Posts about: "Fuel (All)" [Posts: 345 Pages: 18]

Before this accident occurred, Boeing whistleblowers were in fact reporting that planes were leaving the line, entering service with defects (including swarf) that would cause accidents many years later.

The TWA 800 airframe was 25 years old at the time of the accident, where arced wiring was implicated in that crash. In the aftermath, industry-wide sampling of aircraft found cracked insulation on wiring, non-factory swarf added by follow-on maintenance, instances where wiring had been re-routed or manipulated in a manner that placed increased strain on looms, etc. Of course the problem with wiring-related problems is that they can produce faults that no engineer could have foreseen or have developed countermeasures for.

Not to be an alarmist, but much has been written about wiring issues on the aging fleet. I tend to believe that maintenance people in earlier generations were more conscientious about their work, where now more than ever corners are cut (beginning at the factory).

I don't have any direct knowledge, but yes, that's my understanding based primarily on tdracer's comments. It also just makes sense. I'm pretty confident that all the necessary hardware already existed because of the need for N2 overspeed protection. A failure in one FADEC channel could drive the FMV fully open, leading to an overspeed and uncontained engine failure. For regulatory purposes, it would be unacceptable to have a single point of failure with catastrophic consequences, so it would be necessary to make the inactive FADEC channel capable of cutting off fuel in that case.

The air/ground signal would've already been present as well. It would be needed for switching between ground idle, flight idle, and approach idle. Tdracer has discussed that as well, in past threads.

Yes. I simplified. The point stands that the throttle needs to be pulled back, as it was in the ANA event, because that was a landing and not a take-off.

First, you posted a good summary. I'd have added "unanticipated hardware fault" and "unanticipated software fault" as generic causes.

Note that the thrust lever actuators are wired to the FADECs, and that the TCMA gets the T/L position from that. For TCMA to trigger, it has to determine that its FADEC (on that engine) failed to achieve a commanded reduction in thrust. So we're either looking at a weird, unprecedented edge case, or a FADEC failure, or both.

It has been mentioned before that this capability existed as part of the N2 overspeed protection: the FADEC would shut down a runaway engine by cutting its fuel before it disintegrates.
The thrust lever sensors are wired directly to the FADEC (and hence the TCMA). No data bus is involved with this item.

With a MCAS crash, it required a hardware problem with an AOA sensor, used as input to a correctly working MCAS, to cause the aircraft to behave erratically. With a correctly working TCMA, I believe it'd require two hardware problems to get TCMA to shut down the engine, as there'd have to be an implausible thrust lever reading, and a FADEC/engine failure to process it within the TCMA allowed range ("contour"?). On both engines, separately and simultaneously.

That leaves a software problem; it's not hard to imagine. The issue is, at this point it's just that: imagination. I could detail a possible software failure chain, but without examining the actual code, it's impossible to verify. We simply don't have the evidence.
I could just as well imagine a microwave gun frying the electronics on both engines. An escaped hamster under the floor peeing on important contacts. A timed device installed by a psychopathic mechanic. There's no evidence for that, either.

This process is a way to psychologically cope with the unexplained accident, but because it lacks evidence, it's not likely to identify the actual cause. We've run the evidence down to "most likely both engines failed or shut off close to rotation, and the cause for that is inside the aircraft". Since the take-off looked normal until that failure, we have no clues as to the cause hidden inside the aircraft. We need to rely on the official investigation to discover and analyse sufficient evidence. The post-crash fire is going to make that difficult.

"Both engines failed or shut off close to rotation" explains all of the evidence : it explains an unremarkable take-off roll, loss of lift, absence of pronounced yaw, loss of electrical power, loss of the ADS-B transponder, RAT deployment, the noise of the RAT banging into place and revving up, emergency signs lighting up, a possible mayday call reporting loss of thrust/power/lift, and a physically plausible glide from a little over 200 ft AAL to the crash site 50 feet (?) below aerodrome elevation .
It explains what we saw on the videos, what the witness reported, where the aircraft ended up, and the ensuing sudden catastrophe.

I don't believe we have evidence for anything else right now—I'd be happily corrected on that.

-----
Edit: the evidence of the crash photo with the open APU inlet door, and the main gear bogeys tilted forward, are also explained by the dual engine failure/shut off.

I'm not suggesting you are wrong wheelsright, my post to you was in response to posts I have made about potential fuel contamination, being removed. A central point of failure is more likely than the simultaneous shutdown by systems on two separate engines at the point at which the aircraft left the ground. If what is being speculated on is possible then all ETOPs approval should be removed and the engine manufacturers told to start again.

If power failed first,
What happens to TCMA sensors like Weight on Wheels? Radio altimeter? Is there one Weight on Wheels per engine? Is there one radio altimeter per engine? If not, why not? Are the TCMA sensors directly powered as part of FADEC? If not, why not?
Is it possible that there was a noticeable loss of thrust caused by loss of fuel pumps and the pilot responded by cycling thrust to zero and back, trying to clear the problem, inadvertently triggering the TCMA?

Suction feed would increase the possibility of vapour lock as the boiling point is temperature and pressure related.

Let me try to answer the questions about which I have some knowledge, as an aerospace engineer:
(I am not sufficiently informed to answer Q4,6 and 7, at the moment)

Yes, overspeed on either resolver channel A or B alone will trip the TMCA fuel-cut logic


G is a single Boolean that FADEC derives from Weight-On-Wheels (MLG and NW) and radio-altimeter. Iit stays \x93ground\x94 until all WOW sensors go inactive (i.e. every wheel is off the runway) and the RadALT exceeds its airborne threshold.


That's very unlikely. Ground/air logic uses small hysteresis (tens to a few hundred ms), but not in the multi-second range



Let's do the math very quickly:
Kinetic energy with a weight of 200,000kg, at Vr = 150kn = 77m/s: E_kin = 600MJ
Rotational energy of a GEnX engine is hard to calculate as I don't find reliable values for the rotary inertia. I found some for a GE90 and could roughly estimate 100MJ of rotational energy for each engine. However, I seriously doubt that this energy could be effectively used to gain thrust, as the thrust will drop very quicjkly after the fuel is cut off.
the required potential energy for a 100ft climb of a 200,000kg 787 is around 70MJ.

This ignores aerodynamic drag, still, 100 ft of climb remains energetically feasible.
However, it as been pointed out several times that the actual climb was higher than 100ft. Already for 200ft I would doubt the validity of my statement above.

There are numerous pictures ot the outside of B787 centre tanks on the net. Does anyone one have any internal pictures, showing the tank floor and fuel pump pick ups?
We know the engines lost power in the initial climb, shortly after rotation. If there was water sitting between the tank lower skin stringers, the rotation would have been the point that the water could tumble over the stringers that were previously preventing its movement. accumulate at the back of the tank and enter both pumps more or less simultaneously.

For background, I worked at Smiths Industries wet fuel testing the B777 gauging system on ground rigs, and at Airbus building and testing fuel tank inerting rigs. I've seen inside Airbus tanks, but not Boeing.

Looking at the GE Aerospace website they appear to offer a remote monitoring service;

If this was on AI 171 presumably they would already know what happened.

https://www.geaerospace.com/commerci...ital-solutions

I had been wondering the same until I read that there is a forward and a rear pickup within the tank. Each pump in the centre tank draws from it's own pickup and is piped to the spar valves and then onto the engines.

In a well designed boat, you'd have each engine feeding from a different tank for the utmost in redundancy, but seemingly not so in all aircraft.

I'd agree, without expert knowledge there would have to be big assumptions, but I expect that Aircraft Flight Engineers could do it. Probably already have.

Sure, actual data is usually more accurate than eyeballed stuff. But not always. In fact, it's often the eye that determines that something measured or calculated is "Off". How accurate is ADS-B data? I've seen FR24 tracks go way off course then suddenly get corrected / interpolated, frequently. The erroneous data seems to be "removed" by their algorithm, but where are the errors arising? Why this inaccuracy, and therefore, how accurate are the datagrams referred to? I know there were no datagrams received during the backtrack that I accept actually occurred, but that's completely different from receiving erroneous ADS-B data.

Sure, the CCTV footage I've seen is very poor, a video, moved about and zoomed, of the CCTV screen. Not easy to judge, but still useful and could be analysed frame-by-frame to compensate for all the extraneous input. Anyway, it's obvious to me that the rate of climb dropped abruptly just before the flight attained its apex, as if thrust was suddenly cut off. Knowing the momentum to altitude conversion, it might be possible to estimate whether that's true or not. The evident RAT deployment supports engine shutdown, not just engines to Idle, doesn't it? In that case, it would be useful to know at what altitude the engine shutdown took place.

Okay, didn't know that, I guess suggests means it's uncertain? Can you tell me from what height to what height it suggests this?

And why all the wrong figures for the height attained, quoted in previous thread? Can't all be the atmospheric conditions.

Haha! Even a stone (the right shape) can do that, and I'm not disputing that kinetic energy can be converted to altitude. Wings are useful for that... Just curious to get an idea of how much in this case.

To be honest, i believe that taking a lot of the evidence into consideration, it is possible to arrive at a limited number of scenarios for what is most likely to have happened.

One fact that alters things substantially is whether the survivor's impression is correct that possibly the engines started to spool up again just before impact. If that's the case then what does that do to the possibility or otherwise that the TMCA system caused a dual engine shutdown?

To me, since the world seems to be watching this forum, and we are getting no feedback from the authorities, what is posted here might be useful in helping the investigators look at things they might not have considered. Besides, as Icarus2001 has kindof suggested, it's probably a very good thing that there are clearly lots of keen eyes on this.

Interestingly enough on Airbus aircraft even when there\x92s fuel in the centre tank the centre tank fuel pumps are switched off automatically after the flaps are extended for takeoff and each engine is fed by its respective wing tank for takeoff. Surprised it\x92s not the case for Boeings

Don't get me wrong, I'm not suggesting for even a moment that Boeing don't do the same thing; I have no idea. I was merely pointing out how the centre tank feeds when it does.

We have an authoritative answer to that question, but only if the TCMA implemented in the FADEC used on the 787 engines functions in the way described in conceptual documents: If one of the two TCMA 'channels' for an engine 'thinks' the shut off criteria are satisfied but the other channel doesn't, the channel which 'thinks' the shut off criteria are satisfied 'wins' and the fuel shut off valve for that engine is therefore given a shut off signal.

Aside from separating the two engines' respective sources of fuel, the Airbus approach also ensures that the pilots can't inadvertently select a centre tank for take off that is empty, or near empty, for a short sector.

I perfectly understand that there is much talking about TCMA here.
There is no direct evidence of what caused the crash but several indirect evidences point towards a near simultaneous shutdown of both engines without any visual clue of a catastrophic mechanical mishap. This leads to suspecting near simultaneous fuel starvation of both engines.
As the purpose of TCMA is shutting down the High Pressure Shut-Off Valve (HPSOV) and thus the fuel feed of an engine, it's normal to collect information on TCMA, on how it works, and on what data feeds it.

However, I hardly understand why there is no similar discussion about the spar valves and the systems that control their opening and closure.

I understand that the B787 spar valves are located in the MLG well, or at least are maintained from within that well.
If the engine shutdown happened when the gear retraction was commanded, that's a location commonality (although it's very unlikely that a mechanical problem happened in both wells at the same time).
Also I understand that there are several systems that command the opening or closing of the spar valves:
- opening: "Engine control panel switch" set to "START", or "Fuel control switch" set to "RUN"
- closing: "Engine fire handle" pulled out. (I wonder if "Fuel control switch" set to "CUTOFF" also closes the spar valve).
Are there direct wires running from these controls to the valves or is there a pair of control units receiving these signals and controlling the valve actuators?
If the latter is true, where are these control units? I guess that the likely location is the aft EE bay. Are they beside each other?

And each FADEC is unique to the engine in which it is hosted. So whilst these may be "autonomous" they still rely on data external to the engine itself such as WoW and Rad Alt where they hold more "sway" than they do in the flight deck.

Are these values recorded in the FDR?

Are values from the FADEC recorded?

Thank you for your reply! There's a lot we agree on; unfortunately, I'll be cutting that from my response here.
Right. ADS-B is transmitted via radio, so reception can be patchy, or obstructed by someone else transmitting on the same frequency (e.g. other aircraft), so not every datagram that the aircraft sends gets received. When that happens, the live display of FR24 assumes the aircraft kept doing what it did, and when another datagram eventually comes in, it corrects the position. It also connects the locations of these datagrams, regardless of whether the aircraft actually went there. For example, in the AI171 there's a 4-minute gap between a datagram sent on the taxiway, and the next datagram sent when the aircraft was off the ground towards the departure end of the taxiway. FR24 then connected these points via the shortest route; but we know that the aircraft actually used the intervening 4 minutes to taxi to the approach end of the runway, where it then started its take-off run. So that was false. (Another source of errors is when different FR24 receivers don't have synchronised clocks, so a mixture of data from these can have weird artifacts as a result.)
However, the datagrams that FR24 actually received were correct. They contain the GPS position of AI171 and its unadjusted barometric altitude, as determined by its onboard instruments. This data is as reliable as the instruments themselves are. (An example here is that the NTSB wasn't sure that the altimeter on the Blackhawk that crashed at Washington-Reagan was accurate; if that is the case, the ADS-B data would also be affected.)

On their blog post at https://www.flightradar24.com/blog/f...rom-ahmedabad/ , FR24 have published the data that they actually received.

Have you ever seen a parabolic trajectory from "the short end"?
Yes.

It's uncertain because the 787 rounds all altitudes it sends to the nearest multiple of 25. The altitudes sent were from 575 ft to 625 ft., but that's MSL and not adjusted for the weather: low air pressure makes that number higher than the actual altitude. FR24 adjusted this to 21ft climbing to 71 ft, but it could've been 30 to 60 or maybe 10 to 80, as it's rounded. I think it's fairly close to 50 feet of climb, though.

1) people taking the MSL altitude literally (625 ft)
2) people adjusting for airport elevation (189 ft), but not for pressure: 437 ft
3) people adjusting for pressure, some adjusting for temperature, get 71 to ~100 feet for the last recorded altitude.
But while ADS-B reception was lost then (or the transmitter lost power), the aircraft continued climbing; examine the cctv video, knowing the wingspan is ~200 feet, we see that the aircraft reached 200 feet but not much more.

The survivor likened the sound to a car engine revving up. If you've listened to a good version of the phone video, you'll have noticed the "vroom" sound at the start that some likened to a motorcycle. That sound is the RAT in action, and you can imagine what that would sound like when it rapidly spins up: like a driver stepping on the throttle with their car engine in neutral. The RAT deploying is a consequence of a dual engine shutdown. It says nothing about whether the TMCA was involved.

[Now I just hope your post is still there as I post this. ]

Disclaimer: the numbers I mention are from publicly available sources, namely Wiki (for the ZFW weight calculation) and a Boeing FCOM dated 2010, and my own estimations.

IMO, if those engines failed just after rotation, there is no way that jet would have got anywhere near 200ft, especially if the fuel was "cut off", as opposed to back to Idle.

At 420k lbs (310k lb ZFW+110k lb Fuel), the (takeoff) V2 Flap 5 is 157kts. The (landing) Vref for Flap 5 I estimate to be at least 160kts (the FCOM I have has no figures for Flap 5 landings; F20 Vref is 154; the manoeuvre speed for Flap 5 is 189). Typically, you'd probably be at V2+15 when you get established in the climb after rotation.

No. With a pitch attitude of around 15\xb0, that's quite a bit of weight being supported not only by the wings but by the engine thrust vector. Cut that and you stop going up very quickly. Note Sailvi's comment above.

ANY reduction in pitch attitude would cause the climb to cease immediately. These aircraft are going so slowly, relatively, and the drag is so high that any small change in pitch attitude will cause an increase in descent rate with very little increase in speed (or no lessening of deceleration).

Not IMO. Basically, the only reason this jet is flying is because of the whopping long thrust vector out the back. It's already almost back at minimum speed anyway for flap 5 so there is very speed to trade. In this case, I wouldn't be trading anything, because the speed reduction rate would be too fast.

My estimate is around 200ft (one wingspan) and I hypothesise the engines were producing plenty of thrust until about 7 seconds, before it stops climbing at around 12 seconds after liftoff.

@Brace , I think you're exaggerating the residual thrust effect at lower RPMs. Of course 70% would get you round the pattern but you're at a much lower drag config and you're going much faster, again less drag. And are improved-climb takeoffs in the 787-8 even a thing? I can't see a two-stage rotation.

I've made up a YT combo video:

tdracer posted - " Commanded engine cutoff - the aisle stand fuel switch sends electrical signals to the spar valve and the "High Pressure Shutoff Valve" (HPSOV) in the Fuel Metering Unit, commanding them to open/close using aircraft power. The HPSOV is solenoid controlled, and near instantaneous. The solenoid is of a 'locking' type that needs to be powered both ways (for obvious reasons, you wouldn't want a loss of electrical power to shut down the engine). The fire handle does the same thing, via different electrical paths (i.e. separate wiring)."

Search this thread for "HPSOV" if you need confirmation of the quote.

Note there are two shut off fuel valves per engine - the HPSOV and the Spar valve. Both stay where they are if power is lost.