(CNN) Ethiopian Airlines crash is second disaster involving Boeing 737 MAX 8 in months.

This is a short explainer for readers who aren’t familiar with engineering culture. Besides all the equations, there actually is a culture. This is speculative, intended to help the reader better follow the accident investigation.

Edit: (Reuters) Ethiopian plane smoked and shuddered before deadly plunge. The sounds, smoke, fire, and small articles that trailed from the airplane before it crashed suggest an engine explosion, with containment failure, penetration of the fuselage, and damage to the hydraulics. The damage may have been too severe to save the plane, even without the pitch control problem.

Original post:

An airplane is a   a complex of “systems”. What happens when a system breaks is of great concern to the responsible engineer. The highest degree of design safety is called “fail safe.” There might be argument about what that is. When Sony designed the original 18650 lithium cell, they tried all sorts of things to make it catch fire. They hammered a nail through it. They crushed it. Nothing bad happened. Later, with the 18650 in wide use,  a pallet of such cells brought down UPS Airlines Flight 6.

The UPS crash is a story of the failure of fail-safe. But an airplane can never be fail safe. Like nuclear reactors and fast cars,  they contain too much energy to be made inherently safe. Instead, airplanes rely on redundancy, and what engineers call stability. Commercial jetliners, when operating normally, are described by pilots as easy to fly. The job of flying an airliner has been described as hours of boredom punctuated by occasional terror.

Airliners, by design, are “stable”, which means that the airplane can be trimmed to fly almost straight and level by itself. Here “stable” is actually a lie. The correct word is “controllable”. An airplane can also be designed to be unstable, which has many advantages. The only disadvantage is that it cannot be controlled directly by a human. Instead, the pilot manipulates the stick and rudder, or side-stick, telling a set of computers what he wants the airplane to do. This is called fly-by-wire.

Computer control of airplanes has so many advantages that even airliners, which are “stable”, use such systems. Airbus was the first to adopt fly-by-wire that would block a pilot from executing a command unsafe to the airplane. Boeing’s fly-by-wire is more permissive. Because airliners are “stable”, both brands can and do come with complete manual-control backups, should the computers lose their minds.

Key point: The computers in a fly-by-wire system are at least triple-redundant. Because the system has to work 100% all the time, with grave consequences of failure (even with manual backup!) an extraordinary engineering effort goes into reliability of the hardware and the software.

The 737-Max has one feature that is a slight step in the direction of unstable aircraft, almost all of which are jet fighters. To clear the wings, the larger engines were moved forwards. Moving the engines forward causes a tendency for the plane to pitch up, which risks a stall. But an airplane with a “tendency” is not a new problem. Lots of airplanes have a rough edge here or there.

Boeing decided to smooth around this with a system that would prevent the nose from pitching up. Key point: Because the 737-Max can fly just fine without the system, it was not made triple-redundant. It has been suggested it is  vulnerable to single point failure, the failure of a single part. The optional nature of this feature resulted in a lack of anticipation of what would happen not with the system turned on or off, but at the moment of failure.