Aviation's New Challenge: Software Glitches and Hackers?


Photo: FAA

The next generation of flying has arrived: From paperless boarding passes to paperless cockpits, we are moving to a completely computerized aviation future. It's almost like something out of a futuristic cartoon like The Jetsons with our tablet computers, internet-ready modernized passenger seats and synthetic vision glass cockpits.

Today's flights are planned on computers and sent to pilot's iPads, replacing the pounds of manuals, charts and checklists that pilots used to lug around. Outdated navigation systems are being replaced with a single, incredibly accurate, satellite based system called ADS-B. Inflight Wi-Fi service for passengers has not only become popular, but it's now almost expected from frequent airline travelers. And our nation's airspace system is getting a complete overhaul with NextGen, which includes programs like ERAM, Datacomm and many other communications systems.

This is all good news… until something crashes (or gets hacked). And we were recently reminded that sometimes computers do crash, when a few dozen American Airlines crews were left without proper charts after their iPads suddenly crashed on them while flying. The software glitch left dozens of flights and many passengers delayed.

Computers are clearly the efficient way to modernize aviation, and it's a welcome and inevitable progression toward a more effective airspace system. But there are a few things that haven't fully kept up with the fast-moving aviation industry, like software management and cyber security.

Are airplane computers secure?
Experts have warned that our industry's efforts to keep iPads, ADS-B and other onboard communication devices secure aren't comprehensive enough. An April 2015 GAO report evaluated the cyber security strength of the FAA's six major NextGen programs: Surveillance and Broadcast Services Subsystem (SBSS), Data Communications (Data Comm), NAS Voice Switch, Collaborative Air Traffic Management (CATM), Common Support Service-Weather (CSSWx), and System Wide Information Management (SWIM), which will all use an IP-based network to communicate with each other, as well as with thousands of aircraft flight deck technologies.

You can imagine that an entire system based on a computer network might be susceptible to hackers. Passengers are connected through in flight Wi-Fi. Pilots are sometimes connected to Wi-Fi via their company iPads, and will also be vulnerable to the hacking of onboard equipment through an IP network. And ATC is going to be on the ground, potentially connected to the same network. While the FAA has taken some measures to secure the networks, information in the GAO report demonstrates that the system is still susceptible to hackers.

"According to FAA and experts we interviewed, modern communications technologies, including IP connectivity, are increasingly used in aircraft systems, creating the possibility that unauthorized individuals might access and compromise aircraft avionics systems, " the GAO report states. In the past, on board systems have been insolated, but IP networking included in the many new NextGen technologies could leave not just one aircraft's systems vulnerable, but any other computer on the network.

How can operators avoid software glitches?
Besides choosing a reliable third-party developer and a company with a sound history in computer application design, there's not much an airline or an operator can do to avoid an occasional software glitch except to prepare for and expect the occasional software glitch. So far, the airlines have been lucky. American Airlines had a few delays, yes, but the problem was one that was easily fixed by handing paper charts to pilots or getting them to a place where they could re-boot, upload new charts and move on. At no time were they actually in any danger.

But what happens when a seemingly trivial software glitch isn't so trivial anymore? This is a question that was relevant yesterday, remains relevant today and will be relevant still in the future. Computers are already in use at most ATC facilities and in most aircraft. A software glitch in an aircraft is a problem, but not necessarily a dangerous one. Airplanes have backup navigation systems, backup electrical systems and backup instruments that are powered by something other than a computer.) A pilot can fly safely if their onboard computer crashes. It would test their skills, for sure, but that's what pilots train for.

A computer failure or software glitch at an ATC facility can cause major delays, possibly even for days. Remember that fire at the Chicago ARTCC facility? It not only knocked out both the primary and secondary communications networks, but it knocked out the whole region's ATC capabilities. Everyone survived, albeit painfully.

If we can glean anything from recent events, it's that in order for our industry to move forward in the world, we are going to have to rely on computers, and computers are not perfect. We have to do what's necessary to mitigate and control any associated risks, like those from hackers and software issues. And as we learn to protect our computer systems we'll likely have a few problems along the way similar to American Airline's software glitch, but the overall outcome will be an impressive, capable air traffic system that allows us to fly even more efficiently and safely than ever before.

What are your thoughts?