Saturday, June 27, 2015

The End of the Commuter Airlines?

In an interesting development, Delta Airlines recently announced the purchase of 20 Embraer E190 100 seat aircraft to be flown by Delta mainline pilots. This is significant because it represents a departure from the business model of 100 seat or fewer aircraft being flown by outsourced regional airlines at significantly reduced wages compared to mainline aircraft.

This deal is contingent on the Delta pilots' union ratifying the latest labor agreement which establishes pay rates for the smaller aircraft. Historically flown by regional carriers such as Skywest and Comair under the livery of Delta Connection, Delta mainline pilots will now operate these aircraft along with the smallish Boeing 717 aircraft which were acquired from Southwest after their merger with AirTran.

The existence of the current regional airline industry has always been dependent on two things: cheap gas and labor. Starting with the introduction of the first small commuter jets like the Bombardier CRJ-200 50 seat aircraft in the mid 90s, the business model was to use the speed and range of the new jets to bypass a nearby hub to feed passengers directly into a distant hub.

A number of factors prevented this vision from being fully implemented but regional jets (RJs) did become a fixture of the airline industry serving smaller airports which might not have enough traffic to support larger narrow body jets like the Airbus A319 or Boeing 737. Typically, regional airlines would sign long term fixed rate agreements with their sponsor airline. All they had to do then was to lower their own costs to make more money.

Primarily hiring young pilots wishing to build hours, regional airline wages for aircrew are a fraction of those in the main line carriers. Relatively cheap prices for fuel in the '90s and '00s also helped to keep this business model afloat even though on a seat-mile basis RJs are more expensive to operate than larger aircraft having many more seats to generate revenue.

Over time the 50 seaters gave way to larger and more economical 70 to 90 seat aircraft in the late '00s. But it appears as if a perfect storm of both high fuel prices and a pilot shortage may be signalling the end of the RJ era.

Large numbers of Vietnam era pilots are retiring from the mainline carriers. These pilots are being replaced with pilots being hired from regional carriers, but new rules recently instituted by the FAA have raised an extremely high bar for aspiring pilots to get the hours required to be hired at the regionals. The result has been reduced service and even the abandonment of some routes by regionals for lack of pilots. The upshot is that wages will rise for the few pilots that remain in a tug of war between carriers.

Delta may have realized that as long as the benefits of having cheap labor around aren't available, there may be no reason to outsource their operation to a regional airline. They'd certainly have more control over service levels and product quality if the operation was kept in house.

This may be what is happening. If the other legacy airlines follow suit, the game may be up for the regional airline model. As always in this business...stay tuned!

Monday, June 22, 2015

Runway Collision Barely Averted in Chicago

On June 16th, two airliners with very similar call signs both started their takeoff roll towards one another on intersecting runways. Delta flight 1328 and Southwest flight 3828 were both lined up awaiting takeoff when the tower controller cleared the Southwest flight to go. The Delta flight erroneously took the clearance meant for the other airplane and also started its takeoff run. An alert tower controller saw what had happened and directed both aircraft to abort their takeoffs which they did. There was no collision.

This is a classic case of mis-hearing an instruction on the radio meant for another aircraft. Listening for your call sign on the radio can be nearly impossible when the frequency is busy. Sometimes you'll only hear perhaps the last digit or two of your call sign. Clearly, that method fails in a case like this when there are such similar call signs. The pilots of both aircraft had been previously advised that another airplane with a similar call sign was on the frequency which they both acknowledged.

Errors such as confusing a heading assignment for an altitude assignment, mistaking an altitude assignment such as "two-four-zero" for "three-four-zero", or mishearing a frequency assignment are legion in aviation today. It's easy to do and all pilots have made such errors. Those that say otherwise are not being honest. The vast majority of such errors are caught by either another pilot or controller and have little ill effect. But the potential for mayhem is always there.

One of the greatest tragedies in commercial aviation, the runway collision in Tenerife between two 747s resulting in 583 deaths, was due in part to radio miscommunication. There have been many suggested remedies over the years but none were practical enough to use. That could be changing with the introduction of digital data link technology.

A new system called CPDLC (controller pilot data link communication) may eventually replace some if not all spoken radio chatter between pilots and controllers. Already in use on some oceanic routes, an onboard data link allows pilots and controllers to relay instructions through satellite communications. Bringing this system to domestic operations could do much to alleviate missed and erroneous clearances.

One ongoing concern about the movement towards datalink communications has been concern over the loss of the "party line" effect. When an instruction is given to one aircraft, all other planes on the frequency hear the instruction which helps pilots to build a mental model of where other airplanes are and what they will be doing. The concern is that with digital communications between just one pilot to the controller over the datalink, other pilots won't for instance know that an airplane has been cleared to land on the runway they might be sitting on awaiting takeoff.

There could certainly be work arounds and other methods for ensuring the benefits of shared information through a common frequency are not lost with the implementation of datalink communication. Most likely, high altitude airspace will be the first place for the deployment of datalinks followed by approach and tower controllers as bugs are worked out.

If the very common problem of misheard audio communications is solved by use of datalink, a large source of errors dating back to the earliest days of aviation may finally be stanched.

Saturday, June 13, 2015

Boeing 787 Takeoff? Meh.

Hey, don't get me wrong, the 787 is one beautiful machine and I'm sure the takeoff was very very impressive, but it's really nothing too special. Pretty much any airliner flying today could make a similar display.

One reason that this takeoff video looked impressive is that it was shot from a helicopter with a telephoto lens. The lens makes everything in the distance appear to be foreshortened, which means that the vertical aspect in the shot is emphasized by the magnification of the lens.

The other reason is that the airplane is doing something that is normally never done. It's what pilots call a maximum performance takeoff. And other than places like Orange County, California, it's never seen. Even the takeoffs from Orange County will be less dramatic because those planes have people, luggage and fuel aboard and the pilots are still limited to 20° climb angle. The 787 demo had no passengers, no luggage, and very little fuel. And it was flown by Boeing test pilots.

Judging by how many shares of this video are showing up on Twitter and Facebook, people must be thinking that the 787 is one badass airplane: the airline equivalent of a '69 GTO with the 428 under the hood. That would be a misperception.

The 787, like all airliners, was designed to make money. The engines that Boeing hangs under their airplanes' wings are only big enough to be able to do two things. One is to be able to lift a full plane, carrying enough fuel to cross an ocean off the ground in less than about a mile of takeoff roll. The other is to keep the beast airborne for a few hours with only one engine working should the other one quit.

Any thrust in excess of the amount needed for the above jobs would mean excess weight, and be a waste of fuel and of course money. Remember, this thing has to make money. In fact the whole reason for the existence of this video is to stir up interest for a huge sales event, the Paris Airshow.

One of the largest aerospace trade shows in the world, the Paris Airshow is where corporate poobahs meet to show off their wares and to sign sales orders for billions of dollars on everything aviation related. Who would like to guess how many cases of Dom will be on hand?

And for anyone who has any experience with trade shows or sales and marketing, you know that the decision making depends on way more than mere green eyeshade concerns like acquisition or operating costs. There's also that certain je ne sais quoi which will add just the right amount of pizazz to close the sale. At aviation trade shows, that means airborne displays. Hence the Paris Airshow.

Of course the ne plus ultra of airshow extravaganzas was way back in 1955 when Tex Johnston rolled the prototype 707 at an airshow in front of the world's aviation executives. When called into the office by CEO Bill Allen and asked what he was doing, Johnston simply replied "selling airplanes".

I will bid adieu to this post with a pointer to an equally dramatic takeoff video of a 70s era military DC-10 at an airshow.

Wednesday, June 03, 2015

The Laser Threat to Airliners is Real (and Growing)

The laser (Light Amplification by Stimulated Emission of Radiation) was invented in 1960 and since then has become a technology which is indispensable for modern life. Unfortunately, pranksters shining lasers at airplanes are a growing threat to air safety using them to cause flash blindness and distraction. The FAA started tracking laser attacks against aircraft in 2005 counting about 200. Since then the attacks have escalated in both number and intensity to nearly 4000 reported in 2014. I've personally been lased at least a couple of times.

Properly used, lasers are essential in applications ranging from communications to navigation, manufacturing, lithography, bar code scanners, and of course entertainment. Most commercial airliners even employ ring laser gyros which are used for stabilization and navigation. I recall using a laser to measure the speed of light in my freshman physics class back in 1977 . We modulated the beam and shot it down to the roof of the cafeteria and back to the engineering building measuring the lag in the returning signal to divide into the distance. Little did I know how new or expensive laboratory lasers were back then.

Well as you know, lasers have become quite a bit cheaper since then and pen sized and smaller laser pointers are everywhere. The red dot of a laser pointer could just as easily be coming from a teacher giving a lecture as from cops aiming weapons at a perp. So of course as day follows night, knuckleheads will come up with ways to become a nuisance with their new toys.

One of the first nuisance applications of laser pointers was at sports matches. Flashing a laser pointer in the eyes of the opposing team player was a great way to distract or perhaps momentarily flash blind someone preparing to score. Laser pointers are now banned at most sporting and entertainment venues. Having their fun spoiled there, miscreants then turned their lasers skyward towards airplanes. The problem is that being more than just being a nuisance, flash blinding a pilot on approach can have a potentially bad outcome.

One problem is that the lasers being used are becoming more powerful. They can not only momentarily distract, but can cause long lasting flash blindness and even permanent retinal damage and burns. And this damage can happen with just a few seconds or less of exposure. High power lasers are readily available through internet sales and present a growing threat.

This Isn't Really That New

Way back in the 1980s it was the Russians who first used lasers against aircraft. It was during the cold war that the Soviets would stuff ships disguised as fishing trawlers with all sorts of intelligence gathering gear to spy on US military assets. The Navy would then monitor and sometimes harass these "intel trawlers" with P-3 and other patrol planes. Standard cold war cat and mouse game so far. No one got hurt.

Then in 1987, it was reported that a US military aircraft, a WC-135, had been "illuminated" with a laser from a Soviet trawler blinding the pilot. Had the other pilot not been momentarily looking down, both pilots would have been blinded. This was only one of many attacks by the Soviets against US aircraft. A subsequent accord signed in 1989 banned the use of military lasers against aircraft but the Russians were back at it in 1997 with another laser attack against a Canadian helicopter in the Strait of Juan de Fuca near Vancouver.

Nuisance or Danger

So it's obvious that the Russians were using high power lasers that caused permanent eye damage in the pilots and others who were hit. The helicopter pilot and observer in the 1997 incident were permanently grounded with confirmed laser burns to their eyes. Since that time, laser illumination of commercial aircraft has exploded. Only it isn't a foreign military causing all the trouble now but rather homegrown pranksters looking for cheap thrills mostly. Lasers of course have differing power levels and hence ability to blind. Let's take a look at the various types and power levels available to the public.

The FDA regulates the sales of lasers in the US. They are classified by color, power rating, and their ability to cause damage to the eyes and skin. Laser pointers rated as Class 1 or 2 are considered mostly harmless. The power ratings are in the 1 to 5 milliwatt range. Class 2 lasers cannot harm the eyes in less than the human blink or look away response of one quarter second. Class 3 lasers can injure the eye even through reflections and must be used with eye protection. Class 4 lasers are high powered lasers which can burn both eyes and skin. 

The commercially available laser I mentioned above is sold to the public as a class 4 laser with a 2000mW (2 watt) power rating. And I'll admit that while it looks totally badass in a Darth Vader lightsaber kind of way, I can't think of why anyone would need one. Still, for under $300, why not? Just don't aim it at an airplane. That's a felony. This one, by the way, is not available for sale in the US (but is in Canada and Mexico).

Distance is also a factor in laser attacks. Laser pointers rated at 5mW can make it difficult to see out an aircraft window at 1000 ft slant distance but their brightness falls off quickly, remaining visible but not producing flash blindness beyond about 4000 ft. It should be noted that laser pointers are generally not considered capable of causing eye injury but only temporary flash blindness and distraction. One factor that helps the situation is that it is difficult to keep a handheld laser trained on a moving aircraft which means shorter bursts of light in the cockpit.

It is of course the laser radiation reaching the eye which will cause damage and this is measured in microwatts per square centimeter. The type of eye injury a more powerful laser can cause is dependent on its frequency or color and this is due to the light absorption properties of differing parts of the eye. Some lasers burn the retina while others cloud the cornea and lens. And this damage can happen faster than the blink response for powerful lasers. The most dangerous lasers are those producing infrared or ultraviolet light which can damage the eyes but don't initiate a blink response due to the beam not being visible. The Soviets were alleged to have been using these.

 A safe distance known as the nominal ocular hazard distance or NOHD, describes the distance at which the maximum personal exposure or MPE is achieved. Beyond the NOHD, a laser is generally considered safe if not deliberately stared at. Class 1 and 2 lasers have no NOHD but Class 3 and 4 lasers have an NOHD measured in kilometers...more than enough distance to seriously injure the eyesight of pilots flying overhead. And this has happened recently.

So What's Being Done?

Shining a laser at an aircraft is already a federal crime currently punishable by five years in prison, but in a separate law, interference with the operation of an aircraft carries a penalty of up to 20 years according to the FBI. A man was sentenced to a 14 year term last year for shining a laser at a police helicopter in Fresno. The hefty term was considered a breakthrough which will serve to telegraph the seriousness of this crime. The FBI is also offering a $10,000 reward for information on laser criminals. This should do quite a bit to help nab perps as well.

The difficult part of catching laser criminals is the ease with which a laser can be shot and then quickly put back into a pocket. Many of the current convictions have arisen from laser attacks against police helicopters which of course have assets on the ground to find and arrest attackers. But with only 141 arrests and 87 convictions since 2004, this crime is easy to commit with impunity. Ongoing education efforts will also help to spread the word that lasers are not toys.

Other than counting on concerned citizens actually seeing and reporting lasing incidents, or police helicopters which can pinpoint laser attacks, it appears that not much else can be done. Technology may change that. High resolution airborne cameras may be a possible solution. Dubbed "persistent surveillance" and used in Iraq to spot IED planters, a camera that is always watching the area around an airport might be able to pinpoint the origin of a laser attack and then perhaps even record the movement of the perp back to his house. Perhaps the cameras could be mounted on the bellies of aircraft themselves.

My Incident

I was flying an arrival into Philadelphia from the west a year or so ago and was at perhaps 4000 feet being vectored to final for runway 26R. Over North Philadelphia I noticed a green laser being shone at the airplane from a city street. Being several miles away, the light was not very bright but was very noticeable standing out from the orange streetlights and traffic. After maybe 15 seconds the flashing stopped and we continued on uneventfully. We did notify approach control and filed the appropriate reports. Of course there was no way to even begin to tell what exact street location the laser was fired from.

And that was it. We weren't contacted by any law enforcement agency and left it at that. Perhaps the reports are becoming so ubiquitous that follow-up is not necessary.

I'll close with this one thought. The vast majority of these events are most certainly low-lifes or pranksters but I'm willing to bet that there are some folks out there intent on doing real damage with powerful lasers. Perhaps stationing two or more attackers to hit a plane from multiple angles with powerful lasers is a potential terrorist ploy. Nothing would surprise me these days.

Saturday, May 30, 2015

Singapore Airlines Flight Loses Power on Both Engines

A Singapore Airlines Airbus A330 carrying 182 passengers and 12 crew lost power on both engines on May 23 while at 39,000 feet altitude about 140 miles south of Hong Kong. The flight was enroute from Singapore to Shanghai. The aircraft then descended about 13,000 feet before normal operation was restored to both engines. After normal power was restored, the aircraft climbed back up to 31,000 feet and continued onto its destination without further problems.

Any time an event results in problems in two independent systems such as engines, the search for causes must consider factors that are in common. This would include factors internal to the aircraft such as fuel or bad commands from the autopilot or pilots. External factors can include things like turbulence, water ingestion or even volcanic dust.

A volcano did in fact erupt in Southern Japan recently, but this event happened before the eruption so dust ingestion is not being considered. In a company statement it was noted that the aircraft did report that it had entered an area of bad weather and turbulence before the power loss. It's also important to note that the company statement was careful to use the term "loss of power" as opposed to shutdown or what pilots refer to as "flameout".

Another interesting item in the story is that the aircraft was then on the ground for only four hours before departing for its return leg to Singapore. I'm wondering what the passengers on the return flight thought after reading that the airplane they rode on was almost a glider over the China Sea? That was a helluva gamble to fly the airplane on a revenue flight after an event like this.

The aircraft arrived in Shanghai after the event at about 11pm local time. That means that the contract maintenance mechanic called out to look at the airplane was the graveyard shift guy. Probably the least experienced mechanic available. I would guess that they ran the engines for a few minutes and queried the onboard electronics for error messages before clearing the aircraft for flight. A more in depth inspection would involve a partial teardown of the engine to inspect internal and hot section components. Obviously, such an inspection was not accomplished.

But I'm no engine expert. Perhaps a computer upload of engine control codes was made to Rolls Royce, the manufacturer, and it was determined that the engine rollback was due to an explainable occurrence not likely to happen again. The difficulty is that there are many things that can happen to an engine at altitude which are not reproducible on the ground. There could possibly have been fuel icing or a failure of variable guide vanes or any number of other malfunctions.

Jet Engines are Finicky Things

Jet engines may seem like large brutish machines but they're actually rather finely tuned precision devices. And they're designed to work over an extreme range of operating conditions from sea level and 100 plus degree air to pressures and temperatures where no human could survive on the edge of space. Tolerances on the huge fan blades you see spinning inside the cowling are so fine that the inside of the engine is coated with what's known as an ablative ring, which is actually designed to make contact with the outer edge of the fan blade under certain conditions and to rub off.

If the hot section of the engine where the fire burns is the heart, then the brain is the fuel control unit. A complex and computerized hydro-mechanical contraption, it might be roughly compared to a carburetor or fuel injector on your car. But that comparison is analogous to comparing a first generation calculator to the latest iPhone. They're given fancy names like EECs (electronic engine controls) or FADECs (full authority digital engine controls). 

Taking pressure, temperature, flight regime, fuel density, and a multitude of other inputs, the fuel control unit is charged with keeping the engine producing the commanded amount of thrust while simultaneously preventing either flameout from fuel starvation or conversely what's known as overboost when the RPM or other parameters exceed design limits.

If you've ever spent an afternoon at the drag races you might have an appreciation for the challenge. As the top fuel dragsters approach the starting line, they always appear to be vacillating between stalling out and running full out. That isn't too far off the mark of what the fuel control unit is attempting to accomplish while at extreme altitudes.

Don't Monkey With the Throttles!

It is well known to all pilots that when you are in the high altitude regime, you just don't monkey with the throttles too much. That means no rapid movements. While at lower altitudes it is possible to take the engine from idle to full thrust quickly with little problem, at altitude (above, say, 35000 feet) bad things may happen. Being designed to not flood the engine with fuel when the throttle is rapidly pushed forward, an engine may not respond to commands after being retarded to idle. Or if it does respond, it might do so sluggishly.

Why might an engine be pulled to idle while in cruise at 39,000 feet? Well one reason might be because the airplane wandered into a storm or encountered turbulence. One type of turbulence called "wave" turbulence can result in the airspeed rapidly increasing or decreasing. 

Without a lesson in aerodynamics, all aircraft have both minimum and maximum airspeeds while in flight. The higher the aircraft flies, the closer together these two speeds become. At extreme altitudes where aircraft like the U-2 fly, the difference may be only a few knots between stall speed and maximum mach. Go too slow and the airplane stalls and falls out of the sky. Too fast and an exceedance of maximum mach may result in a loss of control or structural damage.

So after encountering wave or other turbulence, a rapid increase in airspeed may occur and the autothrottle system may be too slow to respond. In this case the throttles must be manually pulled back to prevent an overspeed. Quickly after that, the wave action may cause the airspeed to then rapidly decrease. At this point, jamming the throttles forward again may result in a very sluggish response from the engines. To keep the airplane from stalling at this point, the only choice is to descend.

This is where the fun really starts. Because if the turbulence is due to a thunderstorm which you may be attempting to top, the only way to go is down into the storm. At this point, the engines may be forced to ingest huge amounts of rain while enduring greater turbulence as descent continues. The story of airplanes losing power and then being forced to descend into a storm they were trying to top is a common one in mishap history.

The Superior Pilot

How to avoid all this nastiness? Well the old aphorism states that the superior pilot uses his superior judgement to avoid situations requiring his superior skill. This means planning and avoiding areas of known convective activity (thunderstorms) or turbulence. My airline will route us hundreds of miles out of our way to avoid moderate or greater wave action. When transiting such an area, it can also be a good idea to descend a few thousand feet into thicker air so aerodynamic and engine margins aren't so critical. And stretching the limits to top a storm which should be circumnavigated is never a good idea.

Is this the scenario which happened here? It may be difficult to find out exactly what happened as it seems Singapore Airlines didn't think there was a problem with the airplane to put it directly back into service. Also of note is that the engines on this aircraft were nearly new. The airline is attributing the power loss to turbulence while passengers aboard the flight reported no interruption in inflight entertainment systems meaning that the generators never fell off line. This is an indication that the engines merely rolled back and did not flame out.

The Singapore Air Accident Investigation Board is investigating the incident while Airbus and Rolls Royce, the airframe and engine manufacturer are cooperating in the investigation. Stay tuned.

Wednesday, May 27, 2015

Cockpit Computer Hacking Update

A few weeks ago I wrote about the possibility of cockpit electronics and computers being hacked through inflight entertainment systems. The story centered around a self styled computer expert claiming that he had hacked into an airliner's flight control systems through the entertainment system and had affected the flight path of the aircraft in some fashion.

I suppose it's one thing to do this, but it seems to me that it is to transcend to a significantly higher level of stupid to then publicly announce that you've done this. Of course this guy ended up being interviewed by the FBI and also got himself declared persona non grata on United Airlines, the airline he claimed to have hacked. He also got some air time on several news shows which perhaps was his goal.

But notwithstanding this clown's antics, the question remains of whether aircraft control system computers are vulnerable to hacking through Wifi, entertainment, gaming, or other onboard passenger systems. While not being a computer expert by any stretch myself, I did ask a friend who is more of a computer guru. He was able to point me toward some resources addressing inflight computer hacking. (Hat tip to Dennis Corkery)

Inflight Hacking is a Recognized Concern

The US government has recognized that the proliferation of "IP" or internet protocol networks in critical aviation computer systems presents a vulnerability to malicious attacks on systems that were previously not connected to public networks. The GAO, an investigative arm of Congress, has issued several reports in recent years critical of the FAA and their deployment of information technology. One recent report highlights the potential of aircraft systems to be compromised:

Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems. As part of the aircraft certification process, FAA's Office of Safety (AVS) currently certifies new interconnected systems through rules for specific aircraft and has started reviewing rules for certifying the cybersecurity of all new aircraft systems.
Historically, aircraft in flight and their avionics systems used for flight guidance and control functioned as isolated and self-contained units, which protected their avionics systems from remote attack. However, according to FAA and experts we spoke to, IP networking may allow an attacker to gain remote access to avionics systems and compromise them. 
Firewalls protect avionics systems located in the cockpit from intrusion by cabin system users, such as passengers who use in-flight entertainment services onboard. Four cybersecurity experts with whom we spoke discussed firewall vulnerabilities, and all four said that because firewalls are software components, they could be hacked like any other software and circumvented.

So, yeah, I know it's the government, but intrusion into airborne systems at least sounds plausible.

Some information system experts quickly retorted that the government experts don't know what they're talking about. (Sacre bleu!)  In a Forbes article, a professor of digital forensics (whatever that is) at Bloomsburg State University in Pennsylvania claimed that the GAO report was " put together by people who don't understand how modern aircraft actually work". He insisted that:

The information passed on to the inflight entertainment system is via something called a NED (Network Extension Device).  This device is not a router. This is a device that must be programmed to pass certain information to the entertainment system (aircraft position, etc.). 
This is a one-way communication. Even if someone were able to send information back toward the avionics, they aren’t listening for information from the in-flight entertainment systems… Since the computer doesn’t try and read information on those wires it is not likely to be useful to an attacker.

So there you have it. Some "experts" say we're all f*cked and others say they're smoking weed. What's the truth? I have no idea. The concept of aircraft systems being compromised at least sounds plausible but like all accounts of cyber-warfare, it seems to devolve into a cat and mouse game where each side attempts to score points against the other but it is the technology laggers who typically get owned.

Personally, this issue won't keep me awake at night. And probably shouldn't keep you up either.

Monday, May 25, 2015

Mideast Insurgents Invade America

There is an invasion of America in progress emanating from the Arabian peninsula. No, I'm not talking about ISIS nor al Qaeda; this invasion consists of airlines. Flying under the radar of popular opinion, three Persian Gulf based airlines, Etihad, Emirates, and Qatar Airways have been growing like weeds while invading American and European markets. They have now grown large enough to become serious competitors to established American and European carriers who claim the three upstarts are abusing provisions of international accords known as "open skies" agreements.

All three of these airlines, Etihad, Emirates and Qatar are relative youngsters having been founded in 2003, 1985, and 1993 respectively. But in spite of their youth, these airlines have quickly grown to join the ranks of some of the largest international airlines. Etihad, for instance, has over 17,000 employees and reported over $6 billion in revenues for 2013. Emirates boasts over 56,000 employees and is the third largest airline in the world based on passenger-miles flown, while Qatar employs over 19,000 and was the first airline in the Mideast to fly the Boeing 787.

All three of these airlines operate the Airbus A380, the world's largest aircraft, and collectively serve over 480 destinations. By way of contrast, American Airlines employs about 94,000 after their merger with US Airways and reported $42 billion in revenue for 2014. Weighing in for Europe, Lufthansa employs 118,000 and reported revenue of over €30 billion (about $33b) for 2014. So while not threatening to eclipse the largest US or European carriers, the three Arabian entrants have grown large enough to become noticed.

And noticed they have become. At this point the story simply reads like the disruption of established market players by more nimble or better managed interlopers. In any other industry that might be the case, but the international airline business is a completely different animal.

Fulfilling roles as objects of national pride and diplomacy while acting as both cultural ambassadors and political footballs, international airlines, or flag carriers, have historically never enjoyed free markets. The international airline market has always existed as a tangle of pacts and alliances subject to protectionist impulses, political manipulation, backdoor subsidies and labor strife.

Dating back to the postwar years when passenger aircraft first became capable of crossing the oceans, the world's nations have simultaneously worked to untangle this Gordian knot of international air travel while also protecting their own flag carriers from competition.

The Quest for Open Skies

Signed in 1944, the Convention on International Civil Aviation (the Chicago Convention) first provided a framework through which individual nations could enter into two-way or bilateral agreements for international air travel. Among other things, this agreement defined various "freedoms" which might or might not be allowed in international air commerce.

One point of contention has always concerned the "fifth freedom" as outlined in the Chicago Convention otherwise known as "cabotage". In this scenario, an airline from country A flies to country B whereupon it picks up passengers from country B and takes them to either country C or another destination in country B. You can see how the government and airlines of country B might object to this "invasion" of their airline market by the airline from country A. As a result, cabotage is generally prohibited in most international airline agreements.

Other provisions in these agreements might involve schedule frequency, pricing, specific airport slots and even ownership limits. Taxes, code-share arrangements, and antitrust issues had to be addressed. Since many countries may have only one national airline, government subsidies to hometown airlines were also a consideration.

A continuing goal of international airlines has been to progress beyond individual two-way agreements towards multilateral or "open skies" agreements. Under such an agreement, airlines from all participants would be free to serve markets to each other's countries. Pricing and schedules would be at the discretion of airline managements with few restrictions. Cabotage was generally still prohibited, but otherwise there would be no quotas. The economic chips would fall where they might.

The 2008 EU-US Open Skies Agreement was considered a triumph of this effort and provides for unlimited competition between all airlines in the European Union and the United States. Likewise, the first open skies agreements between the US and Gulf States such as UAE and Qatar were signed in 1999. Fast forward to today and attitudes about at least some of these agreements are changing.

Illegal Subsidies or Better Product?

US airlines have always been at the forefront of efforts to pass open skies agreements. While an image of ruthless efficiency may not immediately come to mind when thinking of US legacy airlines, they could easily out compete the high cost national airlines of smaller countries and were able to offer connections to many desirable US destinations through extensive domestic networks. A foreign competitor might only be able to offer service to a US gateway such as Dulles or JFK after which a change to a US domestic airline would be required.

The consolidation of Europe into one large market along with code-share arrangements has blunted both of these advantages. And now with the rise of the three Gulf State juggernauts, misgivings about open skies has turned into full-throated protest by the largest US airlines. They claim that the three Gulf airlines are not playing by the established rules.

Foremost of the complaints is that Etihad, Emirates, and Qatar have been subsidized to the tune of billions of dollars by their governments. With this cash windfall, the allegations state, they have been able to purchase an ultra modern fleet of aircraft with which they dump seats into European and US markets thereby gaining market share.

The Tiff Goes Public (and Ugly)

Naturally, the managements of the three Gulf airlines disagree with the charges of being subsidized by their governments even though they are all government owned. Their arguments consist of two prongs consisting of  "no we aren't subsidized", and "US airlines are subsidized too" through bankruptcy protections, fuel tax waivers and post 9/11 payments by the US government to some airlines. Websites have been set up and a public food fight has commenced.

Earlier this year, Delta airlines CEO Richard Anderson, in a CNN interview, stated that the Gulf airlines shouldn't complain about US government payments to airlines following 9/11 considering that the attack had origins in that region of the world. Predictably, this blew up the internet with protestations of outrage being hurled back and forth. Anderson later apologized for his remarks but the incident serves to showcase the emotions that are flowing just beneath the surface.

On the domestic front, all three CEOs of the big three US airlines have petitioned both the US Commerce and Transportation department heads to request that the existing open skies agreements be opened and renegotiated. The CEOs of the Gulf airlines retort that opening these agreements up would throw the entire framework of open skies into question by setting a precedent of renegotiating agreements when one side can't compete, as is their contention.

And the protests against the incursion of the Gulf airlines are not just US based complaints either. Countries such as the Netherlands and Canada have recently decided to consider restrictions against the Gulf Three. This fight is even raging in places like Australia where Emirates is complaining that it is being discriminated against through charges for air traffic services.

So What's Really Going On?

My feeling is that it's a little bit of all of the above. Having just an inkling of how business is done in the Middle East certainly makes it plausible that the meteoric rise of the Gulf Three has been assisted by oil money. Why build anything when you can buy it? I find it humorously ironic that the names of the three Gulf CEOs: Sir Timothy Clark (Emirates), James Hogan (Etihad) and Akbar al Baker (Qatar) don't sound particularly Arabic. At least Mr. al Baker took a proper Arabic first name, though he may well be a descendant of a storied nomadic tribe of al Bakers. (al Candlestickmakers?)

That said, it also sounds as if the US based airlines doth protest just a little bit too much. It is true that the Gulf airlines have a well placed geographic hub between East and West which no doubt increases their global competitive reach. New long range aircraft help them to bridge continents without stopping for refueling. There is also no doubt that the Gulf airlines offer a product superior to their American competitors based on customer surveys. And therein lies another irony.

We Got What We Wanted

It's been remarked far and wide that the early years of commercial aviation were the glory years. And by the early years I mean the postwar era up until perhaps 1970. Flying was glamorous, people dressed up, the service was impeccable and it was a classy experience. It was the era of "coffee, tea, or me". Flight attendants had to be female, young, thin, and single. Rightly or wrongly, a change in any of those categories was grounds for termination. The food was gourmet, the wine vintage and the silverware real. Oh, and it was crazy expensive.

Thirty years of "progress" has left us with the air transportation system we have today. And it is exactly what we have asked for nay demanded. 

US employment law now forbids discrimination in any of the above mentioned categories. The demand for lower fares resulted in "cattle car" boarding and knee-chewing seat pitch. Management-arranged bankruptcies for the purpose of abrogating union contracts have left a workforce of bitter employees who seem to delight in slamming the jetway door in the face of running passengers. Or they might revel in "slopping the pigs" with an inedible simulacrum of latex flavored food before disappearing for the remainder of the flight. Getting your private parts fondled by a surly TSA agent is just the cherry on top of this nasty confection.

But then again, in 1967, no one but the truly wealthy were flying to Chicago to see a playoff game over the weekend. It is now de rigueur. But we somehow threw the good service baby out with the high fare bathwater. Perhaps the two are mutually exclusive, but perhaps not. 

What Happens Next?

Given the facts in the case, one might be led to believe that the US based carriers have a pretty solid case against the Gulf Three. That their petition to restrict further access by these carriers into the US market would get a sympathetic hearing from US officials. That realizing that the Gulf carriers are not playing by the rules would lead the US flying public to shun the interlopers in favor of the home team. That would be a mistaken belief for a number of reasons.

As I mentioned above, the Gulf carriers consistently get better customer service grades from the flying public. Remember, this is the same flying public that has come to hate the US airline business nearly as much as their cable provider. In spite of widely popular laws requiring the employment of grumpy, middle aged and bitter employees, young attractive employees seem to carry the day.

I recently perused the comments section of relevant articles in several US dailies to get a very unscientific feel for the public's opinion of this fight. The comments were mostly in favor of the continued presence and expansion of the Gulf airlines. The common theme expressed is that the US airlines need to up their game. I'm also guessing that news of illegal subsidies from Arabian Peninsula oil kingdoms is not entirely unwelcome either. People may feel they are getting some of their gas money back.

And don't forget that there are other constituents in this country who don't necessarily mind the success of the Gulf airlines one bit. That would be the Boeing Corporation and its 165,000 employees who happen to do billions of dollars of business with the gulf airlines. In fact we not only sell jets to rivals of US airlines, we loan them the money through our Ex-Im bank at favorable rates. We are great friends indeed. And by we, I mean you, the US taxpayer.

In one sense, this international corporate food fight is really no different than what happens in any global commodity market. It will sort itself out one way or another. But if it goes badly for US airlines, I'm told that Dubai has great weather most of the year.


Friday, May 15, 2015

Planes, Trains (and Automobiles)

As I read about the horrific train crash in Philadelphia, it occurred to me that many of the issues concerning the operation, safety and reportage of different kinds of transportation accidents overlap. Here was a very serious accident which resulted in a tragic loss of life, major equipment damage and serious disruption of operations due to an apparent operator error.

As with all accidents of this magnitude, investigative agencies will be do their best to reconstruct the events and to determine the causal factors which led to the accident. Reports will be filed, suggestions will be offered for safety improvements and blame will be laid. Politics, as per usual, will also intrude and indeed already has.

One of the frustrations of the public concerning dramatic accidents such as this is that official investigations seem to take forever. In the meantime there is a palpable need to determine cause which popular media outlets are only too happy to fulfill. 

Hardly a day had gone past before it was reported that the train had entered a sharp curve at nearly twice the posted speed limit of 55 miles per hour. It at first appears as if this is an open and shut case of egregious malfeasance on the part of the train driver. That may be true, but I found myself thinking that this conclusion was simply too easy. There may be more to the story.

Make no mistake, it certainly sounds like 32 year old Brandon Bostian, the train's engineer and an admitted train enthusiast with a good record, was grossly incompetent in taking the turn at such a high rate of speed but it should also be noted that Mr. Bostian certainly didn't come to work that day with the intent of crashing his train and killing half a dozen of his passengers.

Beyond the Obvious

The challenge before the investigation board will be to go beyond the obvious reason of excessive speed to find out why Bostian was travelling so fast and why he didn't brake until too late. It may be a simple case of distraction or perhaps he just dozed off. 

This accident also highlights the fallible nature of human beings when they have the potential to be a single point of failure in a control loop, as highlighted by this and the recent Germanwings disaster.

A question that I immediately had was that even though the speed limit of that particular curve was posted at 55 MPH, I wondered how closely those limits are adhered to by most engineers. We all know that in certain realms of life there might be a "book" way of operating and a "real world" way which may be quite different. Let me explain.

We all drive on the freeway, and while exiting we all see the "Exit" sign pointing towards the ramp which usually has a speed limit for the ramp. And we all dutifully ignore that limit. A ramp posted at 25 MPH (as many are) can many times be easily be negotiated at 40 and perhaps even 50 if you took your wife's BMW to work that day. And when was the last time you saw a cop pull someone over for speeding around an exit ramp?

Occasionally we encounter a ramp which is truly a tight curve where the posted limit is for real. In these cases we end up jumping on the brake and becoming annoyed that we had no warning. Should you then hit the guardrail, that excuse will hold no water with the insurance company.

Corporate Culture

I would hope that in this case the investigators check the black boxes of other trains on the same route to determine at what speed most engineers take that curve. They might be surprised. Perhaps it was "known" among the ranks that the curve is normally taken at 100 with no ill effects. 

Every operational organization I've ever been a member of has had a "culture" which recognizes that there is the "book" or "schoolhouse" way of operating and the "real" way. And by that statement I don't mean that everyone is running around breaking all the rules but rather that there is some variance between how the books are written and interpretations due to the necessities of real world operations.

In fact, when some unions wish to conduct a work slowdown in the course of labor negotiations, they conduct what is know as a "work to rules" campaign by strictly following every last picayune directive in their operating manuals. This can easily bring any manufacturing or transportation operation to its knees and is actually recognized by many courts as an illegal work stoppage which I find humorously ironic.

Have an accident or incident as an operator, though, and you can be sure that the full weight of the rulebook will be used as a witness for the prosecution as seems to be happening here. Had the train derailed going 56 MPH, the engineer is still completely at fault.

The problem is when "real world" operations get too far away from what the book says. No one may know what the true safe speed is and if someone made the curve at 90 yesterday and nothing bad happened, why not try 100 today? You can easily see that this is an unacceptable method of operation.

Perhaps a solution to this dilemma would be an effort to write more realistic operations manuals. 

Other questions which should be asked are whether there are penalties for being late or incentives for being early. It should be asked if this train was running on time. In airline operations, it is well known that many errors result as a consequence of rushing through checklists. Most airlines' official stance is to not apply any undue pressure on pilots for an ontime operation.

Gate agents, however, are under tremendous pressure to get flights out on time on pain of punitive action up to and including their employment. Threaten someone's livelihood and you get their attention quickly. I often get asked to release the parking brake while still at the gate which will show an ontime departure on our automated reporting system, but surely it is easy to see how policies like this can cause mischief.

Distraction, fatigue, or boredom?

These three perennial bugaboos plague all modes of transportation and seem to never find a solution. The simple reason for this is that they are design defects in the standard issue human. Until humans are completely separated from transportation systems, these problems will never be completely solved but only mitigated.

Investigators will work to determine how long Bostian had been on duty and what his sleep schedule had been. He has already turned in his phone to authorities who will determine if there had been any activity during the time that the train was in motion. A train crash in California was attributed to a texting engineer a few years ago.

I used to love to ride motorcycles and would love to someday get another one, but won't as long as the cell phone exists. Distracted drivers are a real threat to everyone on the road.

Bostian has reported that he remembers nothing just prior to the crash. While it may be a defense, he may have dozed off or was suffering from a "micro-sleep". Fatigue, which used to be characterized as a moral failing, is finally being recognized as a physiological debilitation with real world consequences for persons in safety critical jobs. 

The Wall Street Journal has reported that the train accelerated from 70 to 110 MPH in the 60 seconds before the crash. That could plausibly be attributed to Bostian just dozing for a few seconds. The FAA recently completely overhauled the rest regulations for pilots. While still flawed, this overhaul at least telegraphs a recognizance of the problem facing operators.

Media hype

I want to close this essay with a note about the news coverage of the accident. As per usual, a high profile accident like this will grab the headlines for one or two news cycles. There is nothing new about the old tag line of if it bleeds, it leads. Typically, a few snippets of information will leak out followed by many furrowed brow talking heads being ordered to fill hours of airtime with speculation.

The result will predictably be calls for a murder indictment of the engineer before all the circumstances of the accident are known. Accident investigators are put under tremendous pressure to report a cause quickly which certainly can not help their efforts to understand the underlying causes and possible remedies for a tragedy such as this.

Saturday, May 02, 2015

The Rise of the Machines

I am extremely pleased to announce my first guest blogger for the site. The following is an essay by C2C Robert Graves Jr for his philosophy class at the Air Force Academy. To say that I'm proud of the boy would be an understatement.

C2C Robert Graves                                                                                                  
The Rise of the Machines


                Noel Sharkey’s “Saying ‘No!’ to Lethal Autonomous Targeting” argues that the move from ‘man-in-the-loop’ to ‘man-on-the-loop’ is a dangerous one and that there will be an increase in moral issues raised as a result. Sharkey claims that the current usage of remote piloted robot planes and drones indicate that future robotic platforms could be misused by extending the range of legally questionable, targeted killings by security and intelligence forces.  I propose that lethal autonomous unmanned systems will potentially be capable of performing more ethically on the battlefield than human soldiers and that their progression should not be stopped. If there ever is a point where these unmanned systems achieve better-than-human performance it may result in a decrease in civilian casualties and is therefore worth pursuing. In this paper, I will first summarize Sharkey’s argument against the advancement of Lethal Autonomous Systems. Secondly I will present three objections to Sharkey’s article. Finally I will present two practical implications of my objections to Sharkey’s article.

Summary of article

                Sharkey creates an argument against the advancement of Lethal Autonomous Systems throughout his article. Sharkey does this by first explaining the trend of the United States Military towards Lethal Autonomous Systems.  Next Sharkey observes that ‘Man-in-the loop’ have shown to be a step toward ‘man-on-the-loop’ systems and eventually Lethal Autonomous Systems. By first looking at the ethical dilemmas of ‘Man-in-the-Loop’ and ‘Man-on-the-Loop’ systems, Sharkey predicts future ethical debates about Lethal Autonomous Systems and argues that they should not be pursued as viable military assets. Although Sharkey does acknowledge the obvious military advantages to implementing Lethal Autonomous Systems, these should not be exploited due to ethical concerns that are apparent through ‘Man-in-the-Loop’ and ‘Man-on-the-Loop’ systems. The following reconstruction reproduces the argument that the use of Lethal Autonomous Systems should not be allowed in warfare.

                1) The United States Military has been developing ‘Man-on-the-Loop’ Systems (p)

                2) ‘Man-on-the-Loop’ Systems are impractical without the development of Autonomous Systems (p)

                3) With the United States current goals, Autonomous Systems are inevitable (1, 2)

                4) ‘Man-in-the-Loop’ Systems remove two obstacles of war that previously prevented killing without considering the full consequences (p)

                5) Problems presented by ‘Man-in-the-Loop’ Systems will be exacerbated by ‘Man-on-the-Loop’ Systems. (p)

                6) The alleged moral disengagement by remote pilots will only be exacerbated by the use of autonomous robots (4, 5)

                7) Autonomous Systems cannot implement the principle of discrimination (p)

                8) Autonomous Systems cannot implement the principle of proportionality (p)

                9) The international community need to address the difficult legal and moral issues now, before the current mass proliferation of development reaches fruition (3, 6, 7, 8)

                Since the creation of Weapons, they have evolved to enable killing from increasing distances. This is made apparent by the evolution from rocks to the spear to bow and arrow to cannons all the way to long range bombers during WWII. Today militaries are separating their personnel from the battle field through the use of robotics and Unmanned Aerial Vehicles or UAVs. There has been an obvious push for more robotics and UAVs in the past ten years. In the Iraq and Afghanistan conflict thousands of robots were used compared to the 150 in 2004 (Sharkey).  The undisputed success of UAVs for gathering intelligence has created an insatiable military demand for UAVs. This demand has spread to over 40 countries that either produce their own systems or buy them from other countries.  These systems are still in the infantile stage and their true capability and what they evolve into is not yet known. However it can be predicted that militaries will want to use robotics and UAVs as a force multiplier that will allow one individual to control multiple systems or even to the point where systems will be able to make decisions for themselves.  It would be at this point where a system is considered to be autonomous. These robots will not be like something out of Terminator but will instead be able to gather data from their sensors and then make decisions based on an algorithm to deliver deadly force. It is an important distinction between the use of autonomous in philosophy and politics and how it is used in this sense. 

                There would be four reasons why a military would desire the use of an autonomous system over one that is controlled by human. Sharkey states these as “(i) remote operated systems are more expensive to manufacture and require many support personnel to run them; (ii) it is possible to jam either the satellite or radio link or take control of the system. (iii) one of the military goals is to use robots as force multipliers so that one human can be a nexus for initiating a large-scale robot attack from the ground and the air; (iv) the delay time in remote piloting a craft via satellite (approximately 1.5 seconds) means that it could not be used for interactive combat with another aircraft.” (Sharkey) These obvious limitations to ‘Man-in-the-Loop’ and ‘Man-on-the-Loop’ make the likelihood of autonomous systems entering the battlefield ever higher.

Man-in-the-loop: problems

                A Man-In-the-Loop system is one that a human is consulted with every action, such as a UAV. The United States has led the field with its armed drones. The Predator MQ-1 equipped with two hellfire missiles and its brother the MQ-9 Reaper that can be equipped with up to 14 Hellfire missiles are controlled by the 432nd Air Expeditionary Wing out of Creech Air Force Base in the Nevada desert. Since the first Predator took flight in 2001 there has been a sharp increase in the number of pilots that operate these systems. In 2009, the number of remote pilot operators trained outnumbered the number of conventional pilots. (Sharkey)

                Sharkey argues that the use of these UAVs has definitely “alleviated one of the two fundamental obstacles that war fighters must face – fear of being killed” and possible a second. By taking away this fear of being killed these airmen have no reason to retreat. This has made them much more dangerous especially because a military force is most vulnerable when retreating.  The second element that Sharkey argues is removed by UAV use is resistance to killing. It was discovered after WWII that most men are not ready to kill. Through the analysis of both hit rates and interviews with soldiers after major battles in WWII, it was shown that on the ground, soldiers found killing to be a difficult task. However Sharkey points out that operation of UAVs encourages a ‘Playstation’ mentality. These operators rarely see the faces of those they have killed and are looking at them through a computer screen very similar to a video game. Many airmen that are flying these drones have found that it was unexpectedly easy to kill someone with the use of a UAV. By separating the operator from the battle, Sharkey points out that the operator does not consider the morality of each kill. Instead it is a simple job that the operator goes to every day after which he or she returns home for dinner with their family. In conclusion Sharkey claims “developing technologies of this sort also have the potential to provide for the creation of moral buffers that allow humans to act without adequately considering the consequences.” This would apply to autonomous systems as well as those controlled by humans. By removing the elements that made it difficult to kill another human being, there is the possibility to not fully understand the results from an action.


                “The most recent United States Air Force Unmanned Aircraft Systems Flight Plan 2009-20474 opens the strategy for a staged move from current remote piloted systems to fully autonomous systems.” (Sharkey) There will be a transition from unmanned drones being controlled by operators all the time to the drones controlling themselves for landing take-off and re-fueling. As more advancements are made, humans will no longer be “in the loop” or being consulted for every move, instead they will be “on the loop”. “On the loop” means that humans will monitor the execution of certain decisions and the AI of the drone will carry out those decisions within legal and policy constraints without human input. Sharkey raises one strong issue that a human will not be able to make all of the decisions to kill. As pointed out before, the ability to command these drones is slow and does not work well in a combat situation. Eventually, for these drones to be effective in a combat situation they will need to be able to decide whether to take action or not, essentially autonomous.

How they relate

                Sharkey has shown that there is an obvious trend towards Lethal Autonomous Vehicles. He has also shown that UAVs while still controlled by humans do not have two of the fundamental obstacles to war fighting; fear of death and fear of killing. By removing these two elements, airmen are less averse to killing the enemy without consideration for the morality of each kill. Finally Sharkey has shown that the transition from ‘Man-on-the-Loop’ to Autonomous is inevitable: that ‘Man-on-the-Loop’ is not practical without the transition to Autonomous Vehicles. In Sharkey’s conclusion he explains that this is bad because we cannot trust Autonomous Vehicles to kill another human.

 First Sharkey relies of the principle of discrimination. The principle of discrimination is that no Autonomous Vehicle has the capability to determine between a civilian and insurgent. This issue becomes even more important when we are fighting a force that does not dress in uniform and hides among the civilian population.  Sharkey does acknowledge the extensive amount of sensors, cameras, and facial recognition programs that can be utilized by a drone but these can be rendered useless by a simple ski mask or hooded jacket. Sharkey argues “In a war with non-uniformed combatants, knowing who to kill would have to be based on situational awareness and on having human understanding of other people’s intentions and their likely behavior. In other words, human inference is required. Humans understand one another in a way that machines cannot. Cues can be very subtle and there are an infinite number of circumstances where lethal force is inappropriate. Just think of children being forced to carry empty rifles or of insurgents burying their dead.”

Second Sharkey explains the Principle of Proportionality. Sharkey applies the Principle of Proportionality in that an Autonomous System cannot perform the human subjective balancing act required to make proportionality decisions. There is no way possible to give an insurgent a numerical value that could be compared to the number of civilian casualties. When a commander makes a decision he must first weigh all of the options and then decide which is the best course of action to take. These decisions could not be done by an algorithm and therefore could not be left up to a computer. While humans do make errors, Sharkey claims that humans can be held accountable. It would be impossible to hold a drone to blame for an action that was does unethically.


                Sharkey’s argument that the moral issue of Autonomous Systems needs to be addressed is sound. However I would like to raise objections to three of his points. First I will address the claim that moral disengagement by remote pilots will only be exacerbated by the use of autonomous robots. Secondly I will oppose Sharkey’s point that ‘Man-on-the-Loop’ Systems are impractical without the development of Autonomous Systems. And finally I will object to his claim that Autonomous Systems cannot implement the principle of discrimination. Once I have objected to these three claims made by Sharkey, I will present two practical implications of my objections to the article.

Sharkey’s claims that the by removing two of the obstacles common to all warfighters through the use of UAVs that the implications of each kill will not be fully considered. While it is true that for the first time in history the fighter does not have to fear death and that while the resistance to killing may not be completely gone, it can be said it has diminished. This does not mean that humans will act “without adequately considering the consequences.” (Sharkey) On the contrary, now that these obstacles have been removed, specifically the fear of death, the warfighter can now focus more on the implications of an act without being distracted by instinct. These UAVs do not need to have self-preservation as their foremost drive like humans do.  They are able to act in a self-sacrificing manner without any reservation, carrying out the commander’s intent without distraction. The fear of death does not instill in the warfighter a sense of what is right and what the consequences of an action will be. By removing this obstacle, the ‘Man-on-the-Loop’ or even Autonomous System will be able to adhere to the rules of engagement with more precision. With these obstacles gone there will no longer be the need for a ‘shoot first, ask-questions later’ approach.

                My second objection is to Sharkey’s claim that the development of ‘Man-on-the-Loop’ Systems will inevitably lead to Autonomous Systems. Sharkey supports this claim by explaining that the time delay between operator and system is too long for a practical implication of these UAVs especially when fighting with other aircraft. However, there is no longer a case where aircraft are fighting other aircraft.  These UAVs are currently being used for reconnaissance and the destruction of ground targets. While ground targets may be in moving cars, the time delay does not impede on the UAVs mission to destroy the target. While UAVs may not be able to destroy other aircraft in a traditional dogfight, the likelihood of a UAV getting into a dogfight is slim. The creation of ‘Man-on-the-Loop’ Systems does not necessarily imply that there will also be Autonomous Systems. The creation of an Autonomous System that kills without consulting a human would not be an improvement over ‘Man-on-the-Loop’ Systems because the problems it would solve are not critical factors. The implementation of an Autonomous System is simply not needed in today’s world or in the near future. 

                Finally I object to Sharkey’s claim that an Autonomous System would not be able to implement the principle of discrimination. Sharkey makes this argument by saying that an Autonomous system could not differentiate between a “child being force to carry empty rifles” (Sharkey) and an insurgent. These UAVs can gather much more information than any human possibly could. “This data can arise from multiple remote sensors and intelligent (including human) sources, as part of the US arms network-centric warfare concept and the concurrent development of the Global Information Grid.” (Arkin) While it is true that no intelligence is perfect, and that mistakes will be made, these machines will be able to consider all of the intelligence and form conclusions that would be impossible for humans. A simple ski mask or hooded sweat shirt would deter any human just as much as it would an Autonomous System. Furthermore an Autonomous System does not have any preconceived profiling that a human is subject to. The common mistake of profiling a subject based on race would not affect these Systems.


                While Sharkey’s argument does have some flaws in its premise, the overall assumption that UAVs will change is correct. These Systems whether they evolve to fully Lethal Autonomous Systems or not will change the way our military operates. They have removed the warfighter from the battle field and hopefully lowered casualties, both civilian and military. By allowing the progression of these systems they will only improve their effectiveness. If these systems have the desired outcome of localizing the destruction of war only to those who are attempting to destroy peace they will effectively increase the overall happiness of both the civilian population that is affected by the war and the military forces that are attempting to restore peace. As John Stewart Mill explains in Utilitarianism “The creed which accepts as the foundation of morals, Utility, or the Greatest Happiness Principle, holds that actions are right in proportion as they tend to promote happiness, wrong as they tend to produce the reverse of happiness. By happiness is intended pleasure, and the absence of pain; by unhappiness, pain, and the privation of pleasure.” (Mill) These systems should be allowed to progress, not without scrutiny, but progress all the same because they are an attempt to limit the destruction that is caused by war.

                While the hope with these systems is that they will promote net happiness by reducing the pain caused by war, that can only be achieved if our military leaders employ them correctly and morally. By perfecting this tool for our military, more responsibility will be placed on our leaders to use them with a moral code that will benefit the mission in particular and the country at large. No longer will our leaders be able to provide only a mission goal and leave the implementation up to the interpretation of their subordinates. What is morally correct will now be directly determined by the leaders in control of these systems. Following established decision matrices such as described by Dr. Jensen in “Hard Moral Choices in the Military” will help augment these decisions. However it is imperative that our leaders be taught the application of ethics to help them when dealing with these decisions. 

Arkin, Ronald. "The Case for Ethical Autonomy in Unmanned Systems." Journal of Military Ethics 9.4 (2010): 332-41. Taylor and Francis Online. Web. 1 May 2015. 


Mark N. Jensen (2013( Hard Moral Choices in the Military, Journal of Military Ethics, 12:4, 341-356, DOI:10.1080/15027570.2013.869897

Mill, John Stuart (2012-05-17). Utilitarianism (p. 11).  . Kindle Edition.

Sharkey, Noel. "Saying ‘No!’ to Lethal Autonomous Targeting." Journal of Military Ethics 9.4 (2010): 369-83. Taylor and Francis Online. Web. 1 May 2015. 



Friday, April 17, 2015

Could a Hacker Shut Down the Engines Using Onboard Wifi?

Sitting down with my morning coffee and iPad, I came across a piece of aviation clickbait that seemed to be of the standard  "seven things pilots don't want you to know" variety. The report was about a computer security expert being pulled off a United Airlines flight and questioned by the FBI about hacking into airplane systems.

The expert being questioned was a man named Chis Roberts, CTO of One World Labs, who had previously claimed that vulnerabilities in aircraft in-flight entertainment systems could possibly be used to "turn the engines off at 35,000 feet". The tone of the report was that of the breathless whistleblower sort where a person with critical knowledge was being corralled by "the system". Think Erin Brockovich of the skies I suppose.

At first blush, I thought the whole concept of hackers infecting avionics was ridiculous and that this guy, who's firm had three employees in 2011, was simply a self promoter selling a bit of sensationalism. After listening to an interview with him, I'm not so sure that his premise is completely implausible.

For a hacker to gain access to aircraft data and control systems there has to be some sort of link. That is, if the systems are not physically connected, there can't be any way to get in. So I was thinking that's that: there's no connection between passenger entertainment systems and the cockpit, but I was wrong. There is.

Most entertainment systems, including the wifi on the planes I fly, feature flight tracking information which comes from the aircraft's air data and flight management computers. Information like arrival times, flight plan, altitude, heading and airspeed comes from flight computers and is relayed through a data bus to the wifi and entertainment systems.

Knowing that this data bridge exists, could a resourceful hacker exploit this path to cause trouble? My thought is that if there is a will there is a way. I am no computer guru as my expertise in coding consists of some Fortran language skills used in college many decades ago, but I also know that many computer experts consider no computer network to be completely invulnerable.

If anyone remembers the Stuxnet affair of a few years back, hackers (who were eventually revealed as US intelligence assets) were able to infiltrate Iranian computer networks. They inserted malware which found it's way to the controllers of the centrifuges the Iranians were using to purify uranium. The bug subtly caused the machines to tear themselves apart setting the program back years.

This was an international effort complete with skullduggery which included breakins at some Taiwanese firms to get computer keys which allowed access to the networks and centrifuges. I'm still waiting for the movie. So it seems to me to be at least plausible that airplane systems could be exploited.

I guess that begs the question of why someone would wish to sabotage an airplane on which they were riding, but I think we know the answer to that one. Or, should a method be perfected, an innocent mule could then be sent on a one way trip with a laptop.

Am I particularly worried about my engines shutting down unexpectedly on my next flight? Not really. The 737s I fly have old school hydraulic flight controls, and while the engine controls are electronic, the fuel shutoff valves are not. But on the newest Boeings and Airbuses, you can pretty much count on everything being controlled by some sort of computer.

Make no mistake, the computers on commercial aircraft are extremely robust and designed with multiple failure modes but they are still computers. Simple safety features such as air gaps to isolate critical systems or perhaps unwritable firmware might be employed as countermeasures. An even simpler solution might be to completely isolate all passenger and airplane systems. Get the inflight data from a parallel but separate system.

I can't imagine that this subject has not been discussed and considered by the designers of aircraft computer architecture. A quick search found at least one commercial firm offering software security services for airlines. Apparently the FBI had some concerns. And as the gentleman on the interview mentioned, such an effort would require an expert depth of knowledge of the design of many different control and software systems to pull it off.

It seems that not a day goes by where we don't hear about crappy software or shoddy network security practices resulting in the theft of millions of credit cards or corporate technology. Software designers of avionics have enough of a headache just getting all their millions of lines of code to work properly without having to consider the additional burden of potential malware gumming up the works.

Let's hope that they have this on their radar.