Attorney at Law Magazine sat down with Shem Malmquist, an aviation expert witness. He keeps busy teaching, writing, researching and working as a full-time Boeing 777 captain, flying global routes. With his pulse on every aspect of the airline industry, he is able to stay current and knowledgeable about any developments. We discussed the origins of his career, his work establishing safety standards and his experience as a witness.
AALM: What experiences led you to pursue aviation?
SM: I had two close friends who always wanted to go to the airport to watch airplanes as a pre-teen. I became interested and obtained some books on the science of flight.
In high school, I had the opportunity to participate in an innovative program that allowed students to obtain a private pilot license with funding from the school. The program was built to be challenging to weed out those who didn’t work hard, while simultaneously providing a strong foundation for those who completed it.
AALM: How did you first come to work as an expert witness?
SM: After writing several books and articles on aviation safety, I was subpoenaed to be an expert witness in a major trial in France. Since then, I have been asked to be an expert witness in several other cases.
AALM: Tell us about some of the cases you’ve worked on in the past. Was there one that stood out more to you than others?
SM: The trial of Air France 447 before the Presidents of Judges in Paris would certainly be the most notable. Quite interesting as the proceedings are conducted under Napoleonic law, as well as in French! Of course, the particular accident itself is one of the most prominent in aviation history.
I have also worked as an expert witness for major air carrier incidents, small aircraft and domestic cases where I have testified regarding airline pilot work rules, pay structures and schedules.
AALM: How has your experience in aircraft accident investigations informed your work as an expert witness?
SM: My work in several major accident investigations, coupled with my extensive safety experience and research has been instrumental in developing my ability to perform as an expert witness. There are many experienced pilots who do expert witness work, but very few who have also worked in accident investigation.
AALM: You’re involved in several organizations. Tell us about one you’re particularly passionate about.
SM: All the organizations bring something to the table. Most of my recent work has been with the SAE where I have worked on standards for transport aircraft certification.
My work with the Royal Aeronautical Society has involved pilot training and competency, specifically for system knowledge and weather.
AALM: You’re on a project tasked with establishing standards for aircrafts designed after 2030. Tell us about the project and the types of parameters you’re evaluating?
SM: Aircraft designed after 2030 will have the advantage of clean-sheet design that can incorporate the most recent technological advances in structures, powerplants, aerodynamic design, systems, and computer hardware and software. It is important to ensure safety is included in the design from the outset, and not added later as a “patch.” A clean-sheet provides the opportunity to do this, and avoid the scenario such as occurred on the Boeing Max where software was added later to make up for problems encountered by the design itself.
As software is, literally, soft, it is not constrained by the types of design choices that come naturally with hardware. Although this can be an advantage in certain cases, it can also lead to problems, which we saw with the Boeing Max. Software also tends to greatly increase the complexity in the design itself, and can make it much more difficult for the human in the system to have an accurate mental model of what it happening.
Computers can be very accurate and reliable until they encounter a scenario outside of the way they are programmed. If the software is designed poorly, it can create safety risks by encouraging trust and leading humans to relax their vigilance, and then the software does something unexpected. A good example of that can be seen in the Tesla accidents.
Future designs need to ensure the software enhances human performance rather than detract from it. The pilots of future aircraft must be provided with the information they need to ensure they have an accurate mental model of the state of the entire aircraft and environment, plus the means to provide the controls necessary to ensure that the aircraft stays safe.
AALM: Tell us about your experiences as an instructor at Florida Institute of Technology.
SM: Currently I am teaching two graduate courses, one in accident investigation and another in safety analysis. I am teaching three senior-level undergrad courses – aerodynamics, advanced aircraft operations and advanced aircraft systems. In addition, I am involved in a fair amount of research. I have authored or co-authored several academic articles, several textbook chapters and a textbook on commercial aviation safety. I am currently also the lead editor on a new book that explores problems of validity and reliability in training and simulation.
AALM: Tell us a little bit about MIT’s System Theoretic Accident Models and Processes (STAMP) and how you’ve applied it in your career.
SM: I became interested in the work at MIT when I was implementing a safety management system in 2009. None were mandated at that time and FAA still have not provided any guidance. Dr. Nancy Leveson had just published a book on the topic, which I acquired. A few months later, I attended a workshop at MIT sponsored by the MIT Partnership for System Safety and Security. The methods derived from STAMP can be used to analyze hardware, software, humans, safety and security. Safety is defined by the stakeholders, but can include everything from loss of human life or property to damage to a brand or financial loss. This broad definition provides a path to analyze many different types of systems and problems.
The theoretical construct for STAMP derives from system theory, which is different than the reliability theory most traditional safety analysis is founded upon.
STAMP, based on system theory, views safety as a control problem so it is not limited by temporal or statistical constraints, but rather on how control and feedback can contribute to doing something unsafe. It allows us to truly understand why a software or human might have taken the action it/they did. It can still capture all the factors the more traditional methods can, but also opens the door to truly understanding the entire system behavior.
All of this and more are part of the topics I teach in several of my courses.
AALM: What goals are you still hoping to accomplish in your professional career? What’s the next big milestone for you?
SM: I am working on my doctoral dissertation, so I suppose that is the next big milestone.
