




Aviation Instruments Encrypt Engine-Monitor Data 152
kitplane01 writes "Airplanes engines need to always work, and are monitored by engine monitors. JP Instruments' engine-monitor units have begun to encrypt the data output of its monitors so it can't be read by third-party software. Whether this is to protect itself liability-wise or to discourage competitors is unclear. It seems the company is working on a fix, which may require a fee from users to translate the file format."
Terrorism (Score:4, Funny)
Re:Terrorism (Score:1)
One more thing, how could they listen? It's not like its radio broadcasted.
Re:Terrorism (Score:3, Funny)
In this post 9/11 world, sarcasm is no longer allowed as it is unpatriotic. If you need proof of that, remember that it is often practised in old Europe and thus not in line with American values...
Re:Terrorism (Score:2)
Re:Terrorism (Score:1)
Re:Terrorism (Score:1)
Well, actually it is. Scroll down to my ACARS telemetery post or read this. [acarsonline.co.uk]
Re:Terrorism (Score:3, Funny)
but this is content encryption. Obviously the main justification for it is to stop the pirates. God Bless the DMCA.
Oh, and it's also there to protect our children against the child molestors. Uhhhh... but I haven't quite figured out that part yet.
-
proprietary lock in? (Score:2, Insightful)
Hopefully no more companies in the industry will follow
Re:proprietary lock in? (Score:5, Funny)
We can still get it for free. Just set a camcorder in front of the instrument panels and press "RECORD".
Re:proprietary lock in? (Score:2)
Re:proprietary lock in? (Score:2)
Maybe they are concerned with feeding forged engine data to the monitors? If it's properly encrypted, you can make sure that no one has tampered with the data (for example, by installing some middlebox which covers up a few nasty things which are going on).
Re:proprietary lock in? (Score:5, Informative)
Re:proprietary lock in? (Score:2)
I know you you can tag on an encrypted checksum... But when you have the raw data, that gets easier to reverse engineer...
Re:proprietary lock in? (Score:2)
Of course this is vulnerable to taking the hardware apart to find the key but there are tamper-proofing methods to make this difficult.
You are assuming civilian only ... (Score:2)
You are assuming civilian applications only. If they are making equipment for the military, or hope to, then this makes sense. As for doing so in civilian equipment the parts may be common, or will be, with military equipment, or this may be a test. If the appropriate maintenance and investigatory personnel are given unfettered access to the actual data this
Re:You are assuming civilian only ... (Score:2)
How so? The encryption is, as far as I can make out from the brief article, in the testing equipment, not the actual engine. What is it protecting, and from who?
Re:Attention all /. grammar zealots, help wanted! (Score:2)
from who? Or. from whom?"
Should it be:
Or: from whom?
Re:Attention all /. grammar zealots, help wanted! (Score:2)
Since it bothered you, you could have spent a few seconds to work it out. Whom if the object, who if the subject. So I should have used "whom".
Re:Attention all /. grammar zealots, help wanted! (Score:2)
Re:proprietary lock in? (Score:1)
It sounds like... (Score:5, Insightful)
Re:It sounds like... (Score:1)
I wouldn't say there is no other reason to encrypt sensor data, though in this case, it very well could be proprietary lock-in.
For instance, if enough information is recorded, you could reconstruct the whole flight using the sensor data in a flight simulator. This is very useful in determining exactly when and where a fault took place. There are many cases, however, where you don't want free and open access to that information (think military aircraft flights).
Re:It sounds like... (Score:3, Insightful)
Auto industry (Score:5, Interesting)
Re:Auto industry (Score:4, Insightful)
Re:Auto industry (Score:2)
Re:Auto industry (Score:2)
Re:Auto industry (Score:4, Informative)
For example, there was a case some time ago where the propeller came apart in a commercial plane (this was not obvious at the time) and the engine vibrated itself to bits in a few seconds (THAT was obvious, once the pilots actually looked at the engine. Before that, they'd thought they'd just lost the engine in a more `normal' way.) The plane had enough thrust to maintain altitude after losing an engine under normal conditions, but in this case the destroyed engine had much more drag than a normal non-functional engine, and the plane could not maintain altitude, and eventually crashed.
The crash was bad, but controlled. Nobody was killed by the crash, but the plane was basically destroyed. Unfortunately, destroyed planes tend to leak fuel, and this one did, which promptly ignited, and ultimately about half the people aboard died due to the fire.
This was all described in a show about aviation disasters on the Discovery Channel. Maybe somebody else can provide more details.
Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.
But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)
However, when you talk about private planes, the fatal accident per flying hour ratio is signifigantly actually higher for two engine planes than single engine planes. This is because a two engine plane is quite difficult to fly with an engine out, and this tends to cause fatal accidents. In a single engine plane, when you lose your engine, all you can do is look for a good place to land (or crash, if you can't find a good place.) But even if you crash, you're likely to be in control of the plane and while the plane is likely to be destroyed, you're likely to survive.
But in a dual engine plane, what often happens is that the sudden yaw as the engine is lost causes the plane to turn into a lawn dart, killing all aboard. Yes, a good and alert pilot can prevent this from happening, but mistakes are often made.
Re:Auto industry (Score:5, Informative)
Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.
Yes they do, its called ETOPS (Extended-range Twin-engine Operation Performance Standards) and it governs how far a twin engined commercial airliner can be from an alternate airport at any given moment, usually in minutes and reachable on a single engine within that time. Standard ETOPS times are 180 minutes for nearly all major twin engine aircraft, including the A330 and 767, while the 777 gets 207 minutes due to uprated engines and higher safety statistics.
Private jets are excluded in the FAA jurisdiction, but must stick to 120 minutes in the JAA jurisdiction.
But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)
Again, all civilian airliners are required to be able to loose an engine on takeoff, be able to complete the takeoff and the go around without issue and land again.
Re:Auto industry (Score:1, Funny)
Re:Auto industry (Score:2)
Re:Auto industry (Score:2)
Re:Auto industry (Score:2)
Re:Auto industry (Score:1)
It's actually interesting that this came up. I literally just watched that particular show today, not five hours ago. The show is on the National Geographic Channel [nationalgeographic.com], and is titled "Air Emergency". It's an hour-long series of various air disasters.
The one about the broken propeller and the shredded engine is specifically titled "One Wing Flight", which as I said was t
Just like Auto Engine Computers and Lexmark (Score:5, Informative)
You should also take a look at Lexmark and how they used DMCA to sue Static Control Corp, an aftermarket inkject cartridge manufacturer. Earlier Slashdot story [slashdot.org]
Re:Just like Auto Engine Computers and Lexmark (Score:2)
Only a few safety related aspects of onboard automotive computers were standardised into law (iso safety standards possibly).
Unfortunately not much is covered by the law, so when your Beemer goes wrong the mechanic can rarely fix it by the side of the road. You then have to have it to a BMW dealer who then can charge a premium. Anti-competitive and dangerous, exactly the sort if thing that affects my voting pen.
Re:Just like Auto Engine Computers and Lexmark (Score:1)
Liability (Score:1)
Re:Liability (Score:2)
Re:Liability (Score:2)
No, you're thinking of the large military contractors. We're talking about small-scale civil aviation. Boeing, Lockheed, et al don't produce the class of civil aviation products (i.e. light planes) that are subject to the kind of absurd liability claims that drove the old Piper company out of business. Companies like Beech, Cessna, Mooney, or Piper don't receive "taxpayer subsides", even in the form of military contracts. Really, you should make sure you understand th
Re:Liability (Score:3, Insightful)
As for the smaller aviation industry, Doc's jibe is still perfectly valid. It was a jibe against the federal government, and it's the federal regulations controlled by federal politicians and influencing the opinions of federal judges which allows the liability lawsuits to decimate any company which may have a chance at competing with the big aviation industry.
So, next time, be more polite and consider what the other person is saying before you d
Re:Liability (Score:1)
Once again? Bush signed the Class Action Fairness [sic] Act [washingtonpost.com], which reduces the ways in which class action lawsuits against major corporations can be instigated. Corporations that could still be sued were very pleased.
BTW: Did you know that, in all likelyhood, you've signed away your right to sue your bank, mortgage, or credit card company?
Re:Liability (Score:1)
Re:Liability (Score:1)
Re:Liability (Score:1)
I really had hoped that you had thought about it more than that. Clue: It's a game within a game within a game. Sometimes some people want the lawsuits, and sometimes other people want the lawsuits, and sometimes some other people don't want the lawsuits. Usually the people who want them and the people who don't want them maintain their opinions and sides pre, during, and post lawsuit bu
Re:Liability (Score:1)
Relax. No one said anything about activist judges, AC. The OP bemoaned product liability for the aviation industry. Doc's comment amounted to "blame it on the feds" by bringing the concept of political corruption and graft to light in the form of taxpayer subsidies. Dun then went off on Doc as if the feds have nothing to do with it. But apparently there's something about the rules of business and aviation which Dun, and you,
Re:Liability (Score:2)
You might take note that condescending "advice" about snide comments and misunderstanding the point usually comes from projected insecurities of your own. You look wiser when taking your own advice first,
PACE AP (Score:5, Interesting)
I use some software that is protected using PACE's Interlok system. Unfortunately, the anti-piracy software is stopping me from legitimately using the software, refusing me the ability to serialize it on my machine.
PACE's response? Send us the encrypted log file! They won't tell me what's in the log file, nor will they allow me to see it before sending it.
Any amount of personal information could be in there, so I refuse to send it to them.
Since when doesn't everything need to be encrypted to keep legitimate users from reading it?
Re:PACE AP (Score:1)
when people stop buying their crap, they might wise up or go belly up.
Also the Gemini: (Score:5, Interesting)
The Gemini goes about data-logging quite differently. When you want to see what's been happening, simply point the supplied Hewlett-Packard HP200LX palmtop at the Gemini's faceplate and the information will be transferred by infrared link. The information remains encrypted in the HP200LX--it cannot be altered by the user- -so it may be more useful to resolve a warranty dispute or to see how renter-pilots are treating your leaseback bird.
Re:Also the Gemini: (Score:4, Insightful)
And if format of the stored data can be reverse-engineered (e.g. by decompiling the reader code), the decryption process becomes that much easier.
Although the 'article' sounds like it's designed to sell magazines more than anything else. No links to any of those forums where the users are supposedly up in arms, for example.
Re:Also the Gemini: (Score:3, Insightful)
Now, I c
Re:Also the Gemini: (Score:2)
As am I, but having never said that, I'm just startled at the non-sequitor. Not reading the article is bad enough; not reading the comments is something else altogether!
Re:Also the Gemini: (Score:1)
Re:Also the Gemini: (Score:2)
Re:Also the Gemini: (Score:2)
Anyway, thanks for the input. And I wish *I* had a Mooney.
Re:Also the Gemini: (Score:5, Insightful)
Re:Also the Gemini: (Score:1)
There is no excuse for encrypting the data. In fact, if they have a poor implementation it may be possible to replace the data with altered encrypted data.
What the data needs is a hash signature to prove the data hasn't been altered, but the data should still be in clear text.
ACARS telemetery data (Score:4, Interesting)
Re:ACARS telemetery data (Score:4, Informative)
Re:ACARS telemetery data (Score:2, Informative)
Re:ACARS telemetery data (Score:2, Funny)
Re:ACARS telemetery data (Score:1)
Re:ACARS telemetery data (Score:2)
Aircraft crash data? (Score:5, Interesting)
However, wouldn't encrypted data bring with it the risk that you couldn't get the data back? What happens if you have partial encrypted data in the system? Is there a risk that the encryption could make piecing together accidents more time-consuming or render the data useless to the investigation?
In theory, could it even assist denying responsibility if the engine itself was the cause of a crash?
Re:Aircraft crash data? (Score:1)
plagiarism (Score:3, Insightful)
Any particular reason "kitplane01" came within a sentence or two of posting the entire story in his/her submission?
It's completely uncredited, and presented as material he/she wrote; that's called plagiarism, folks. Though things have gotten better over the years (I remember when more than half of the stories on the front page were like this), this still happens too often.
It's also pretty pointless. The story summary is supposed to accurately describe the story, to help us determine if we want to follow the link, or read commentary.
Re:plagiarism (Score:1)
Re:plagiarism (Score:1)
Kitplane01 is providing a link to the article. We know the post is paraphrased.
There's no practical reason? (Score:5, Interesting)
Re:There's no practical reason? (Score:4, Insightful)
Re:There's no practical reason? (Score:1)
Re:There's no practical reason? (Score:1)
> engine diagnostics, so hopefully they don't know how to read that. [It's not
> like its easy to read in the first place. You need the right connectors and
> power supply, and you'd need the software to read it off of there, and that
> stuff is pretty hard to get if you're not supposed to have it, let alone to
> understand how to do it by yourself if you don't have the equipment!] So, all in
> all, i don't think the
Re:There's no practical reason? (Score:1)
Re:There's no practical reason? (Score:2)
This isn't for military aircraft, it's a civil aviation product. Military instrumentation has nothing to do with this situation.
Re:There's no practical reason? (Score:2)
outside the american military its 2005, inside its still the 1950's.
Why is the US spending on defence more than 4 times what the chineese are spending ?
Re:There's no practical reason? (Score:1)
Re:There's no practical reason? (Score:2)
Re:There's no practical reason? (Score:2)
Well, I know it's illegal for cars (Score:5, Interesting)
I know there are laws in place to keep automobile manufacturers from doing the same thing (since I make auto scantools for a living). That's one of the main reasons why the industry moved towards OBDII - to be compliant with the disclosure law.
Maybe the rules apply to aircraft as well, and there's already a legal fix?
I won't be able to ask anyone at work about which laws are in place until Monday, but this article has me curious about the legality of encrypting this kind of data for non-automobiles. If I find anything out, I'll post it here.
Re:Well, I know it's illegal for cars (Score:1)
AFAIK, the OBD-II requirement involves exclusivly emmissions related data. It's not about allowing vehicle owners to fix their own vehicles or any other purpose. Take a look (since you make scantools) at which PID's are documented and known to the public. Compa
Re:Well, I know it's illegal for cars (Score:2)
AFAIK, the OBD-II requirement involves exclusivly emmissions related data. It's not about allowing vehicle owners to fix their own vehicles or any other purpose.
I'm new to working on the sofware (was doing hardware for the last year) and currently only fiddling around with ISO 9141-2 communication, so your post got me thinking. Had to do a little research. I wasn't able to find the text of the law, but I did find an online post about what codes are covered by OBD II, here [geocities.com].
IIRC, the whole OBD II thin
Re:Well, I know it's illegal for cars (Score:2)
Well, currently I'm working on an ISO 9141-2 protocol. Some packet types have a simple checksum. Some don't. It's not up to your ethernet standards, that's for sure.
Encoded (Not Encrypted) (Score:5, Informative)
Re:Encoded (Not Encrypted) (Score:1, Interesting)
If you don't know how a datafile was created, it may as well be encrypted, since it's meaningless to you. I fail to see the distinction.
It's funny how insulting Slashdot gets the most illogical of posts rated up.
let the market decide (Score:2)
Re:let the market decide (Score:1, Interesting)
It's too bad, (1) because I had wanted to get my EDM-700 upgraded to the EDM-800, which has fuel flow data as well; (2) because I spent money getting a serial port installed in my instrument panel so I could download the data easily, and that money has now gone to waste.
This wont last long (Score:3, Interesting)
"Can you say, with absolute certainty, that no third party fault detector would have found the problem with your engine?"
"No, but..."
"So, you intentionally embarked on a development program that hid problems with your engines. Thank you."
This exchange, vaguely hinted at by FAA, would be quite enough.
Re:This wont last long (Score:3, Informative)
In case you see this:
A problem with the engine can take down the plane.
FAA policy is that plane crashes are very, very bad. Absurd amounts of procedures are created to prevent plane crashes. Liability for plane crashes can be massive.
The engine manufacturer can't rule out that third party tools would find different problems than their own; the whole point of you owning this third party device is that, as a pilot, you've made a judgement call that the manufacturer's supplies were in
Auto Makers (Score:2, Redundant)
True airplanes engines are not quite the same thing, or as large a market but the principle is the same.
Re:Auto Makers (Score:3, Informative)
"Fix"? (Score:3, Insightful)
this is to stop cheaters (Score:1, Interesting)
Re:this is to stop cheaters (Score:1)
Aviation? Encrypted? DRM it! (Score:1)
Hope they will not opt to DRMfy they data. Just try to imaging message on plane: "Dear guests our plane is crashing down due to expired license for motor control protocol encryption. Please festen your belts and pray."
Well, IIRC, this [CENSORED] was already tried in medicine and failed. No system is allowed to use encryption for sake of encryption when human life is at stake. Both medical l
Re:Aviation? Encrypted? DRM it! (Score:2)
Re:Aviation? Encrypted? DRM it! (Score:1)
Honestly, I am, as a programmer, bemused by industrial automation people all the time I have to work with them.
Money squeezing is norm of life: complaining aloud about say analyzer with encrypted data format so now they cannot use their expensive software from 3rd party. On first turn. And then, on second turn, during meeting they'll be first to propose change in file format just to ensure that customers will not be able to use cheap tools to read them.
I'm seeing that sh
The encryption is for MSOffice-style lock in (Score:5, Informative)
In a nutshell JPI's owner has some vendetta against a competing company that was selling software to read and analyze the data from the JPI analyzer. JPI changed the format of the data output from the serial port of the device, and the format it was stored in the device's non-volatile RAM.
JPI had sold software for Palm OS that would connect to the serial port and display the data in graphical format in real time on a Palm Pilot. Since the data stream was ASCII text you could do the same with any laptop.
JPI had also supplied what at first they sold, but later became a free DOS utility called EZ-Save that would download the data and uncompress it to a comma separated plain text file. They also made available some Excel spreadsheets with macros that would turn the data into some nice charts for easy analysis.
At some point recently the owner got bug up his backside about some competitor that is selling a competing program to analyze the data. JPI changed the steam and the stored data on current products to use encryption and removed all traces of the utilities on their web site. Of course this did not affect the 1000s of products already installed in planes. What they were doing though, was updating the firmware on any that came in service to have the encryption. Based on that, I vowed I wouldn't send mine in for repair if it burst into flames.
Some excerpts from a aircraft owner mail list:
Piston Engine Monitors for Aviation (Score:2)
1) The data in the engine monitor of my airplane will help me diagnose problems before they become serious. I had an intake valve get sticky on me once. It happened while decending from 5000 to 3000 AGL. I was too damned busy configuring for best glide, scrambling for my engine out check list, and considering whether to declare an emergency to look over at the monitor. By the time I had the presence of mind to do that, the p
Re:Needs oil.... (Score:2)
Wrong article. I think you meant to put it somewhere else. This article is about aviation equipment.