Aviation Instruments Encrypt Engine-Monitor Data

kitplane01 writes "Airplanes engines need to always work, and are monitored by engine monitors. JP Instruments' engine-monitor units have begun to encrypt the data output of its monitors so it can't be read by third-party software. Whether this is to protect itself liability-wise or to discourage competitors is unclear. It seems the company is working on a fix, which may require a fee from users to translate the file format."

Terrorism

[Anonymous Coward]

I think its to prevent terrorists from listening in on engine data.....God Bless America

Re:Terrorism

[Leroy_Brown242]

Call me dense, but how would this help?

One more thing, how could they listen? It's not like its radio broadcasted.

Re:Terrorism

[xlv]

Call me dense, but how would this help?

In this post 9/11 world, sarcasm is no longer allowed as it is unpatriotic. If you need proof of that, remember that it is often practised in old Europe and thus not in line with American values...

Re:Terrorism

[Leroy_Brown242]

It's hard to tell what's a joke and what's serious any more.

Re:Terrorism

[fatman22]

It's all pretty much a joke any more. Worthless, ineffective, inefficient, and illogical knee-jerk reactions driven by ignorance and emotion. The terrorists are winning.

Re:Terrorism

[AndroidCat]

It's not like its radio broadcasted.

Well, actually it is. Scroll down to my ACARS telemetery post or read this. [acarsonline.co.uk]

Re:Terrorism

[Alsee]

Yeah yeah yeah... it's there to help defend against terrorists too...
but this is content encryption. Obviously the main justification for it is to stop the pirates. God Bless the DMCA.

Oh, and it's also there to protect our children against the child molestors. Uhhhh... but I haven't quite figured out that part yet.

-

proprietary lock in?

[dclaw]

this seems like an incredibly stupid and public way of locking customers into paying for information they were already previously getting for free.

Hopefully no more companies in the industry will follow

Re:proprietary lock in?

[Jorkapp]

this seems like an incredibly stupid and public way of locking customers into paying for information they were already previously getting for free.

We can still get it for free. Just set a camcorder in front of the instrument panels and press "RECORD".

Re:proprietary lock in?

[NateTech]

We'll all enjoy watching the camcorder bounce off your head in turbulence.

Re:proprietary lock in?

[Florian Weimer]

this seems like an incredibly stupid and public way of locking customers into paying for information they were already previously getting for free.

Maybe they are concerned with feeding forged engine data to the monitors? If it's properly encrypted, you can make sure that no one has tampered with the data (for example, by installing some middlebox which covers up a few nasty things which are going on).

Re:proprietary lock in?

[hsenag]

The right way to achieve that would be a digital signature, not encryption.

Re:proprietary lock in?

[stephenisu]

And how do you do a secure digital signature without encryption on a thoretically open line?

I know you you can tag on an encrypted checksum... But when you have the raw data, that gets easier to reverse engineer...

Re:proprietary lock in?

[hsenag]

Errm, not quite sure what you mean. I was assuming that the hardware would have some private key embedded and that would be used to sign the output. The public key would be freely available and could be used by anyone to check the output really came from the hardware.

Of course this is vulnerable to taking the hardware apart to find the key but there are tamper-proofing methods to make this difficult.

You are assuming civilian only ...

[AHumbleOpinion]

this seems like an incredibly stupid and public way of locking customers into paying for information they were already previously getting for free.

You are assuming civilian applications only. If they are making equipment for the military, or hope to, then this makes sense. As for doing so in civilian equipment the parts may be common, or will be, with military equipment, or this may be a test. If the appropriate maintenance and investigatory personnel are given unfettered access to the actual data this

Re:You are assuming civilian only ...

[1u3hr]

ou are assuming civilian applications only. If they are making equipment for the military, or hope to, then this makes sense.

How so? The encryption is, as far as I can make out from the brief article, in the testing equipment, not the actual engine. What is it protecting, and from who?

Re:Attention all /. grammar zealots, help wanted!

[Catbeller]

" Should it be:
from who? Or. from whom?"

Should it be:

Or: from whom?

Re:Attention all /. grammar zealots, help wanted!

[1u3hr]

" Should it be: from who? Or. from whom?"

Since it bothered you, you could have spent a few seconds to work it out. Whom if the object, who if the subject. So I should have used "whom".

Re:Attention all /. grammar zealots, help wanted!

[AstroDrabb]

I don't get it [curenational.org].

Re:proprietary lock in?

[omb]

And the FAA should ensure they do not do this!

It sounds like...

[uberdave]

It sounds like propriety lock-in to me. There is no other reason to encrypt diagnostic data.

Re:It sounds like...

[theperplepigg]

I wouldn't say there is no other reason to encrypt sensor data, though in this case, it very well could be proprietary lock-in.

For instance, if enough information is recorded, you could reconstruct the whole flight using the sensor data in a flight simulator. This is very useful in determining exactly when and where a fault took place. There are many cases, however, where you don't want free and open access to that information (think military aircraft flights).

Re:It sounds like...

[uberdave]

A few points:

1. Military aircraft are maintained by military personnel.
2. Data encryption, if needed, should be end user selectable, not locked in by the equipment vendor against end user wishes.
3. I seriously doubt that you could determine anything more than altitude from the engine performance data. You would need data feeds from the navigation system to determine where the plane was.

Auto industry

[doormat]

As long as the auto industry doesnt follow. There was a big deal over the use of car makers to provide info to third parties for the onboard electronics. I dont know what the status is now, I heard a while ago that the information is disorganized and hard to utilize. Auto dealers love it because it forces you to use their facilities at highly marked up prices, and puts 3rd party auto mechanics into a corner.

Re:Auto industry

[ScrewMaster]

I remember Congress was looking at legislation to require automakers to make OBDII data more readily available to car owners and independent service shops. Does anyone else know what, if anything, became of that?

Re:Auto industry

[NateTech]

It passed. OBD-II is a standard. However additional data beyond OBD-II's spec can still be proprietary.

Re:Auto industry

[doormat]

Granted it would be a memorable experience, having one aircraft engine die in flight (on any large commercial aircraft - boeing, etc), you'd still be able to make it back and land. Its more or less required that you can have an engine fail and still be able to fly and make it to land safely.

Re:Auto industry

[dougmc]

Its more or less required that you can have an engine fail and still be able to fly and make it to land safely.

That's the goal, but it depends on where and how the engine fails, and the skill of the pilot.

For example, there was a case some time ago where the propeller came apart in a commercial plane (this was not obvious at the time) and the engine vibrated itself to bits in a few seconds (THAT was obvious, once the pilots actually looked at the engine. Before that, they'd thought they'd just lost the engine in a more `normal' way.) The plane had enough thrust to maintain altitude after losing an engine under normal conditions, but in this case the destroyed engine had much more drag than a normal non-functional engine, and the plane could not maintain altitude, and eventually crashed.

The crash was bad, but controlled. Nobody was killed by the crash, but the plane was basically destroyed. Unfortunately, destroyed planes tend to leak fuel, and this one did, which promptly ignited, and ultimately about half the people aboard died due to the fire.

This was all described in a show about aviation disasters on the Discovery Channel. Maybe somebody else can provide more details.

Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.

But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)

However, when you talk about private planes, the fatal accident per flying hour ratio is signifigantly actually higher for two engine planes than single engine planes. This is because a two engine plane is quite difficult to fly with an engine out, and this tends to cause fatal accidents. In a single engine plane, when you lose your engine, all you can do is look for a good place to land (or crash, if you can't find a good place.) But even if you crash, you're likely to be in control of the plane and while the plane is likely to be destroyed, you're likely to survive.

But in a dual engine plane, what often happens is that the sudden yaw as the engine is lost causes the plane to turn into a lawn dart, killing all aboard. Yes, a good and alert pilot can prevent this from happening, but mistakes are often made.

Re:Auto industry

[Richard_at_work]

Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.

Yes they do, its called ETOPS (Extended-range Twin-engine Operation Performance Standards) and it governs how far a twin engined commercial airliner can be from an alternate airport at any given moment, usually in minutes and reachable on a single engine within that time. Standard ETOPS times are 180 minutes for nearly all major twin engine aircraft, including the A330 and 767, while the 777 gets 207 minutes due to uprated engines and higher safety statistics.

Private jets are excluded in the FAA jurisdiction, but must stick to 120 minutes in the JAA jurisdiction.

But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)

Again, all civilian airliners are required to be able to loose an engine on takeoff, be able to complete the takeoff and the go around without issue and land again.

Re:Auto industry

[Anonymous Coward]

The commercial pilots who fly the heavy overseas iron (actually Al) have said ETOPS really stands for Enginges Turn Or Passengers Swim!

Re:Auto industry

[agraupe]

The odd thing about this is that, because twin-engine overseas aircraft need to pass this requirement, they have a greater dispatch reliability than an equivilent quad. Why do you think Air Canada went with the 777 over the A340?

Re:Auto industry

[Richard_at_work]

Thats not really odd, twins have less maintenance requirements than quads, but twins are also limited to ETOPS ranges, while quads arent. Air Canada just purchased the planes that matched both the routes they would fly (which are ETOPS compliant) and maintenance requirements, which turned out to be the 777. Other airlines fly ETOPS incompatable routes, and therefor need quads, A340, 747 etc.

Re:Auto industry

[Alioth]

ETOPS actually stands for Engines Turn or Passengers Swim!

Re:Auto industry

[Mousit]

> This was all described in a show about aviation disasters on the Discovery Channel. Maybe somebody else can provide more details.

It's actually interesting that this came up. I literally just watched that particular show today, not five hours ago. The show is on the National Geographic Channel [nationalgeographic.com], and is titled "Air Emergency". It's an hour-long series of various air disasters.

The one about the broken propeller and the shredded engine is specifically titled "One Wing Flight", which as I said was t

Just like Auto Engine Computers and Lexmark

[Tangurena]

The auto companies did something similar with OBD2 compliant engine computers. As a result, the association that represented independant repair shops had to sue the automakers and SAE to get the diagnostic information released.

You should also take a look at Lexmark and how they used DMCA to sue Static Control Corp, an aftermarket inkject cartridge manufacturer. Earlier Slashdot story [slashdot.org]

Re:Just like Auto Engine Computers and Lexmark

[jago25_98]

According to the 2600 automotive networks mp3,

Only a few safety related aspects of onboard automotive computers were standardised into law (iso safety standards possibly).

Unfortunately not much is covered by the law, so when your Beemer goes wrong the mechanic can rarely fix it by the side of the road. You then have to have it to a BMW dealer who then can charge a premium. Anti-competitive and dangerous, exactly the sort if thing that affects my voting pen.

Re:Just like Auto Engine Computers and Lexmark

[matthewcharlesgoeden]

aahh, Lexmark lost, dewd.

Liability

[xfmr_expert]

I doubt this has to do with anything but liability concerns. The aviation industry has been the hardest hit by product liability. It's a miracle anyone is still in business.

Re:Liability

[Doc Ruby]

Yes, the miracle of taxpayer subsidy.

Re:Liability

[Dun Malg]

Yes, the miracle of taxpayer subsidy.

No, you're thinking of the large military contractors. We're talking about small-scale civil aviation. Boeing, Lockheed, et al don't produce the class of civil aviation products (i.e. light planes) that are subject to the kind of absurd liability claims that drove the old Piper company out of business. Companies like Beech, Cessna, Mooney, or Piper don't receive "taxpayer subsides", even in the form of military contracts. Really, you should make sure you understand th

Re:Liability

[SilverspurG]

Within Doc's context, however, he was making a valid point.

As for the smaller aviation industry, Doc's jibe is still perfectly valid. It was a jibe against the federal government, and it's the federal regulations controlled by federal politicians and influencing the opinions of federal judges which allows the liability lawsuits to decimate any company which may have a chance at competing with the big aviation industry.

So, next time, be more polite and consider what the other person is saying before you d

Re:Liability

[shmlco]

allows the liability lawsuits to decimate any company

Once again? Bush signed the Class Action Fairness [sic] Act [washingtonpost.com], which reduces the ways in which class action lawsuits against major corporations can be instigated. Corporations that could still be sued were very pleased.

BTW: Did you know that, in all likelyhood, you've signed away your right to sue your bank, mortgage, or credit card company?

Re:Liability

[SilverspurG]

Bush signed the Class Action Fairness [sic] Act, which reduces the ways in which class action lawsuits against major corporations can be instigated

Bush signed lots of things. What does that have to do with the aviation industry?

Re:Liability

[shmlco]

The parent indicated that the government and major companies WANTED class action lawsuits so they could be used disrupt the minor players. Quite to the contrary, big biz doesn't want any class actions at all, hence the Class Action Fairness [sic] Act.

Re:Liability

[SilverspurG]

Quite to the contrary, big biz doesn't want any class actions at all, hence the Class Action Fairness [sic] Act

I really had hoped that you had thought about it more than that. Clue: It's a game within a game within a game. Sometimes some people want the lawsuits, and sometimes other people want the lawsuits, and sometimes some other people don't want the lawsuits. Usually the people who want them and the people who don't want them maintain their opinions and sides pre, during, and post lawsuit bu

Re:Liability

[SilverspurG]

No. Sorry, you are wrong. It had nothing to do with "activist judges".

Relax. No one said anything about activist judges, AC. The OP bemoaned product liability for the aviation industry. Doc's comment amounted to "blame it on the feds" by bringing the concept of political corruption and graft to light in the form of taxpayer subsidies. Dun then went off on Doc as if the feds have nothing to do with it. But apparently there's something about the rules of business and aviation which Dun, and you,

Re:Liability

[Doc Ruby]

The other post in reply to yours [slashdot.org] makes my comment clearer. The bigger aviation industrialists have survived by the grace of taxpayer subsidy, and cleared competition by lobbying for the current legislative environment in which they are fitter to survive. A take on the scenario with which you seem to agree.

You might take note that condescending "advice" about snide comments and misunderstanding the point usually comes from projected insecurities of your own. You look wiser when taking your own advice first,

PACE AP

[yroJJory]

Not really a whole lot different that PACE Anti-Piracy's latest crap.

I use some software that is protected using PACE's Interlok system. Unfortunately, the anti-piracy software is stopping me from legitimately using the software, refusing me the ability to serialize it on my machine.

PACE's response? Send us the encrypted log file! They won't tell me what's in the log file, nor will they allow me to see it before sending it.

Any amount of personal information could be in there, so I refuse to send it to them.

Since when doesn't everything need to be encrypted to keep legitimate users from reading it?

Re:PACE AP

[KillShill]

since you are a willing slave.

when people stop buying their crap, they might wise up or go belly up.

Also the Gemini:

[Monf]

This is from AOPA's [aopa.org] review of the JPI model and the Insight model - the blurb below refers to the Insight Gemini. Maybe this is what JPI is now doing and why:

The Gemini goes about data-logging quite differently. When you want to see what's been happening, simply point the supplied Hewlett-Packard HP200LX palmtop at the Gemini's faceplate and the information will be transferred by infrared link. The information remains encrypted in the HP200LX--it cannot be altered by the user- -so it may be more useful to resolve a warranty dispute or to see how renter-pilots are treating your leaseback bird.

Re:Also the Gemini:

[wcdw]

Encrypting the data to provide a 'blackbox' is doomed to failure; someone somewhere (outside the US, sad to say) is bound to hack it.

And if format of the stored data can be reverse-engineered (e.g. by decompiling the reader code), the decryption process becomes that much easier.

Although the 'article' sounds like it's designed to sell magazines more than anything else. No links to any of those forums where the users are supposedly up in arms, for example.

Re:Also the Gemini:

[wjsteele]

I'm sorry, but I fail to see how having a 'blackbox' on an airplane is doomed to failure. Blackboxes are standard equipment on larger/complex commercial craft and I think all aircraft should be equipped with one... so that if an accident ever occurs, we can analyze what went wrong. It's always better to have more information than not enough in an accident investigation. And yes, I am a pilot. The state of technology is now available to equip all aircraft at a very resonable cost (including GA.)

Now, I c

Re:Also the Gemini:

[wcdw]

I'm sorry, but I fail to see how having a 'blackbox' on an airplane is doomed to failure.

As am I, but having never said that, I'm just startled at the non-sequitor. Not reading the article is bad enough; not reading the comments is something else altogether!

Re:Also the Gemini:

[SilverspurG]

And if format of the stored data can be reverse-engineered (e.g. by decompiling the reader code), the decryption process becomes that much easier.

So you're saying that this is really a clandestine way for the aviation industry to export their previously illegal-to-export superstrength encryption schemes to their subsidiaries and business partners across the water?

Re:Also the Gemini:

[wcdw]

Except that by 'the article' I meant the one referred to in the top post, not the link you posted, which requires me to remember my AOPA userid/password (and is inaccessible to non-members).

Re:Also the Gemini:

[wcdw]

Frankly, were I a JPI user, I'd be up in arms as well. Knowing that it went as far as having the forums shut down is insightful, but raises more questions as to why that information wasn't in top-posted article.

Anyway, thanks for the input. And I wish *I* had a Mooney. ;) I hear the profile makes for a less forgiving landing profile, although I've never actually flown one.

Re:Also the Gemini:

[VidEdit]

It would seem that JPI is using data integrity as an excuse for DMCA lock in. All they really need for integrity is a signature. Since their are federal regulations about engine overhauls for aircraft, I would think that there is a state interest in the data being accessible, but signed. This is a clear case of the miss-use of encryption.

Re:Also the Gemini:

[VidEdit]

So is iTunes, but that doesn't mean that iTunes Music Store purchases aren't DRM'd.

There is no excuse for encrypting the data. In fact, if they have a poor implementation it may be possible to replace the data with altered encrypted data.

What the data needs is a hash signature to prove the data hasn't been altered, but the data should still be in clear text.

ACARS telemetery data

[AndroidCat]

ACARS [acarsonline.co.uk] is an aircraft data telemetery system that transmits data, sometimes including engine performance, and can be receive with a simple scanner/computer setup.

In this series of two messages, we see a takeoff (TO) engine performance report.

ACARS mode: 2 Aircraft reg: .N651UA
Message label: H1 Block id: 5 Msg. no: D89C
Flight id: UA0978
Message content:-
#DFB97418853250111173 5541565144173614933782162 261527 15
0201 89 -2 0 0 671 146 27 A6F4039C8000080000D32000000000000000000000423

Not that the unencoded info makes much sense, but I guess this will be another thing hidden away from view of nosey geeks. Poot!

Re:ACARS telemetery data

[Derling Whirvish]

You can break out the coded ACARS messages. Here's one example [universal-radio.com] of how.

Re:ACARS telemetery data

[AndroidCat]

There's plenty of software that will listen to the scanner via a sound card and break out the data, but I wasn't sure if anyone had decoded the blocks of engine performance data into anything useful. (Just the altitude/position data is good for a display like this [passur.com].)

Re:ACARS telemetery data

[lxw56]

It's not hidden, you just aren't 31337 enough. It means "left engine 3045 RPM, right engine 3230 RPM, right engine chopped up 2 birds since last reset."

Re:ACARS telemetery data

[AndroidCat]

That would explain the contents of the next message: ALL CRW HAD CHCKN. PLS CNFRM TED STRYKER ONBRD?

Re:ACARS telemetery data

[uberdave]

Umm... ACARS is irrelevant to today's topic. We are talking about an engine monitoring system. ACARS is a digital data link system, which MAY get some of its data from the equipment we're talking about.

Aircraft crash data?

[Aphrika]

I don't know much about these kinds of systems, but I would've always assumed that partial unencrypted data would be much easier to recover in a plane crash situation. I guess it would pretty much instantaneously stop transmitting from the engine in question when the system failed.

However, wouldn't encrypted data bring with it the risk that you couldn't get the data back? What happens if you have partial encrypted data in the system? Is there a risk that the encryption could make piecing together accidents more time-consuming or render the data useless to the investigation?

In theory, could it even assist denying responsibility if the engine itself was the cause of a crash?

Re:Aircraft crash data?

[t_allardyce]

I doubt it would come to that - if a plane has to have a black box by law then there's bound to be some sort of specification it has to follow, the people responsible for the plane will have to pay whatever it costs so that the engine data is properly (legally) recorded, if they can't afford it, then they can't fly the plane. Same goes for any other rules and regulations about instrumentation - they either have to pay this company whatever it costs, or find a way to do it themselves, or not fly. Now if they

plagiarism

[SuperBanana]

Any particular reason "kitplane01" came within a sentence or two of posting the entire story in his/her submission?

It's completely uncredited, and presented as material he/she wrote; that's called plagiarism, folks. Though things have gotten better over the years (I remember when more than half of the stories on the front page were like this), this still happens too often.

It's also pretty pointless. The story summary is supposed to accurately describe the story, to help us determine if we want to follow the link, or read commentary.

Re:plagiarism

[Ta Pere *]

Welcome to Slashdot, you must be new here. Did you actually think that submitters wrote their OWN descriptions?

Re:plagiarism

[wft_rtfa]

presented as material he/she wrote

Kitplane01 is providing a link to the article. We know the post is paraphrased.

There's no practical reason?

[Perryman]

Why would engine monitor data need to be encrypted? All it is is fuel flow rates, its pressure and temperature, FTIT, etc. The pilot needs to see this data anyway to monitor in-flight. Maybe they're talking about when this information goes through engine diagnostics or is stored for looking at later? Oh, and do these guys just do civilian aircraft, or military too? I'd think no one would buy their engine monitor units if they couldn't look at the logs to monitor their own aircraft statistics [think nascar]. Could be a good way to lose customers. What do you think?

Re:There's no practical reason?

[krray]

I think that if one of our (pick your country :) military planes goes down in enemy territory that I don't want said enemy to have access to how well, or poorly the plane may or may not operate in certain circumstances...

Re:There's no practical reason?

[Perryman]

Ah true. In that situation, the engine monitor data would be stored on the engine diagnostics, so hopefully they don't know how to read that. [It's not like its easy to read in the first place. You need the right connectors and power supply, and you'd need the software to read it off of there, and that stuff is pretty hard to get if you're not supposed to have it, let alone to understand how to do it by yourself if you don't have the equipment!] So, all in all, i don't think they'd know how to get that data

Re:There's no practical reason?

[Threni]

> Ah true. In that situation, the engine monitor data would be stored on the
> engine diagnostics, so hopefully they don't know how to read that. [It's not
> like its easy to read in the first place. You need the right connectors and
> power supply, and you'd need the software to read it off of there, and that
> stuff is pretty hard to get if you're not supposed to have it, let alone to
> understand how to do it by yourself if you don't have the equipment!] So, all in
> all, i don't think the

Re:There's no practical reason?

[Perryman]

they have f-4s and old stuff. they dont have f16s or 15s or anything similar, only friendly countries

Re:There's no practical reason?

[Dun Malg]

I think that if one of our (pick your country :) military planes goes down in enemy territory that I don't want said enemy to have access to how well, or poorly the plane may or may not operate in certain circumstances...

This isn't for military aircraft, it's a civil aviation product. Military instrumentation has nothing to do with this situation.

Re:There's no practical reason?

[EpsCylonB]

yeah cause the chineese might use the fuel flow rates work out how to destroy all american military aircraft.

outside the american military its 2005, inside its still the 1950's.

Why is the US spending on defence more than 4 times what the chineese are spending ?

Re:There's no practical reason?

[Perryman]

outside the american military its 2005, inside its still the 1950's. Wrong. It's more like 1970s-1980s here. difference being, the stuff still works as good as it did back then. :)

Re:There's no practical reason?

[uberdave]

Fine, then turn the loggers off and scrub the data before the aircraft gets into hostile territory. Or, if the data may be needed, then scrub it if the plane crashes or the pilot punches out.

Re:There's no practical reason?

[Alioth]

JPI isn't a military supplier - they make products for light aircraft (not even airliners). JPI is quite popular with homebuilders (people who build planes at home from kits or plans).

Well, I know it's illegal for cars

[Weaselmancer]

I know there are laws in place to keep automobile manufacturers from doing the same thing (since I make auto scantools for a living). That's one of the main reasons why the industry moved towards OBDII - to be compliant with the disclosure law.

Maybe the rules apply to aircraft as well, and there's already a legal fix?

I won't be able to ask anyone at work about which laws are in place until Monday, but this article has me curious about the legality of encrypting this kind of data for non-automobiles. If I find anything out, I'll post it here.

Re:Well, I know it's illegal for cars

[SagSaw]

I know there are laws in place to keep automobile manufacturers from doing the same thing (since I make auto scantools for a living). That's one of the main reasons why the industry moved towards OBDII - to be compliant with the disclosure law.

AFAIK, the OBD-II requirement involves exclusivly emmissions related data. It's not about allowing vehicle owners to fix their own vehicles or any other purpose. Take a look (since you make scantools) at which PID's are documented and known to the public. Compa

Re:Well, I know it's illegal for cars

[Weaselmancer]

AFAIK, the OBD-II requirement involves exclusivly emmissions related data. It's not about allowing vehicle owners to fix their own vehicles or any other purpose.

I'm new to working on the sofware (was doing hardware for the last year) and currently only fiddling around with ISO 9141-2 communication, so your post got me thinking. Had to do a little research. I wasn't able to find the text of the law, but I did find an online post about what codes are covered by OBD II, here [geocities.com].

IIRC, the whole OBD II thin

Re:Well, I know it's illegal for cars

[Weaselmancer]

Well, currently I'm working on an ISO 9141-2 protocol. Some packet types have a simple checksum. Some don't. It's not up to your ethernet standards, that's for sure.

Encoded (Not Encrypted)

[dubner]

Typical inept Slashdot editing: the data is *encoded* (as the original AvWeb article states), not encrypted. Sure, JPI is an evil company with a history of slimey dealings as shown here http://home.earthlink.net/~timrv6a/jpi.html [earthlink.net] but lets be accurate about what they've done. If JPI (or someone else) was to provide info on the format of the encoded data there would be no news story.

Re:Encoded (Not Encrypted)

[Anonymous Coward]

If JPI (or someone else) was to provide info on the format of the encoded data there would be no news story.

If you don't know how a datafile was created, it may as well be encrypted, since it's meaningless to you. I fail to see the distinction.

It's funny how insulting Slashdot gets the most illogical of posts rated up.

let the market decide

[ch-chuck]

So, don't buy their products. Or are they another messy, politically granted monopoly?

Re:let the market decide

[Anonymous Coward]

The problem is, I already own one; next time I send it for a firmware upgrade to get bugs fixed I can never download data from it again. (Without using their crappy "EZPlot" program.)

It's too bad, (1) because I had wanted to get my EDM-700 upgraded to the EDM-800, which has fuel flow data as well; (2) because I spent money getting a serial port installed in my instrument panel so I could download the data easily, and that money has now gone to waste.

This wont last long

[Effugas]

It's simple, really.

"Can you say, with absolute certainty, that no third party fault detector would have found the problem with your engine?"
"No, but..."
"So, you intentionally embarked on a development program that hid problems with your engines. Thank you."

This exchange, vaguely hinted at by FAA, would be quite enough.

Re:This wont last long

[Effugas]

AC--

In case you see this:

A problem with the engine can take down the plane.

FAA policy is that plane crashes are very, very bad. Absurd amounts of procedures are created to prevent plane crashes. Liability for plane crashes can be massive.

The engine manufacturer can't rule out that third party tools would find different problems than their own; the whole point of you owning this third party device is that, as a pilot, you've made a judgement call that the manufacturer's supplies were in

Auto Makers

[nurb432]

Didnt they get burnt by something similar to this with their ECM's and told by the Fed's they cant restrict 3rd party access with dirty tricks like this?

True airplanes engines are not quite the same thing, or as large a market but the principle is the same.

Re:Auto Makers

[Vegeta99]

Well, yes, but OBD-II (On Board Diagnostics, Version II) is federally mandated, and the Society of Automotive Engineers has a set of standard codes for most every fault an ECM would detect. They also, however, made it possible for manufacturers to have proprietary codes, starting with 1. For example, if the oxygen sensor on my engine's #1 cylinder bank is indicating that the engine is running lean more than is allowed, and the ECU is correcting by running it intentionally rich, the SAE code would be P0130.

"Fix"?

[John Jorsett]

Is it a "fix" when you deliberately broke it in the first place?

this is to stop cheaters

[Anonymous Coward]

This is to stop people from modifying the data to cover up the fact that they are saving money by not following the maintenance schedule.

Re:this is to stop cheaters

[TamaraCravit]

I'm not sure how people could "cover up" anything...the information these systems record is related to engine performance (cylinder head temperatures, exhaust gas temperatures, and the like). Maintenance information is maintained on paper, with written sign-offs by the mechanics who do the work, and the FAA has VERY strict accountability procedures. (None of that affects the average pilot unless the FAA has cause to investigate a crash or complaint, but that's a separate issue).

Aviation? Encrypted? DRM it!

[ThePhilips]

Can they please release list of planes equipped with this stuff? - So I will have a chance to take another plane.

Hope they will not opt to DRMfy they data. Just try to imaging message on plane: "Dear guests our plane is crashing down due to expired license for motor control protocol encryption. Please festen your belts and pray."

Well, IIRC, this [CENSORED] was already tried in medicine and failed. No system is allowed to use encryption for sake of encryption when human life is at stake. Both medical l

Re:Aviation? Encrypted? DRM it!

[Alioth]

You're unlikely to ever get on a plane with a JPI instrument. They are not used on airliners, they are used on privately owned light aircraft (and even then, in over 1000 hours of flight experience I've still not flown a plane with a JPI instrument). Unless you learn to fly yourself or know a private pilot, you're unlikely to ever see one.

Re:Aviation? Encrypted? DRM it!

[ThePhilips]

That's releive. Isn't it? ;-)

Honestly, I am, as a programmer, bemused by industrial automation people all the time I have to work with them.

Money squeezing is norm of life: complaining aloud about say analyzer with encrypted data format so now they cannot use their expensive software from 3rd party. On first turn. And then, on second turn, during meeting they'll be first to propose change in file format just to ensure that customers will not be able to use cheap tools to read them.

I'm seeing that sh

The encryption is for MSOffice-style lock in

[Anonymous Coward]

I own a JPI Engine analyzer in my plane. To respond to some misinformation above, they make various model of engine analyzers used in piston engine planes. The plane does not depend on the JPI to fly. It's used to gather the parameters from the engine as it runs for instant and with some models, stored for later analysis. It does warn of problems with the engine like overheating. The major feature is assisting with leaning the air/fuel mixture going to the engine, which pilots must do manually.

In a nutshell JPI's owner has some vendetta against a competing company that was selling software to read and analyze the data from the JPI analyzer. JPI changed the format of the data output from the serial port of the device, and the format it was stored in the device's non-volatile RAM.

JPI had sold software for Palm OS that would connect to the serial port and display the data in graphical format in real time on a Palm Pilot. Since the data stream was ASCII text you could do the same with any laptop.

JPI had also supplied what at first they sold, but later became a free DOS utility called EZ-Save that would download the data and uncompress it to a comma separated plain text file. They also made available some Excel spreadsheets with macros that would turn the data into some nice charts for easy analysis.

At some point recently the owner got bug up his backside about some competitor that is selling a competing program to analyze the data. JPI changed the steam and the stored data on current products to use encryption and removed all traces of the utilities on their web site. Of course this did not affect the 1000s of products already installed in planes. What they were doing though, was updating the firmware on any that came in service to have the encryption. Based on that, I vowed I wouldn't send mine in for repair if it burst into flames.

Some excerpts from a aircraft owner mail list:

JPI has recently made a decision to prevent the download of raw data from their EDM series of engine monitors. In the past, an EDM user could use a free piece of software, called EZSave, to transfer all the saved engine performance data from an EDM to a PC. The information was decoded and then stored in a plain text file as numerical values separated by commas (commonly called "CSV" format). This simple format made it possible to import this data in to most any software product, including Excel or any other graphing program. But recently support for EZSave was withdrawn and the program disappeared from JPI's website. In its place was a free version of JPI's fancy engine data graphing program, EZPlot. At the same time this was done, the firmware on new EDM units was updated to alter the data transfer format (from EDM to PC) so that existing copies of EZSave would no longer work. The result is that only EZPlot can talk to new EDM units, and EZPlot does not provide any way to save the raw data. This locks the user in to viewing the data only in ways that EZPlot allows. If you don't like the way EZPlot shows data, you are pretty much out of luck. Existing units in the field continue to work the way they always have, of course. But should you ever send your unit in for repair, it is likely that it will be "upgraded" with the latest firmware and EZSave functionality will be lost.

This change puzzled me a bit, as it seemed to have no purpose other than secure an additional revenue stream for JPI (the feature-full version of EZPlot costs money) at the expense of interoperability. It also seemed designed to intentionally shut out a competing engine analysis program called EGTrends. Personally I don't care for either of those programs: I want the raw data so that I can graph it in a manner than makes sense to me. Oddly enough, the way in which I like to view the data is very similar to the way used by EZPlot's predecessor: a primitive (but effective) Excel template that JPI distributed years ago. So I decided that while I was at Sun 'n' Fun I would go talk to someo

Piston Engine Monitors for Aviation

[AB3A]

As an owner of an airplane with a similar monitor, allow me these observations:

1) The data in the engine monitor of my airplane will help me diagnose problems before they become serious. I had an intake valve get sticky on me once. It happened while decending from 5000 to 3000 AGL. I was too damned busy configuring for best glide, scrambling for my engine out check list, and considering whether to declare an emergency to look over at the monitor. By the time I had the presence of mind to do that, the p

Re:Needs oil....

[X0563511]

Their web server runs as poorly as the elevator....only six comments and already slashdotted into oblivion.

Wrong article. I think you meant to put it somewhere else. This article is about aviation equipment.