Skip Ribbon Commands
Skip to main content
Safety Recommendation Details

Safety Recommendation A-15-018
Synopsis: On April 29, 2013, about 1527 local time, a Boeing 747-400 BCF, N949CA, operated by National Air Cargo, Inc., dba National Airlines, crashed shortly after takeoff from Bagram Air Base, Bagram, Afghanistan. All seven crewmembers—the captain, first officer, loadmaster, augmented captain and first officer, and two mechanics—died, and the airplane was destroyed from impact forces and postcrash fire. The 14 Code of Federal Regulations Part 121 supplemental cargo flight, which was operated under a multimodal contract with the US Transportation Command, was destined for Dubai World Central - Al Maktoum International Airport, Dubai, United Arab Emirates. The airplane’s cargo included five mine-resistant ambush-protected (MRAP) vehicles secured onto pallets and shoring. Two vehicles were 12-ton MRAP all-terrain vehicles (M-ATVs) and three were 18-ton Cougars. The cargo represented the first time that National Airlines had attempted to transport five MRAP vehicles. These vehicles were considered a special cargo load because they could not be placed in unit load devices (ULDs) and restrained in the airplane using the locking capabilities of the airplane’s main deck cargo handling system. Instead, the vehicles were secured to centerline-loaded floating pallets and restrained to the airplane’s main deck using tie-down straps. During takeoff, the airplane immediately climbed steeply then descended in a manner consistent with an aerodynamic stall. The National Transportation Safety Board’s (NTSB) investigation found strong evidence that at least one of the MRAP vehicles (the rear M-ATV) moved aft into the tail section of the airplane, damaging hydraulic systems and horizontal stabilizer components such that it was impossible for the flight crew to regain pitch control of the airplane. The likely reason for the aft movement of the cargo was that it was not properly restrained. National Airlines’ procedures in its cargo operations manual not only omitted required, safety-critical restraint information from the airplane manufacturer (Boeing) and the manufacturer of the main deck cargo handling system (Telair, which held a supplemental type certificate [STC] for the system) but also contained incorrect and unsafe methods for restraining cargo that cannot be contained in ULDs. The procedures did not correctly specify which components in the cargo system (such as available seat tracks) were available for use as tie-down attach points, did not define individual tie-down allowable loads, and did not describe the effect of measured strap angle on the capability of the attach fittings.
Recommendation: TO THE FEDERAL AVIATION ADMINISTRATION: Implement temporary risk-reduction methods any time that required surveillance items for 14 Code of Federal Regulations Part 121 and 135 operators are deferred, and establish appropriate limitations on surveillance deferrals.
Original recommendation transmittal letter: PDF
Overall Status: Closed - Unacceptable Action
Mode: Aviation
Location: Bagram, UN, Afghanistan
Is Reiterated: No
Is Hazmat: No
Accident #: DCA13MA081
Accident Reports: Steep Climb and Uncontrolled Descent During Takeoff, National Air Cargo, Inc., dba National Airlines, Boeing 747 400 BCF, N949CA
Report #: AAR-15-01
Accident Date: 4/29/2013
Issue Date: 7/29/2015
Date Closed: 5/24/2017
Addressee(s) and Addressee Status: FAA (Closed - Unacceptable Action)

Safety Recommendation History
From: NTSB
Date: 5/24/2017
Response: The intent of this recommendation is to ensure that when required surveillance items for an operator are deferred, an alternative method of risk reduction can be used until the surveillance tasks can be completed. For example, when FAA inspectors first learned that National Airlines was transporting heavy cargo on pallets, they could have conducted a risk analysis at the operator’s US base of operations, which may have detected (and ultimately led to the correction of) the airline’s incorrect procedures for restraining such loads. The FAA’s Safety Assurance System (SAS) is an internal process for planning, resourcing, and tracking Part 121 and Part 135 deferred surveillance items; however, it does not specify the risk-reduction methods for operators that are discussed in this recommendation. In addition, although the SAS limits how long surveillance items can be deferred, we are concerned that those limits can be extended. We recognize the unique oversight challenges presented by operators that provide air transportation services to support Department of Defense contracts in locations subject to State Department restrictions on inspector travel; however, when surveillance tasks have been repeatedly deferred for these operators, risks that might otherwise be detected can persist or increase. We continue to believe that when circumstances such as FAA inspector travel restrictions or resource shortfalls result in repeatedly deferring required surveillance tasks, an alternative method of risk reduction could help mitigate risks. However, because you indicated that your actions in response to this recommendation are complete, Safety Recommendation A-15-18 is classified CLOSED--UNACCEPTABLE ACTION.

From: FAA
Date: 2/16/2017
Response: -From Michael P. Huerta, Administrator: The Federal Aviation Administration (FAA) implemented the Safety Assurance System (SAS), which is a risk-based oversight system. SAS is a closed loop process that incorporates five business process modules for the surveillance of part 121 and part 135 operators. The application of each process may vary depending on the type of surveillance, the level of risk, and the business needs of the office. FAA Order 8900.1, Flight Standards Information Management System, Volume 10: Safety Assurance System, Policy and Procedures, and its supporting automation, have risk mitigations in place to plan, resource, and track deferred surveillance items. The following phases of the SAS process describe how the part 121 and part 135 deferred surveillance items are planned, resourced, and tracked: • Planning. The first step in the process of determining risk and scheduling surveillance items starts with the Principal Inspector (PI) and the planning process. The PI reviews risk using the Certificate Holder Assessment Tool (CHAT) and plans surveillance items to address the risk using the Comprehensive Assessment Plan (CAP). This plan is conducted on a quarterly and annual basis. If a surveillance item was not resourced (or deferred) from a previous quarter, then the PI will plan that surveillance item into the current quarter. When the CAP is complete, the Frontline Manager will get a notification to resource the planned surveillance items; and • Resourcing. The manager reviews the plan to determine if there are resources available to support the planned surveillance activities. The manager considers personnel training, availability, workload, and funding. If the manager determines there are not enough resources available to support the planned surveillance items, then he or she will capture the reason for the resource shortfall with a code in the automation and also provide a justification on why the surveillance items were not resourced (or deferred). Additionally, the manager must notify the Pl when a surveillance item is not resourced (or deferred) and then the PI will select a risk reduction method using the "Surveillance History Risk Indicator" category in the CHAT to document the potential risk due to lack of resources. At this point the PI will consider scheduling the surveillance item that was not resourced (or deferred) at the next planning cycle. Furthermore, there is also a check and balance system in place to establish appropriate limitations on how long a surveillance item can be deferred. When considering the available data, SAS sets a definitive guideline for part 121 and part 135. A part 121 surveillance item cannot be deferred for more than 2 quarters without management and regional concurrence; for part 135, the limitation is 3 quarters. I believe the FAA has effectively addressed recommendation A-15-18 and consider our actions complete.

From: NTSB
Date: 1/27/2016
Response: Your current plan to review the adequacy of the FAA’s internal process for tracking deferred surveillance items will not satisfy this recommendation, nor will creating an entry in the Comprehensive Assessment Plan that explains why an inspection could not be completed. Pending our review of a revised plan that implements the temporary risk reduction methods and establishes the limitations on surveillance deferrals, Safety Recommendation A-15-18 is classified OPEN—UNACCEPTABLE RESPONSE.

From: FAA
Date: 10/27/2015
Response: -From Michael P. Huerta, Administrator: FAA Order 8900.1, Flight Standards Information Management System, Volume 10: Safety Assurance System Pol icy and Procedures, and its supporting software currently have risk mitigations in place to track and address deferred surveillance items. When surveillance items are deferred (not resourced) by the Frontline Manager (FLM), the FLM will add a code in the software to indicate why that item was not resourced. The Office Manager then concurs with the plan in the software. The FLM must notify the Principal Inspector (PI) when an item is deferred. The PI will then select a risk reduction method using the Surveillance History Risk Indicator to document the potential risk due to lack of resources. The FAA's Flight Standards National Field Office will conduct a review of those mitigations in conjunction with the Flight Standards Policy divisions to determine their adequacy. Accordingly, the FAA will make changes to surveillance guidance and software as appropriate. I will provide the Board with an update on this recommendation by September 30, 2016.