Re: If the FAA can be forced to do its job
The problem is not so much that Boeing did all the testing, but that Boeing did not do adequate testing and also did not properly classify MCAS as safety critical. The reason is clear to me; time to market in the face of new competition and therefore profits and share price. The (criminally liable) ability to tell the airlines that previously certified 737 pilots could do just an hour of non-simulator time was (to Boeing and the airlines) an added bonus.
To call the compensation to the families of the victims of these decisions blood money is not an exaggeration in any way.
In its original definition, MCAS was not supposed to have full authority over the horizontal stabiliser but when that proved to not solve the problem (whereby it would not pass Part 25 - passenger transport aircraft - regulations) it got more than just a bit of design creep to the point where the system had full authority over the horizontal stabiliser, which the elevators, under pilot control, could not overcome even if they were at their full travel.
When it got to this point, an updated FMECA (which was probably never done) would have shown conclusively that MCAS would have to be treated as safety critical.
Here is where regulatory capture rears it's very ugly head; the bean counters would have looked at the time and money required to certify the system as safety critical and told the engineering staff to shut up and pushed the DER to make sure it was not so classified in any document not merely to the FAA but also to all the other certification agencies around the world if they had asked - it is for this reason that none of those authorities is likely to trust anything from the FAA (or Boeing) for a very long time.
I have commented before that surely the engineers involved (and not just at Boeing - the electronics behind MCAS was almost certainly designed by a third party) would have serious questions about the effects of the decisions being made by bean counters and not engineers.
Having designed and verified safety critical avionics I can state that it is a time consuming and somewhat expensive process when done properly but it is also necessary; when something fails in verification testing, it gets fixed - no ifs, ands or buts. There are times when an analysis shows it may not be necessary to do a direct fix, but that full analysis needs to be done and documented. This clearly did not happen in the case of the 737MAX (and very possibly on 787 and newer 777 products).
That is where the tone of these messages make sense; the engineers did not want to shut up (although they did as far as the public and the FAA were concerned) and although I can sympathise with them to a certain extent, the only decent thing would seem to be to quit and go public but with the sure knowledge that Boeing, with all it's money and political connections, would be looking for blood and to completely discredit any such individual (as, most likely, would the FAA).
If those people did not have the wherewithal to withstand such an assault (there are numerous documented cases of whistle blowers being hounded, sometimes to the point of suicide), then it is difficult to blame them (where the blame really lies is in the laws that fail to protect legitimate whistle blowers - i.e. politicians who receive bribes campaign contributions from mega-corporations such as Boeing)
I personally would not trust a Boeing aircraft designed after the original 777 to actually be safe by design.
I don't fly much (if at all) now, but SWMBO does, and I carefully scrutinise what aircraft are scheduled for the routes she will be flying; a little bit of hassle, but at least I know the aircraft was properly designed and all the equipment within it properly classified and designed and tested to that classification.