The most significant of these has been the case of Boeing’s 737 MAX, which has suffered two tragic and catastrophic crashes resulting in extensive loss of life and the grounding of the aircraft.
The suggestion is that these crashes took place because a new anti-stall system on the aircraft (brought in to counter the negative effects of the weight and placement of its new engines by keeping the nose down) is dependent on a sensor that was giving false information, leading to a fatal nose-down attitude for the aircraft.
Thankfully less serious in terms of loss of life was the case of the cruise ship Viking Sky, which narrowly avoided disaster off Norway’s coast when its engines failed in March. Working in collaboration, NMA and class society Lloyd’s Register have initially concluded that the engines were automatically shut down after an alarm indicating low lube oil levels.
Levels were within set limits when the vessel began to cross the 10-mile stretch of coastline. But heavy seas caused movement in the tanks that stopped the supply to the lubricating oil pumps, triggering the alarm. The result was that a vessel carrying 1,300 people was left entirely without motive power in heavy seas. Thankfully, all were airlifted to safety and no lives were lost.
The bitter irony in both these cases is that the systems that seem to have caused disaster were in place to prevent it.
What these incidents make clear is that automation in and of itself will never be a panacea in terms of safety. Automation can minimise the potential for human error at the sharp end, but that in fact places even greater responsibility on the design process to ensure that potentially fatal problems are not being designed into systems.