Having admitted that last week's air traffic control system crash was due to the fact that a U-2, Cold War-era, spy plane still in use by the U.S. military sparked a "glitch" in radar systems and grounded all west coast planes for over 45 minutes, Reuters reports that an inside account suggests this was due to a common design problem in the U.S. air traffic control system - a lack of memory in the computer! What is perhaps more worrisome, in theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, the experts said, and "shows a very basic limitation of the system," and could be used as a new "attack surface."
As Reuters reports, a common design problem in the U.S. air traffic control system made it possible for a U-2 spy plane to spark a computer glitch that recently grounded or delayed hundreds of Los Angeles area flights, according to an inside account and security experts.
As aircraft flew through the region, the $2.4 billion system made by Lockheed Martin Corp, cycled off and on trying to fix the error, triggered by a lack of altitude information in the U-2's flight plan, according to the sources, who were not authorized to speak publicly about the incident.
FAA spokeswoman Laura Brown said that process "used a large amount of available memory and interrupted the computer's other flight-processing functions".
The FAA later set the system to require altitudes for every flight plan and added memory to the system, which should prevent such problems in the future, Brown said.
The U-2 had a complicated flight plan which blew the system...
The ERAM system failed because it limits how much data each plane can send it, according to the sources. Most planes have simple flight plans, so they do not exceed that limit.
But a U-2 operating at high altitude that day had a complex flight plan that put it close to the system's limit, the sources said.
The plan showed the plane going in and out of the Los Angeles control area multiple times, not a simple point-to-point route like most flights, they said.
The flight plan did not contain an altitude for the flight, one of the sources said. While a controller entered the usual altitude for a U-2 plane - about 60,000 feet - the system began to consider all altitudes between ground level and infinity.
The conflict generated error messages and caused the system to begin cycling through restarts.
"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."
But it opens up a host of concerns...
"If it's now understood that there are flight plans that cause the automated system to fail, then the flight plan is an 'attack surface,'" said Dan Kaminsky, co-founder of the White Ops security firm and an expert in attacks based on over-filling areas of computer memory.
"It's certainly possible that there are other forms of flight plans that could cause similar or even worse effects," Kaminsky said. "This is part of the downside of automation."
Moss said many hackers have been studying aspects of a new $40 billion air traffic control system, known as NextGen, which encompasses ERAM, including its reliance on Global Positioning System data that could be faked.
In conclusion - as one former military pilot noted...
"It would be hard to replicate by a hostile government, but it shows a very basic limitation of the system."