The US Federal Aviation Administration’s IT breakdown that led to a 90-minute nationwide flight ban early on 11 January has renewed calls to upgrade to the country’s air traffic control (ATC) system.
A shutdown and reboot of the FAA’s Notice to Air Missions (NOTAM) system – caused by a damaged database file, the agency says – delayed thousands of airline flights throughout the country before normal operations resumed just before 09:00 Eastern Time.
A NOTAM is an in-flight safety memo for flight crews regarding hazards to flight and other operational restrictions.
“Americans awoke this morning to the largest ground stop of our National Airspace System since 9/11,” says Sam Graves, a Republican member of Congress who chairs the House of Representatives’ Transportation and Infrastructure Committee. “While it appears at this time that the Notice to Air Missions – or NOTAM – system malfunction was not the result of a cybersecurity breach, it highlights a huge vulnerability in our air transportation system.”
“Just as Southwest’s widespread disruption just a few weeks ago was inexcusable, so too is the DOT’s and FAA’s failure to properly maintain and operate the air traffic control system,” he adds.
The NOTAM episode is the latest example of a computer system malfunction broadly impacting US airline operations. Southwest Airlines cancelled more than 16,700 flights between 21 December and 31 December as its decades-old software lost track of the locations of flight crews and aircraft following a severe winter storm in the Midwest and Northeast USA. It took days for the airline to reset its network.
Southwest estimates that it lost between $725 million and $825 million due to the operational meltdown, warning investors in a 6 January letter that it now anticipates a net loss for the fourth quarter of 2022.
US Transportation Secretary Pete Buttigieg has blasted the Dallas-based airline for its disastrous holiday performance, writing in a 29 December letter to Southwest CEO Bob Jordan that the DOT “will use the fullest extent of its investigative and enforcement powers to hold Southwest accountable if it fails to adhere to the promises made to reimburse passengers”.
On 27 December, Jordan vowed to fix the IT issues that plagued the carrier during the holiday rush and that the company’s customers and employees would “never again face what’s happening”.
Now, scrutiny is on federal regulators. The FAA’s recent struggles underscore the need to upgrade the NOTAM system, says Eric Blinderman, a spokesperson for aviation lobby group Aircraft Owners and Pilots Association (AOPA).
“In short, yes, the system needs modernisation,” he told FlightGlobal on 11 January. “That said, it’s not just our opinion – everyone associated with this issue, including the FAA, knows that.”
“Considering what happened and the fact that regulations dictate that all pilots check NOTAMs before a flight, the issue is urgent,” Blinderman adds.
The incident also demonstrates that the NOTAM system and other ageing pieces of IT infrastructure are vulnerable to future cyberattacks, according to a 11 January analysis from Moody’s Investors Service.
“The outage highlights how the minute-to-minute operations of US airports and the US aviation sectors rely on systems that are outside of their control and are exposed to cyber risks,” Moody’s says.
The FAA has pursued its multi-billion-dollar Next Generation Air Transport System (NextGen) programme since 2007, seeking to implement “major new technologies and capabilities” into the National Airspace System rather than “simply making minor upgrades to ageing infrastructure”, the agency says.
However, the ongoing effort has faced repeated delays and resulted in minimal upgrades to ATC capabilities.
“NextGen’s actual and projected benefits have not kept pace with initial projections due to implementation challenges, optimistic assumptions, and other factors,” reads a 30 March 2021 report by the DOT’s Office of Inspector General (OIG). “FAA’s most recent business case projects total NextGen benefits to be over $100 billion less than the Joint Planning and Development Office’s original estimate, and benefits actually achieved to date have been minimal and difficult to measure.”
The FAA said it is investigating the root cause of the 11 January shutdown. “Our preliminary work has traced the outage to a damaged database file,” the agency says. “At this time, there is no evidence of a cyberattack. The FAA is working diligently to further pinpoint the causes of this issue and take all needed steps to prevent this kind of disruption from happening again.”
Meanwhile, Graves, the Republican lawmaker, says he expects the FAA “to provide a full briefing to members of Congress as soon as they know more”.
“I will also be leading an oversight letter with my colleagues to make sure that we know what went wrong, who’s responsible, and how this is going to be prevented in the future,” he says. “And just as DOT expected Southwest to make passengers whole after their leadership failures, I expect a prompt update on DOT’s efforts to do right by the passengers it has wronged.”