Friends have been asking me to guess what happened to the Boeing 777 that crashed while landing at London Heathrow the other day. The preliminary report is that the pilots pushed the throttles forward for more power and the engines did not respond. How is it possible for a $50 million airplane connected to $10 million engines to fail in this manner? The connection is through a collection of software known as a full authority digital engine control (FADEC). There is no mechanical linkage from the cockpit of a Boeing 777 to the engines. If the software fails, the engines cannot be controlled.

Could that ever happen? It happened in 2006, according to

http://findarticles.com/p/articles/mi_m0UBT/is_39_20/ai_n16766814 . One engine was essentially killed by the software while the plane was trying to take off. The failure was traced to “a flawed software algorithm”. If the software flaked out on one engine and the same code runs on both engines, what is to stop the software from failing on both engines at the same time?

http://www.aaib.gov.uk/latest_news/accident__heathrow_17_january_2008___initial_report.cfm is the preliminary report and the best guess answer at this point might be “nothing stops the software from failing on both engines simultaneously”.

[September 2008 Update: Look as though we won’t be able to blame Windows Vista for this one… http://news.bbc.co.uk/1/hi/england/london/7598267.stm talks about the latest report from investigators and has a video. It looks like the problem was simply ice in the fuel system. Why the ice formed when it shouldn’t have and how the engines were both stopped almost simultaneously remain mysteries. Details: official interim report]