FAA Gets Its New Virtualized Flight Plan System Off the Ground

The people whose job it is to schedule aircraft for takeoff, help guide passengers to their destinations and get them safely back down on the ground finally have some powerful new open-standards computer systems up and running to help them do their work more reliably.

The Federal Aviation Administration has endured a lot of grief in the last 24 months due to some well-documented crashes of its national flight plan-filing system. But the nation's No. 1 aerospace agency is finally bringing its Cold War-era mainframe IT systems into the 21st century.

Last year, the FAA upgraded its legacy internal business systems to a new open-systems server and storage infrastructure supplied by Sun Microsystems and an IP network provided by Cisco Systems. These systems currently handle all the agency's nonflight-related administrative functions, including the FAA's human resources information, e-mail, messaging, internal document routing and storage. The open systems worked well there, and the idea was to transfer the same kind of system to the all-important national flight-plan function.

NADIN's (National Airspace Data Interchange Network's) old mainframe-based system, an integral part of the overall NAS (National Air Space) traffic system that processes an average of 1.5 million messages per day, was obsolete and was beginning to break down due to technical issues. Travel disruptions due to these breakdowns are not out of the ordinary, according to knowledgeable air industry sources.

As a result, industry analysts and a number of former FAA staff members worried about major air traffic stoppages, as was demonstrated three times last summer by the crash of the system head in Atlanta. They also were concerned about increasing vulnerability to terrorist cyber-attacks.

An example of this happened on Aug. 26, 2008, when a corrupt file entered the flight plan system and brought it down for about 90 minutes during a high-traffic period late in the day on the East Coast. This was not an isolated incident, as the FAA's chief administrator originally had told the media. Similar crashes occurred on Aug. 21 and in June 2008, FAA records show.

International intelligence analytical firm Stratfor reported a similar system outage back in 2000. Another was reported in June 2007 in addition to the Aug. 21 and Aug. 26 crashes. Those are the ones we know about; we don't know how many others were never made public information.

"The lack of redundancy and dynamism demonstrated ... by the latest NADIN crash makes a cyber-attack against critical U.S. infrastructure all the more feasible," Stratfor said at the time in an editorial commentary.

But all of these issues may now be in the past. It took a grand total of about five years, but the FAA has done its research, found several million dollars to pay for new hardware, software and services, and is well into the process of updating all of its systems.

"We've just about finished our transition from the legacy system over to the new system," FAA IT administrator Jim McNeill told eWEEK. "The main new system is for NADIN, built on Stratus Technology servers with virtualization, and handles all the legacy [mainframe] functions as well as new FAA-owned IP systems."

Key Requirement: Separate Data Flows

McNeill said there was a key requirement that had to be met in order for the new system to comply with FISMA (Federal Information Security Management Act of 2002) regulations: The FAA had to separate government-created data from non-government data.

"We were required to provide a separate server to support public data flows, due to the inherent security issues in TCP/IP," McNeill said. "In this interpretation, 'public data flows' means non-NAS systems. In the nature of our business, a lot of our clients are non-NAS systems; we're dealing with airlines, we have connections to 26 international agencies—these are all non-NAS systems. Basically, they're all private companies who provide value-added services to general and commercial aviation.

"What we're doing is providing a portal into the FAA system for these general and commercial aviation companies to file all flight plans, and keeping it separate from everything else."

The new, virtualized system—the first for the FAA—is built on new heavy-duty Stratus FTserver 6400s, which run on Intel Xeon quad-core processors. The system was designed by Lockheed Martin engineers, replacing two 21-year-old Phillips DS714 mainframes—located in Atlanta and Salt Lake City—that first went live in 1989 and have been cranking away ever since. 

Overall, the old Phillips mainframes did yeoman's work on a 24/7 basis for two decades—ingesting, storing and processing an average of 1.5 million data points per day. The system and its designer deserve kudos for working all those years, but just like people, every system needs to be replaced at some point.

Next: Security Improved by Separate Portals >>