There are times when a really good auto pilot comes in handy but there will always be situations that exceed the coding behind it.
The goal should be to augment a flight and not regress pilot skills.
It’s one thing to have redundant flight-control computers, actuators on the control surfaces, etc. I wonder how they’re going to get the neessary reliability out of their sensors. How many airline accidents have been cuased by plugged pitot tubes, stuck angle-of-attack sensors, and the like. The simplified control system is only going to work if the plane knows exactly where it is and where it’s going.
They’ll definitely need reliable data. Massive redundancy can help to a large extent. GPS is almost trivially cheap; they can put two independent strings of 3 units each, giving each one 2-out-of-3 voting and two independent strings in case of a more serious failure.
The same is true of the IMUs: accelerometers, gyros, etc. They’re so cheap that you can just put a bunch in.
The external sensing is probably trickier, since AoA units and such aren’t so cheap that you can use a lot of them. Though honestly I wonder if a more modern instrument design isn’t warranted. Pitot tubes are ancient tech, which would be fine if they were truly reliable. But they aren’t; they get iced up and bugs crawl inside and so on. I feel like there’s room here for advancement. I think a combo airspeed/AoA sensor might be doable, too.
It will require software as well. I am not impressed with the software capabilities of major aerospace/avionics manufacturers. It’s absurd that Boeing’s flight software could not figure out that their AoA data was bad and that they needed to use the other sensor. A company that really took software seriously–full hardware in the loop testing, and comprehensive testing of every possible failure mode–would have a huge advantage.
Anyway, I don’t know specifically what they’re planning. It does seem like that space is ripe for disruption, but I obviously appreciate how difficult the regulatory side of things is. But maybe they can make it work with a lean organization, and keeping some of the heavyweight stuff (like the aircraft design itself) outside.
but doesn’t throwing a larger number of sensors bring its own set of problems?
… e.g. conflicting results from them, etc…?
I’m sorry, the idea might have a wonderful goal BUT:
We can’t even manage a 2-D space (autonomous vehicles); going for 3-D with extra added spice like wind shear, bird/drone strikes, visibility seems more like a dream than idea.
The person with two watches is never sure what time it is.
One typical engineering response is to veto the input of one sensor if it disagrees with the consensus of the others, assuming it’s just one odd sensor. Careful calibration and very thoughtful design of tolerances is also needed.
That’s why it’s scary. Boeing didn’t get it right, Crowdstrike didn’t get it right? How many hacks have there been because of an oversight? Driverless cars just stop when they can’t figure out what to do but they’re already on the ground & they don’t fall out of the sky when they shit the bed.
Boeing was stuck that for certification reasons they had to keep everything, even the software, stuck in the 1960s design paradigm of the 737-100. Which, summarizing mightily, is that you have totally independent left and right sides of the plane and only the pilots have access to both sides’ information and only the pilots are able to, and are therefore expected & required to, resolve any side-vs-side discrepancies and do the right thing.
Which does not work at all when the pilots are only taught how to operate the automation, not fly the plane. And works not all that well when the pilots vaguely remember actually flying the plane as they did as young folks 20 years ago, but not so much anymore.
The software on the 777 & 787 doesn’t have those kinds of issues. Becasue it was designed to a later certification standard.
A legit issue raised by the MAX AoA thing is just how many decades and how far behind technologically the FAA ought to allow new machines to be legally defined as derivatives of old machines. The counterpoint is the vast, vast expense and delay avoided by kicking that can down the road one more version. And the airlines’ avid desire to not have to add a whole new type to their existing fleets; the cost of training and spares and … avoided is also simply vast.
Boeing is now embroiled in that mess with the 777X. The Feds keep moving the goalposts so what started as a fairly simple vNext derivative certification is slowly and incrementally being larded with lots of ab initio requirements. Worst of all, they’re retroactive requirements being levied on things that were thought to be long-settled. Leading to suddenly questioning large swathes of existing engineering. And with no real guidance on when/where the Feds will finally say: “We’ve planted our goal posts here. Now you can take up your formation and kick it through the uprights. No more playing Lucy from us. Really.”
Boeing certainly brought a bunch of this on themselves. But they’re being roasted over a slow fire for these past transgressions and it’s unclear they can both stand the torture and go on to deliver a product.
Leaving aside the reliability issue, what information would a computer need in order to fly a plane, and what suite of sensors would be needed to acquire that data?
One GPS receiver would measure position. Would one receiver in the nose and one in the tail be sufficiently accurate to give the planes heading? Would an additional receiver in a wingtip give bank angle?
All of that would give the plane’s position, true orientation, and true velocity. From that it could calculate magnetic orientation and velocity. You’d still need airspeed, angle-of-attack, and an accelerometer to determine coordinated flight. Anything else; wold you need barometric altitude, air pressure, density altitude, or anything else?
Is the GPS being spoofed or jammed? It’s a major problem worldwide, not just in war zones. The US military will have exercises where local GPS is unavailable.
Why not just use a compass & gyro for those?
I had a consumer-grade GPS receiver back when they were fairly new. It was supposed to be able to tell direction, too. You had to lay it flat and slowly turn it in circles in order to calibrate it, and it was still not very accurate. I suppose I’ve been distrusting of compass sensors ever since.
As for a gyroscope, doesn’t that need to calibrate as well? Assuming you’re parked on an airport apron when you start the plane up, the gyroscope will be level when it starts, and any motion it detects will be relative to level. If everything is computerized, though, there’s the possibility that you’ll have to reboot things. If you aren’t going perfectly straight and level when the gyro starts, will it be properly level? That wouldn’t be an issue with multiple GPS receivers, although I don’t know how accurate they are relative to one another.
I suppose this is probably a solved question, since there are fly-by-wire planes already, but I don’t know the answer.
The ATR 72 aircraft appears to be in a flat spin before disappearing behind some trees.
And this of course fails in the (rare, but plausible) circumstance of 2 sensors giving faulty data and 1 being correct - then the correct value is likely to be erroneously discarded. I think this was a major factor in an Admiral Cloudberg piece I read recently, but I don’t recall which one.
You might ask these guys, they just might have some crazy ideas that just might work…
I just saw a different news article about it. More bad news for Boeing…despite it not being one of their planes 
A video of the ATR crash:
Icing suggested at pprune:
That is one flat airplane. Note the man standing just to the right of center in the photograph for scale–the cockpit windows are around knee high.
It might be a slightly different computational problem to fly a plane that is directed and navigated by a computer than one that is responding to human inputs in real time.
It’s extremely unlikely that two sensors will fail in a way that they both give the same faulty data. What you’ll have is three outputs that you can’t decide between. Or rather–because it’s also very unlikely that two sensors will fail at the same time–you’ll have already discarded the outputs of one of them, and you’ll have two that you have to decide between.
Also, while it certainly can happen that a sensor gives plausible but wrong outputs, much more likely is that it fails in an implausible way, say by returning zeroes for everything. And more likely than that is that it stops providing any outputs at all.
At any rate, all this stuff has been known to avionics designers since forever. Redundancy is not some theoretical solution; it’s used all the time. It can be implemented in better and worse ways, of course.
I would be interested in the Cloudberg article if you can find it, though.