Oh ALIS, don't keep us waiting: F-35 jet's software 'delayed'
And local sysadmins left to reset ground crews' 'dealer module' Toughbooks
Key software for the troubled F-35 fighter jet has been repeatedly delayed, causing problems for the British armed forces as they wait for Americans to iron out the bugs.
The F-35’s Autonomic Logistics Information System (ALIS) is the heart of the support offering bundled with the F-35 by its manufacturer, Lockheed Martin.
The latest version of ALIS – version 2.0.2 – has been delayed by at least six months and counting, according to the US Department of Defense’s Director of Operational Test and Evaluation (DOT&E), and units are instead stuck with version 126.96.36.199.
“It has yet to successfully complete testing and likely will not be fielded until early 2017,” according to the F-35 section of DOT&E’s annual report [PDF, 62 pages] to the US Congress. Version 2.0.2 will allow military personnel, rather than engine manufacturers and current maintenance contractors Pratt & Whitney, to read and act upon engine health data, but has not yet been deployed.
Although the release version of ALIS is intended to be version 3, with various beta releases bringing incremental extra capabilities until the release of v3, “delays in ALIS 2.0.2 development have also delayed the development of ALIS 3.0,” said DOT&E. This, warned the director, would result in key functionality being released as updates to v3.0 instead of being baked into the “final” software package deployed to F-35 customers – including the UK.
ALIS v3.0 is now set to be delivered in “mid-2018,” a slip of six months from its previous introduction date.
“Despite the delays and deferred content, IOT&E [initial operational test and evaluation] will still evaluate the suitability of the F-35 with ALIS in operationally realistic conditions,” said the DOT&E report.
Sync ‘n’ slump
The 62-page report also revealed that the F-35 is temperamental when ground crew plug their Panasonic Toughbook diagnostic laptops into the aircraft and sync them: “In many instances, maintainers must attempt to synch several PMAs [portable maintenance aids – the laptops] with an aircraft before finding one that will successfully connect.”
Buggy software means plugging in and syncing the Toughbooks sometimes takes so long that impatient crews disconnect them halfway through the process. This results in a local ALIS sysadmin having to reset the affected laptops.
Moreover, testing of ALIS up until 2016 took place on “representative hardware” instead of actual aircraft and ground base equipment. “The current closed environment does not adequately represent the variety of ways in which the Services operate ALIS in different environments,” DOR&E drily noted.
There was also a significant problem the first time that US personnel tried deploying F-35s and ALIS away from their home base:
...they had a great deal of difficulty using ALIS on the local base network. After several days of troubleshooting, Information Technology personnel and ALIS administrators determined that they had to change several settings on the base network at Mountain Home and in the web interface application (i.e., Internet Explorer) to permit users to log on to ALIS. One of these changes involved lowering the security setting on the base network, an action that may not be compatible with required cybersecurity and network protection standards in place.
ALIS is used by naval and air force personnel to determine in real time the state of the aircraft, view flight plans, and review each jet’s entire history from the moment it leaves the factory. It is an end-to-end management and planning system for pilots, maintainers and commanders alike – the ultimate vendor lock-in.
Controversially, it also sends each jet’s history back to the US, regardless of which country actually owns that aircraft – though Lockheed has promised it won’t read the pilots’ names.
Cybersecurity folk from DOT&E also carried out “adversarial assessments” against the ALIS and also a “limited cybersecurity assessment” of an actual F-35A at the USAF Operational Test Squadron at Edwards Air Force Base in southern California. No information was given in the report for the results of these tests, with DOR&E warning that “much more testing is needed to assess the cybersecurity structure of the air vehicle and supporting logistics infrastructure system.” ®
Sponsored: Becoming a Pragmatic Security Leader