F-35 'sovereign data gateway' will stop US reading pilots' personal data? Yeah right
If you believe that, I’ve got a bridge for sale...
Lockheed Martin, designers of the super-expensive F-35 fighter jet, is working on a system claimed to reassure foreign customers that the US won't be able to read their pilots' personal data.
According to Flight Global, Lockheed Martin is working on a sovereign data gateway (SDG) to reassure F-35 customers that the US won't be reading every single detail of what they do with their jets after they've been delivered.
The SDG's existence was revealed in an update posted to the US Federal Business Opportunities website, which is password protected.
The F-35's ALIS (Autonomic Logistics Information System) keeps track of a wealth of data about each and every F-35, from the health of the aircraft's flight systems to pilots' flight plans and more.
The aircraft itself sends this data to its parent squadron's local ALIS server – its "standard operating unit" – which in turn transmits it to its owning nation's Central Point of Entry Services Kit (CPESK). From there the data is also beamed back to Lockheed Martin in Fort Worth, Texas.
The idea of ALIS is that it automatically orders spare parts, reminds maintainers when life-limited components need replacing and gives air forces an overview of their aircraft.
Other nations buying the F-35 include the United Kingdom, the Netherlands, Australia, Israel, Canada, Norway, South Korea, Denmark, Italy, Japan – and Turkey.
The SDG will be installed on each nation's CPESK and will allow each F-35 customer nation to "inspect and verify data flowing to and from the US hub", according to Flight Global. The magazine also claims that the SDG will be able to block, modify or delay sensitive data, and gives an example of pilots' personal data which may be subject to data protection laws.
Naturally, unless the SDG source code is also made available to partner countries for them to inspect, there is no guarantee that the US won't retain a backdoor capability to inspect the data firehose. After the NSA mass surveillance revelations, will partner nations trust the SDG?
There is no mention in the Flight Global report of whether the SDG notice specifies other types of data that can be blocked other than personal data. The magazine noted that many F-35 customer nations made the ability to redact pilots' personal data from ALIS a prerequisite of buying the system.
ALIS itself is currently at version 2.01, with v2.02 having been under certification testing in June this year. Version 3 is scheduled for release in 2017. US aircraft maintainers use Panasonic Toughbooks to access the system, according to Aviation News International, which also revealed that a planned realtime data downlink from the F-35s called Prognostics and Health Management was scrapped over "security concerns". Data is instead downloaded from each aircraft after flight.
The system also supports offline F-35 operations – but only for up to 30 days. As we all know, wars of the future will last absolutely no longer than 29 days. ®
Sponsored: Becoming a Pragmatic Security Leader