/ / / / /

The FAA Crash That Shut Down Southern California Could Have Been Much Worse

May 13, 2014 at 4:47 PM | by | ()

Sorry. We know that we're beating this thing into the ground, but it's one of those travel news things that begins as an off-beat story and evolves into a bona fide airplane security firestorm. Of course we're seeing more and more of those stories, but this one is kind of special. Without giving away any details, the most recent Reuters expose includes the phrase "the same vulnerability could have been used by an attacker in a deliberate shut-down," where the thing getting "shut down" was a part of America's air traffic control system. There's a reason people are still talking about this incident.

Just to catch folks up. Two weeks ago something caused the FAA to issue a ground stop across four airports across the greater Los Angeles area, including at LAX, for about an hour. Reporters asked the agency to explain the order, and got more or less nowhere. Another way of describing that move: the FAA shut down most of Southern California's airspace and declined to explain why. Later journalists found out that the military was flying a U-2 spy plane in the area, and that its flight plan caused the FAA's flight tracking server to crash. Cue the batshit crazy conspiracy theorists, who declared that alien signals from the U-2 had beamed autism-filled vaccines into their kids (or something; we didn't read very closely).

Of course the problem was programmer error, which is less exciting but in a way scarier. The U-2 was flying at 60,000 ft, about 30,000 ft above any commercial flight, but the flight tracking system got confused and assumed it was at 10,000 ft. So instead of just safely ignoring the spy plane, the system - the En Route Automation Modernization (ERAM) - decided that the U-2 was about to collide with a bunch of planes flying at 10,000 ft. It desperately tried to move all of those flights out of the U-2's "way", and then promptly overloaded and crashed.

That's exactly what you'd expect. Planning flight paths is really hard, even for computers, and here was a system trying to prevent who knows how many actual flights from colliding with a phantom jet. Tech site Ars Technica had a sub-headline that nicely summed up the situation: "System checked infinite number of altitudes for collision risk, causing memory error."

Of course the computer crashed. That's not the point. What people want to know is why it crashed, and what else could have gone wrong. Here's where yesterday's Reuters report comes in.

First, realize just how bad this got: the error "blanked out a broad swath of the southwestern United States, from the West Coast to western Arizona and from southern Nevada to the Mexico border." Second, note how this super-expensive air traffic system behaved: "the $2.4 billion system made by Lockheed Martin Corp, cycled off and on trying to fix the error." Over and over. And now the punchline: "the failure appeared to have been made possible by the sort of routine programming mistake that should have been identified in testing before it was deployed."

Of course the worry is that some attacker could have tried to do this on purpose. Reuters quoted one of the world's top exerts on this issue saying that "hackers have been studying aspects" of the part of ERAM that failed.

But you guys don't have to worry. Reuters quoted a bunch of people emphasizing that it would have been very difficult for an attacker to exploit this programming flaw, even though the system was so flimsy that it crashed because of a plane that was absolutely nowhere near any actual commercial flight.

Feel better?

[Photo: Top World News / YouTube]

Archived Comments: