will one (or both) of the other poles be used for the DFDR or is that information collected from the FADEC through some data bus?
I know, it's very specific stuff that might only be known by the designer of the FADEC system.
1. What happens to the FADEC channels if both channels have different data / information (e.g. T/L encoders or fuel switches)?
- Will the currently active channel win?
- Or will the most sensible information be used (e.g. keep the engines running)?
- Will there be a disagree message?
- Logged to the DFDR?
2. As per the data sheet the fuel switches are 4 pole versions. 1 pole will be used for each FADEC channel. Will one (or both) of the other poles be used for the DFDR or is that information collected from the FADEC through some data bus?
I know, it's very specific stuff that might only be known by the designer of the FADEC system.
July 14, 2025, 18:16:00 GMT
permalink Post: 11922406
Two questions for
tdracer
:
1. What happens to the FADEC channels if both channels have different data / information (e.g. T/L encoders or fuel switches)?
- Will the currently active channel win?
- Or will the most sensible information be used (e.g. keep the engines running)?
- Will there be a disagree message?
- Logged to the DFDR?
2. As per the data sheet the fuel switches are 4 pole versions. 1 pole will be used for each FADEC channel. Will one (or both) of the other poles be used for the DFDR or is that information collected from the FADEC through some data bus?
I know, it's very specific stuff that might only be known by the designer of the FADEC system.
1. What happens to the FADEC channels if both channels have different data / information (e.g. T/L encoders or fuel switches)?
- Will the currently active channel win?
- Or will the most sensible information be used (e.g. keep the engines running)?
- Will there be a disagree message?
- Logged to the DFDR?
2. As per the data sheet the fuel switches are 4 pole versions. 1 pole will be used for each FADEC channel. Will one (or both) of the other poles be used for the DFDR or is that information collected from the FADEC through some data bus?
I know, it's very specific stuff that might only be known by the designer of the FADEC system.
Again, not familiar with the specifics of the 787, but on the 747-400/-8, one pole of the fuel switch feeds EICAS - which uses it in various message logic - and sends it out to any other aircraft systems that use it. There is "Digital Flight Data Acquisition Unit) DFDAU (pronounced Daff Du) that takes all the various system digital signals, sorts them and provides them to the DFDR and QAR. The 787 has something similar to the DFDAU but I don't recall what it's called.
July 14, 2025, 18:50:00 GMT
permalink Post: 11922425
... The fuel switch discrete doesn't really get used except for engine start - if it falsely indicates shutdown (on one or both channels), the FADEC won't do anything if the engine is already running. All this will set maintenance faults - and associated EICAS Status messages (L/R ENGINE CONTROL or ENGINE C1)...
July 14, 2025, 21:09:00 GMT
permalink Post: 11922503
Again, not familiar with the specifics of the 787, but on the 747-400/-8, one pole of the fuel switch feeds EICAS - which uses it in various message logic - and sends it out to any other aircraft systems that use it. There is "Digital Flight Data Acquisition Unit) DFDAU .... that takes all the various system digital signals, sorts them and provides them to the DFDR and QAR. The 787 has something similar to the DFDAU but I don't recall what it's called.
The other 2 contact sets feed latching relays (again driven each coil independently by dropping to GND at the switch) that then drive spar valves and reset signals to the FADEC Channels. (and more).
So - for the benefit of those that hang on to the 'possibility' of electrical gremlins and 'ghost' switch signals.
Each switch has 4 mechanically separated 'channels' - 2 of which do electromechanical things to the engines through separate paths, the other 2 feed through independent paths the FDR and the rest of the computer systems. The results of the electromechanical actions also feed back to the FDR.
Thus the readout from the EAFR will PROVE that the switches MUST have been PHYSICALLY MOVED.
And - I'm nervous to challenge you tdracer - there's quite the authority gradient and I know I'm at the bottom end, but I can't let this fly...
Its 'Deefer Doo'. Fight me.
July 15, 2025, 10:26:00 GMT
permalink Post: 11922807
The fuel switch discrete doesn't really get used except for engine start - if it falsely indicates shutdown (on one or both channels), the FADEC won't do anything if the engine is already running. All this will set maintenance faults - and associated EICAS Status messages (L/R ENGINE CONTROL or ENGINE C1). I doubt that would be recorded on the DFDR - it would go to the QAR but that's unlikely to survive a crash. It would also be logged in the FADEC NVM - but again no guarantee that would survive either (although when the Lauda 767 crashed due to the thrust reverser deployment, the DFDR was destroyed but the FADEC NVMs both survived - much of what we know about that crash came from the FADEC NVM.)
Again, not familiar with the specifics of the 787, but on the 747-400/-8, one pole of the fuel switch feeds EICAS - which uses it in various message logic - and sends it out to any other aircraft systems that use it. There is "Digital Flight Data Acquisition Unit) DFDAU (pronounced Daff Du) that takes all the various system digital signals, sorts them and provides them to the DFDR and QAR. The 787 has something similar to the DFDAU but I don't recall what it's called.
Again, not familiar with the specifics of the 787, but on the 747-400/-8, one pole of the fuel switch feeds EICAS - which uses it in various message logic - and sends it out to any other aircraft systems that use it. There is "Digital Flight Data Acquisition Unit) DFDAU (pronounced Daff Du) that takes all the various system digital signals, sorts them and provides them to the DFDR and QAR. The 787 has something similar to the DFDAU but I don't recall what it's called.
I would assume from your statement, that if a mismatch in the NC/NO signal on the switch was detected the FADEC would not direct the Fuel Cutoff Valves to close (as far as the types you are familiar with are concerned), is that correct?
The report states:
[...] at about 08:08:42 UTC [...] the Engine 1 and Engine 2 fuel cutoff switches transitioned from RUN to CUTOFF position one after another with a time gap of 01 sec. The Engine N1 and N2 began to decrease from their take-off values as the fuel supply to the engines was cut off.
The report then states:
As per the EAFR, the Engine 1 fuel cutoff switch transitioned from CUTOFF to RUN at about 08:08:52 UTC. [...] Thereafter at 08:08:56 UTC the Engine 2 fuel cutoff switch also transitions from CUTOFF to RUN.
July 15, 2025, 14:00:00 GMT
permalink Post: 11922968
...
Which actually brings me to this one because I would like to ask for a bit of clarification: By "fuel switch discrete" are you referring to the Fuel Control Switches discussed in the preliminary report?
I would assume from your statement, that if a mismatch in the NC/NO signal on the switch was detected the FADEC would not direct the Fuel Cutoff Valves to close (as far as the types you are familiar with are concerned), is that correct?
...
Which actually brings me to this one because I would like to ask for a bit of clarification: By "fuel switch discrete" are you referring to the Fuel Control Switches discussed in the preliminary report?
I would assume from your statement, that if a mismatch in the NC/NO signal on the switch was detected the FADEC would not direct the Fuel Cutoff Valves to close (as far as the types you are familiar with are concerned), is that correct?
...
July 16, 2025, 21:26:00 GMT
permalink Post: 11924011
787 has RDC's - Remote Data Concentrators. Doing the same function. Two of the switch pole-sets go each to one of 2 different RDC's, that feed the EAFR's / QAR, and the common core network so that any system that wants to know, can. The wiring is positive voltage from the RDC's to the switch and to GND through the common pin. So the RDC's would be able to detect anomalies such as both contacts open, or both contacts closed. The EAFR will see two independent channels per switch.
The other 2 contact sets feed latching relays (again driven each coil independently by dropping to GND at the switch) that then drive spar valves and reset signals to the FADEC Channels. (and more).
So - for the benefit of those that hang on to the 'possibility' of electrical gremlins and 'ghost' switch signals.
Each switch has 4 mechanically separated 'channels' - 2 of which do electromechanical things to the engines through separate paths, the other 2 feed through independent paths the FDR and the rest of the computer systems. The results of the electromechanical actions also feed back to the FDR.
Thus the readout from the EAFR will PROVE that the switches MUST have been PHYSICALLY MOVED.
The other 2 contact sets feed latching relays (again driven each coil independently by dropping to GND at the switch) that then drive spar valves and reset signals to the FADEC Channels. (and more).
So - for the benefit of those that hang on to the 'possibility' of electrical gremlins and 'ghost' switch signals.
Each switch has 4 mechanically separated 'channels' - 2 of which do electromechanical things to the engines through separate paths, the other 2 feed through independent paths the FDR and the rest of the computer systems. The results of the electromechanical actions also feed back to the FDR.
Thus the readout from the EAFR will PROVE that the switches MUST have been PHYSICALLY MOVED.
July 17, 2025, 04:18:00 GMT
permalink Post: 11924121
Two more questions for
tdracer
;-)
Are the FADECs able to drive the fuel shutoff valves as well? I would guess that this might be used for N2 overspeed protection (and therefore TCMA as well). If there is an overspeed there would be a good chance, that the fuel control/metering doesn't work as it should.
I am not asking to revive the switch discussion - I am just curious.
And one more question: Are the fuel shutoff valves powered by the PMG for the FADECs? I know the valves are latching so that a power failure of any kind wouldn't change their position.
Are the FADECs able to drive the fuel shutoff valves as well? I would guess that this might be used for N2 overspeed protection (and therefore TCMA as well). If there is an overspeed there would be a good chance, that the fuel control/metering doesn't work as it should.
I am not asking to revive the switch discussion - I am just curious.
And one more question: Are the fuel shutoff valves powered by the PMG for the FADECs? I know the valves are latching so that a power failure of any kind wouldn't change their position.
The HPSOV is driven by the aircraft using 28 Vdc power from the battery bus. The FADEC isn't involved - although it does get an indication of the fuel condition switch position, but that's not used except during starting. A 'false' fuel condition switch input of Cutoff will not cause the FADEC to do anything once the engine is running.
July 17, 2025, 07:46:00 GMT
permalink Post: 11924194
I'm confident I'm far from alone. I do take objection to the connotations of your suggestion that my motivation is to "just to satisfy [my] curiosity". If you read what I wrote, my motivation has nothing to do with anything as trivial as satisfying my curiosity. But I'm assuming you meant no offence.
However, the 'bottom line' is that you're almost certainly correct and this investigation will carry on for however long the investigators choose to take, while choosing to reveal or withhold whatever they chose to reveal or withhold, and ICAO will continue to do the things that bureaucracies tend to do. In the meantime, the thousands of family members and friends of the deceased will be at the mercy of speculation and leaks of unknown origin.
However, the 'bottom line' is that you're almost certainly correct and this investigation will carry on for however long the investigators choose to take, while choosing to reveal or withhold whatever they chose to reveal or withhold, and ICAO will continue to do the things that bureaucracies tend to do. In the meantime, the thousands of family members and friends of the deceased will be at the mercy of speculation and leaks of unknown origin.
Early releases of unvetted data can not only cause unproductive public reactions, it can result in external pressures being applied to the investigative team that can adversely affect their ability to come to the correct cause. Furthermore, I cannot recall a single preliminary report that contained anything like an actual CVR transcript. Those are routinely included in the final report, but not preliminary reports. About the only time you'll see unvalidated information is when there is a suggestion that there is an imminent air safety threat - in which case appropriate emergency inspections are ordered (sometimes even aircraft groundings).
I have a pretty vivid memory: In the aftermath of the Chicago DC-10 crash when the engine ripped off the wing, a couple of days later some department head (I don't remember if he was FAA or NTSB) stood on the podium holding a broken bolt and pronounced that it was the reason the engine came off. Unvetted information that turned out to be complete BS - but resulted in massive outrage that 'the engine was held on by one bolt' - more BS. Fortunately it didn't derail the investigation - and even had a silver lining in that the order bolt inspections lead to the discovery of the actual pylon structural damage that had caused the engine mount to fail. Similarly, after the Columbia Space Shuttle disaster - I watched the clueless head of NASA stand in from of the TV cameras and state as fact that a piece of foam could never have punched a hole in the Columbia wing (obviously never studied that mass*velocity squared thing) - which of course we again know was complete BS.
I've been involved in a few fatal accident investigations - the big one being the Lauda 767, where I was called in early. I was one of the first people to see the FADEC NVM readout that made it painfully obvious that the T/R had deployed at 23,000 ft. - something that we didn't think could happen. We (Boeing) had missed something, and a lot of people had died as a result. It really bothered me (more than once during that investigation, when I got home from work, I just sat down and drank a large glass of Scotch). And not being able to discuss any of it with anyone not involved in the investigation just made it worse. But I knew the rules, understood why there where there, and I followed them.
July 17, 2025, 13:29:00 GMT
permalink Post: 11924405
I have not posted on here in many years, but I feel compelled to do so now. I am a current 787 pilot and I have previously flown most Boeing types and an Airbus too. I also have an extensive background and qualifications in human factors, training and assessment. Before anybody reads any further, perhaps acquaint yourself with the notion of Occam's razor. That is, the simplest explanation is the most likely explanation. I was certain that after the preliminary report was released the preposterous conspiracy theories would finally cease, but no! It's 2025 and humans can no longer help themselves. In my opinion the captain committed suicide here. Simple.
To those suggesting an electrical phantom turned the fuel control switches off without them moving: no. Ask yourselves this: what made one pilot (PF and F/O in my opinion) ask the other "why did you cut off?" Firstly, some context. The 787 fuel control switches make a VERY distinct metallic *CLICK* sound as they are operated. EVERY 787 pilot knows it and won't forget it. It is audible even at high thrust settings owing to the 787's exceptionally quiet engines and cockpit. After rotation the pilot flying is fixated on the HUD; rotating towards the TOGA reference line (~12 degrees pitch attitude) and putting the flight path vector over the flight guidance cue. One hand would be on the control column and the other on the thrust levers. Alternatively he could have had both hands on the control column. In either scenario, the pilot flying's (again, my opinion the F/O's) inboard arm would block his peripheral view (he's focused on the HUD, remember) of the center pedestal and the fuel control switches. HE WOULD NOT SEE THE PM TURN THE FUEL CONTROL SWITCHES OFF. Ipso facto. We know the F/O was PF from the report. If the F/O stopped flying the aircraft and reached down to move the FCS from cutoff to run the captain would've plainly seen the whole thing. I can't imagine "why did you cutoff?" would be his words of choice! More like "WTF ARE YOU DOING?!?" More to the point, if the PF (F/O) did stop flying and reach down to cut one engine off, the captain would have had time to either stop him flicking the second FCS off or at least quickly flick them both back to run and potentially save the day. This plainly did not happen. So it was almost certainly the PM (Capt) that moved the fuel control switches.
So what would make the PF ask the PM "why did you cut off?" if he couldn't see it happen? You would never assume with a loss of thrust that the switches had been turned off. Never. It's not a procedure. It's not a thing. Bird strike? Sure. Fuel Contam? Maybe. But the point is, in the heat of battle at 150 odd feet, you'd never jump to the conclusion that the fuel control switches were off. Never. So what triggered the PF asking the PM why he cutoff? Because he HEARD the fuel control switches move from run to cutoff, that is why. He heard those distinctive *CLICK* sounds (and yes, you can easily flick them both in less than a second FWIW) followed by the engines immediately rolling back. He would then have looked down at the switches and noticed they were in cutoff. The point to be made here is that the switches were moved by the captain. They made their distinct sound. There were no phantoms. They cannot move on their own. They didn't simultaneously fail. This drew the PF's attention away from flying and triggered the question "why did you cutoff"?
Inadvertent selection of the wrong switches? No. The PM was a training captain with thousands of hours experience on the jet. I asked one of our most experienced examiners how many times he'd seen that done. The answer was "zero". Even the stab switches next to them. They're red, guarded and are of a completely different shape and operation. Gear or flap? Come on. I think we're starting to stretch things a bit now. EVEN IF it was inadvertent switching. The INSTANT you'd made that error, you'd go "oh whoops", and flick them back to run. I know startle... I teach it. This is different. You don't flick the fuel control switches off, hear the engines roll back and sit there wondering what happened for 10 seconds AFTER THE F/O JUST ASKED YOU IF YOU CUTOFF! You did something that had an instant effect on the flight. The report indicates that "why did you cutoff" was asked just after both engines rolled back. But it took another 10 seconds to flick the FCS' back to run. If it was inadvertent, the instant the other pilot called out your error you'd correct it. The report makes it clear that there was 10 seconds between that happening. 10 seconds is a LIFETIME in that situation. The training captain knew what he was doing. He only switched the FCS' back to run once he knew it was moot.
So, why did he respond that he didn't move the switches? As per other input from people on here, when people are suicidal they often want to throw authorities off their trail. Or maybe he wanted to confuse the F/O so he didn't flick them back to run himself, or to just buy himself more time while the F/O tried to wrap his head around things? Maybe he didn't want the F/O to die knowing it was a suicide mission. Maybe we'll find out more in the final report or police investigation if things proceed that way. Maybe we'll never know.
I acknowledge that this is my opinion and of course there could be things we don't yet know about, but I must say I'm surprised that some of the theories on this professional pilot forum are no more coherent or logical than those being sprouted on social media.
To those suggesting an electrical phantom turned the fuel control switches off without them moving: no. Ask yourselves this: what made one pilot (PF and F/O in my opinion) ask the other "why did you cut off?" Firstly, some context. The 787 fuel control switches make a VERY distinct metallic *CLICK* sound as they are operated. EVERY 787 pilot knows it and won't forget it. It is audible even at high thrust settings owing to the 787's exceptionally quiet engines and cockpit. After rotation the pilot flying is fixated on the HUD; rotating towards the TOGA reference line (~12 degrees pitch attitude) and putting the flight path vector over the flight guidance cue. One hand would be on the control column and the other on the thrust levers. Alternatively he could have had both hands on the control column. In either scenario, the pilot flying's (again, my opinion the F/O's) inboard arm would block his peripheral view (he's focused on the HUD, remember) of the center pedestal and the fuel control switches. HE WOULD NOT SEE THE PM TURN THE FUEL CONTROL SWITCHES OFF. Ipso facto. We know the F/O was PF from the report. If the F/O stopped flying the aircraft and reached down to move the FCS from cutoff to run the captain would've plainly seen the whole thing. I can't imagine "why did you cutoff?" would be his words of choice! More like "WTF ARE YOU DOING?!?" More to the point, if the PF (F/O) did stop flying and reach down to cut one engine off, the captain would have had time to either stop him flicking the second FCS off or at least quickly flick them both back to run and potentially save the day. This plainly did not happen. So it was almost certainly the PM (Capt) that moved the fuel control switches.
So what would make the PF ask the PM "why did you cut off?" if he couldn't see it happen? You would never assume with a loss of thrust that the switches had been turned off. Never. It's not a procedure. It's not a thing. Bird strike? Sure. Fuel Contam? Maybe. But the point is, in the heat of battle at 150 odd feet, you'd never jump to the conclusion that the fuel control switches were off. Never. So what triggered the PF asking the PM why he cutoff? Because he HEARD the fuel control switches move from run to cutoff, that is why. He heard those distinctive *CLICK* sounds (and yes, you can easily flick them both in less than a second FWIW) followed by the engines immediately rolling back. He would then have looked down at the switches and noticed they were in cutoff. The point to be made here is that the switches were moved by the captain. They made their distinct sound. There were no phantoms. They cannot move on their own. They didn't simultaneously fail. This drew the PF's attention away from flying and triggered the question "why did you cutoff"?
Inadvertent selection of the wrong switches? No. The PM was a training captain with thousands of hours experience on the jet. I asked one of our most experienced examiners how many times he'd seen that done. The answer was "zero". Even the stab switches next to them. They're red, guarded and are of a completely different shape and operation. Gear or flap? Come on. I think we're starting to stretch things a bit now. EVEN IF it was inadvertent switching. The INSTANT you'd made that error, you'd go "oh whoops", and flick them back to run. I know startle... I teach it. This is different. You don't flick the fuel control switches off, hear the engines roll back and sit there wondering what happened for 10 seconds AFTER THE F/O JUST ASKED YOU IF YOU CUTOFF! You did something that had an instant effect on the flight. The report indicates that "why did you cutoff" was asked just after both engines rolled back. But it took another 10 seconds to flick the FCS' back to run. If it was inadvertent, the instant the other pilot called out your error you'd correct it. The report makes it clear that there was 10 seconds between that happening. 10 seconds is a LIFETIME in that situation. The training captain knew what he was doing. He only switched the FCS' back to run once he knew it was moot.
So, why did he respond that he didn't move the switches? As per other input from people on here, when people are suicidal they often want to throw authorities off their trail. Or maybe he wanted to confuse the F/O so he didn't flick them back to run himself, or to just buy himself more time while the F/O tried to wrap his head around things? Maybe he didn't want the F/O to die knowing it was a suicide mission. Maybe we'll find out more in the final report or police investigation if things proceed that way. Maybe we'll never know.
I acknowledge that this is my opinion and of course there could be things we don't yet know about, but I must say I'm surprised that some of the theories on this professional pilot forum are no more coherent or logical than those being sprouted on social media.
For those asking why not wait a bit longer before throwing the switches and hard nose down, why bother? Roll them back here, cause a startle that is JUST long enough and then let gravity and the FADEC start a race. No resistance needed.