Posts about: "MEL" [Posts: 22 Pages: 2]

Page Links: First  Previous  1  2  Last  Index Page

Someone Somewhere
2025-07-01T10:19:00
permalink Post: 11914164
Originally Posted by adfad
We know (from the 248-day bug) that full AC power failure is possible and we see from the RAT and landing gear orientation that full AC power failure was likely within ~10 seconds of leaving the ground.
I believe that particular bug is fixed, though it's always possible there's other issues causing a total AC loss.

Not really relevant to what you quoted though, as the scenario in question requires:
  • Engines running on centre tank fuel during takeoff while the aircraft is operating normally
    • We don't know for certain if this is the case. It seems to be but it's not something that happens on other families.
  • Then, total AC failure stopping fuel boost pumps.
  • Engines suction feed from contaminated/full-of-water wing tanks.

I also don't see any evidence that engine driven fuel pumps alone must be able to handle this scenario: provide enough fuel flow for takeoff and climb, even while the pitch is rotating, even in a hot environment with significant weight, even while the gear is stuck down.

I know that the engine driven pumps have documented limitations and that the regulations allow for some limitations. I know that at least one of these limitation is high altitude and I _suspect_ that the design intends for this unlikely scenario (engine driven fuel pumps alone with no AC pumps) to guarantee enough fuel flow to get to an airport and land. I also suspect that the APU is expected to solve loss of all AC generators - and as we know, there wasn't enough time for it to start in this scenario.
The aircraft has two engines and should be able to climb out on one, plus it dropped like a rock . 'Significantly degraded' thrust isn't really compatible with what we saw. You'd also expect the engines to recover pretty quickly as it leveled off.

The limitations at high altitude are primarily air/volatiles degassing out of the fuel. That's not going to be much of an issue at sea level, even if the engines are a bit higher up during rotation.
APU is a nice-to-have; it's on the MEL. If you lose all four generators, it's because of some major carnage in the electrical software/hardware and chances of putting the APU on line even if it's operating are very slim.

1 user liked this post.
adfad
2025-07-01T12:55:00
permalink Post: 11914255
Originally Posted by Someone Somewhere
I believe that particular bug is fixed, though it's always possible there's other issues causing a total AC loss.

Not really relevant to what you quoted though, as the scenario in question requires:
  • Engines running on centre tank fuel during takeoff while the aircraft is operating normally
    • We don't know for certain if this is the case. It seems to be but it's not something that happens on other families.
  • Then, total AC failure stopping fuel boost pumps.
  • Engines suction feed from contaminated/full-of-water wing tanks.

The aircraft has two engines and should be able to climb out on one, plus it dropped like a rock . 'Significantly degraded' thrust isn't really compatible with what we saw. You'd also expect the engines to recover pretty quickly as it leveled off.

The limitations at high altitude are primarily air/volatiles degassing out of the fuel. That's not going to be much of an issue at sea level, even if the engines are a bit higher up during rotation.
APU is a nice-to-have; it's on the MEL. If you lose all four generators, it's because of some major carnage in the electrical software/hardware and chances of putting the APU on line even if it's operating are very slim.
As an electronics and software engineer who has read the AD and related materials on the 248 day bug my understanding is that:
  1. The specific 248-day integer overflow was patched, and before the fix was rolled out, the AD required this system to by power cycled every 120 days to prevent overflow
  2. The PCU software still has the functional requirement to be able to command all AC GCUs to enter failsafe mode, this means that while the initial bug was fixed, the ability for this particular software system to command the same result is still a functional part of the architecture - presumably for safety management of the AC system
  3. This was not the first or last "software overflow error" issue in Boeing or even in the 787
Although I'm not qualified in aviation engineering I do believe from an engineering safety standpoint that this architecture creates a rare but entirely feasible scenario in which the aircraft would be without AC power for at least 30 seconds until the APU could restore it.

I do agree that the engine driven pumps should be able to provide fuel alone, the whole point of these pumps is to keep the plane flying within some limitations, high altitude is one of those limitations, I propose that there may be others based on the following:
  • Some more knowledgable people here have proposed or countered vapour lock, fuel contamination and automatic fuel cut-off theories to various degrees - even if these are not enough on their own, loss of electrical during rotation at high temperature could combine with these in a way we have not yet considered
  • Thrust is nonlinear, and while I'm not qualified to say how much loss of fuel flow or loss of thrust would be critical in this scenario we do know that it was a hot takeoff with significant weight and gear remaining down - I know others here have run sims but I don't think anyone has focused on specific thrust / fuel flow params
  • While electric fuel pumps might not be physically necessary for takeoff, my final point is: why are they required for takeoff? Is it not to mitigate cavitation, fuel sloshing at rotation, or any other kind of problem that might be relevant here?

Page Links: First  Previous  1  2  Last  Index Page