Aviation Instruments Encrypt Engine-Monitor Data

kitplane01 writes "Airplanes engines need to always work, and are monitored by engine monitors. JP Instruments' engine-monitor units have begun to encrypt the data output of its monitors so it can't be read by third-party software. Whether this is to protect itself liability-wise or to discourage competitors is unclear. It seems the company is working on a fix, which may require a fee from users to translate the file format."

Just like Auto Engine Computers and Lexmark

[Tangurena]

The auto companies did something similar with OBD2 compliant engine computers. As a result, the association that represented independant repair shops had to sue the automakers and SAE to get the diagnostic information released.

You should also take a look at Lexmark and how they used DMCA to sue Static Control Corp, an aftermarket inkject cartridge manufacturer. Earlier Slashdot story

Re:ACARS telemetery data

[Derling+Whirvish]

You can break out the coded ACARS messages. Here's one example of how.

Encoded (Not Encrypted)

[dubner]

Typical inept Slashdot editing: the data is *encoded* (as the original AvWeb article states), not encrypted. Sure, JPI is an evil company with a history of slimey dealings as shown here http://home.earthlink.net/~timrv6a/jpi.html but lets be accurate about what they've done. If JPI (or someone else) was to provide info on the format of the encoded data there would be no news story.

Re:ACARS telemetery data

[AndroidCat]

There's plenty of software that will listen to the scanner via a sound card and break out the data, but I wasn't sure if anyone had decoded the blocks of engine performance data into anything useful. (Just the altitude/position data is good for a display like this.)

Re:Auto industry

[dougmc]

Its more or less required that you can have an engine fail and still be able to fly and make it to land safely.

That's the goal, but it depends on where and how the engine fails, and the skill of the pilot.

For example, there was a case some time ago where the propeller came apart in a commercial plane (this was not obvious at the time) and the engine vibrated itself to bits in a few seconds (THAT was obvious, once the pilots actually looked at the engine. Before that, they'd thought they'd just lost the engine in a more `normal' way.) The plane had enough thrust to maintain altitude after losing an engine under normal conditions, but in this case the destroyed engine had much more drag than a normal non-functional engine, and the plane could not maintain altitude, and eventually crashed.

The crash was bad, but controlled. Nobody was killed by the crash, but the plane was basically destroyed. Unfortunately, destroyed planes tend to leak fuel, and this one did, which promptly ignited, and ultimately about half the people aboard died due to the fire.

This was all described in a show about aviation disasters on the Discovery Channel. Maybe somebody else can provide more details.

Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.

But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)

However, when you talk about private planes, the fatal accident per flying hour ratio is signifigantly actually higher for two engine planes than single engine planes. This is because a two engine plane is quite difficult to fly with an engine out, and this tends to cause fatal accidents. In a single engine plane, when you lose your engine, all you can do is look for a good place to land (or crash, if you can't find a good place.) But even if you crash, you're likely to be in control of the plane and while the plane is likely to be destroyed, you're likely to survive.

But in a dual engine plane, what often happens is that the sudden yaw as the engine is lost causes the plane to turn into a lawn dart, killing all aboard. Yes, a good and alert pilot can prevent this from happening, but mistakes are often made.

Re:proprietary lock in?

[hsenag]

The right way to achieve that would be a digital signature, not encryption.

Re:Auto industry

[Richard_at_work]

Or, if a two-engine plane were to lose an engine in the middle of the ocean, that would increase drag as the plane would slip due to mismatched thrust, and might not have enough fuel to make it to land. Hopefully they plan for this, and provide enough extra fuel for this kind of emergency.

Yes they do, its called ETOPS (Extended-range Twin-engine Operation Performance Standards) and it governs how far a twin engined commercial airliner can be from an alternate airport at any given moment, usually in minutes and reachable on a single engine within that time. Standard ETOPS times are 180 minutes for nearly all major twin engine aircraft, including the A330 and 767, while the 777 gets 207 minutes due to uprated engines and higher safety statistics.

Private jets are excluded in the FAA jurisdiction, but must stick to 120 minutes in the JAA jurisdiction.

But yes -- pretty much most 2+ engine airplanes can maintain altitude and even climb slightly if they lose one engine in a `normal' way. (Exploding/disintegrating engines don't really count. Fortunately they're very rare.)

Again, all civilian airliners are required to be able to loose an engine on takeoff, be able to complete the takeoff and the go around without issue and land again.

Re:Auto Makers

[Vegeta99]

Well, yes, but OBD-II (On Board Diagnostics, Version II) is federally mandated, and the Society of Automotive Engineers has a set of standard codes for most every fault an ECM would detect. They also, however, made it possible for manufacturers to have proprietary codes, starting with 1. For example, if the oxygen sensor on my engine's #1 cylinder bank is indicating that the engine is running lean more than is allowed, and the ECU is correcting by running it intentionally rich, the SAE code would be P0130. However, my car, a Ford, gives the code P1311. Same exact meaning, but it's a Ford specific code. Fortunately for me, a quick search on the 'net found out what the code meant, but it wasn't in my book.

Fortunately, the Feds have said they cannot hide the definitions of codes like these as not only is it federally mandated that the diagnostics system be there, there is already a standard set of codes and definitions that works just fine.

The encryption is for MSOffice-style lock in

I own a JPI Engine analyzer in my plane. To respond to some misinformation above, they make various model of engine analyzers used in piston engine planes. The plane does not depend on the JPI to fly. It's used to gather the parameters from the engine as it runs for instant and with some models, stored for later analysis. It does warn of problems with the engine like overheating. The major feature is assisting with leaning the air/fuel mixture going to the engine, which pilots must do manually.

In a nutshell JPI's owner has some vendetta against a competing company that was selling software to read and analyze the data from the JPI analyzer. JPI changed the format of the data output from the serial port of the device, and the format it was stored in the device's non-volatile RAM.

JPI had sold software for Palm OS that would connect to the serial port and display the data in graphical format in real time on a Palm Pilot. Since the data stream was ASCII text you could do the same with any laptop.

JPI had also supplied what at first they sold, but later became a free DOS utility called EZ-Save that would download the data and uncompress it to a comma separated plain text file. They also made available some Excel spreadsheets with macros that would turn the data into some nice charts for easy analysis.

At some point recently the owner got bug up his backside about some competitor that is selling a competing program to analyze the data. JPI changed the steam and the stored data on current products to use encryption and removed all traces of the utilities on their web site. Of course this did not affect the 1000s of products already installed in planes. What they were doing though, was updating the firmware on any that came in service to have the encryption. Based on that, I vowed I wouldn't send mine in for repair if it burst into flames.

Some excerpts from a aircraft owner mail list:

JPI has recently made a decision to prevent the download of raw data from their EDM series of engine monitors. In the past, an EDM user could use a free piece of software, called EZSave, to transfer all the saved engine performance data from an EDM to a PC. The information was decoded and then stored in a plain text file as numerical values separated by commas (commonly called "CSV" format). This simple format made it possible to import this data in to most any software product, including Excel or any other graphing program. But recently support for EZSave was withdrawn and the program disappeared from JPI's website. In its place was a free version of JPI's fancy engine data graphing program, EZPlot. At the same time this was done, the firmware on new EDM units was updated to alter the data transfer format (from EDM to PC) so that existing copies of EZSave would no longer work. The result is that only EZPlot can talk to new EDM units, and EZPlot does not provide any way to save the raw data. This locks the user in to viewing the data only in ways that EZPlot allows. If you don't like the way EZPlot shows data, you are pretty much out of luck. Existing units in the field continue to work the way they always have, of course. But should you ever send your unit in for repair, it is likely that it will be "upgraded" with the latest firmware and EZSave functionality will be lost.

This change puzzled me a bit, as it seemed to have no purpose other than secure an additional revenue stream for JPI (the feature-full version of EZPlot costs money) at the expense of interoperability. It also seemed designed to intentionally shut out a competing engine analysis program called EGTrends. Personally I don't care for either of those programs: I want the raw data so that I can graph it in a manner than makes sense to me. Oddly enough, the way in which I like to view the data is very similar to the way used by EZPlot's predecessor: a primitive (but effective) Excel template that JPI distributed years ago. So I decided that while I was at Sun 'n' Fun I would go talk to someo

Re:This wont last long

[Effugas]

AC--

In case you see this:

A problem with the engine can take down the plane.

FAA policy is that plane crashes are very, very bad. Absurd amounts of procedures are created to prevent plane crashes. Liability for plane crashes can be massive.

The engine manufacturer can't rule out that third party tools would find different problems than their own; the whole point of you owning this third party device is that, as a pilot, you've made a judgement call that the manufacturer's supplies were insufficient. Your call is being overridden by an overprotective manufacturer, treating you as an enemy to be obfuscated against.

If you crash -- it cannot be ruled out that you might not have if you had this extra information. All the FAA needs to say is -- those who interfere with pilot judgement may face consequences for such decisions -- and the potential liability will outweigh anything else.

--Dan