Slashdot Mirror
Aviation Instruments Encrypt Engine-Monitor Data
kitplane01 writes "Airplanes engines need to always work, and are monitored by engine monitors. JP Instruments' engine-monitor units have begun to encrypt the data output of its monitors so it can't be read by third-party software. Whether this is to protect itself liability-wise or to discourage competitors is unclear. It seems the company is working on a fix, which may require a fee from users to translate the file format."
I think its to prevent terrorists from listening in on engine data.....God Bless America
this seems like an incredibly stupid and public way of locking customers into paying for information they were already previously getting for free.
Hopefully no more companies in the industry will follow
feeling lonely? grab a balled up pillow for company
It sounds like propriety lock-in to me. There is no other reason to encrypt diagnostic data.
"I'm not impatient. I just hate waiting." - My Dad
As long as the auto industry doesnt follow. There was a big deal over the use of car makers to provide info to third parties for the onboard electronics. I dont know what the status is now, I heard a while ago that the information is disorganized and hard to utilize. Auto dealers love it because it forces you to use their facilities at highly marked up prices, and puts 3rd party auto mechanics into a corner.
The Doormat
If you're not outraged, then you're not paying attention.
You should also take a look at Lexmark and how they used DMCA to sue Static Control Corp, an aftermarket inkject cartridge manufacturer. Earlier Slashdot story
Not really a whole lot different that PACE Anti-Piracy's latest crap.
I use some software that is protected using PACE's Interlok system. Unfortunately, the anti-piracy software is stopping me from legitimately using the software, refusing me the ability to serialize it on my machine.
PACE's response? Send us the encrypted log file! They won't tell me what's in the log file, nor will they allow me to see it before sending it.
Any amount of personal information could be in there, so I refuse to send it to them.
Since when doesn't everything need to be encrypted to keep legitimate users from reading it?
Jory
The Gemini goes about data-logging quite differently. When you want to see what's been happening, simply point the supplied Hewlett-Packard HP200LX palmtop at the Gemini's faceplate and the information will be transferred by infrared link. The information remains encrypted in the HP200LX--it cannot be altered by the user- -so it may be more useful to resolve a warranty dispute or to see how renter-pilots are treating your leaseback bird.
Pay no attention to that man behind the curtain.
One line blog. I hear that they're called Twitters now.
I don't know much about these kinds of systems, but I would've always assumed that partial unencrypted data would be much easier to recover in a plane crash situation. I guess it would pretty much instantaneously stop transmitting from the engine in question when the system failed.
However, wouldn't encrypted data bring with it the risk that you couldn't get the data back? What happens if you have partial encrypted data in the system? Is there a risk that the encryption could make piecing together accidents more time-consuming or render the data useless to the investigation?
In theory, could it even assist denying responsibility if the engine itself was the cause of a crash?
Any particular reason "kitplane01" came within a sentence or two of posting the entire story in his/her submission?
It's completely uncredited, and presented as material he/she wrote; that's called plagiarism, folks. Though things have gotten better over the years (I remember when more than half of the stories on the front page were like this), this still happens too often.
It's also pretty pointless. The story summary is supposed to accurately describe the story, to help us determine if we want to follow the link, or read commentary.
Please help metamoderate.
Why would engine monitor data need to be encrypted? All it is is fuel flow rates, its pressure and temperature, FTIT, etc. The pilot needs to see this data anyway to monitor in-flight. Maybe they're talking about when this information goes through engine diagnostics or is stored for looking at later? Oh, and do these guys just do civilian aircraft, or military too? I'd think no one would buy their engine monitor units if they couldn't look at the logs to monitor their own aircraft statistics [think nascar]. Could be a good way to lose customers. What do you think?
I know there are laws in place to keep automobile manufacturers from doing the same thing (since I make auto scantools for a living). That's one of the main reasons why the industry moved towards OBDII - to be compliant with the disclosure law.
Maybe the rules apply to aircraft as well, and there's already a legal fix?
I won't be able to ask anyone at work about which laws are in place until Monday, but this article has me curious about the legality of encrypting this kind of data for non-automobiles. If I find anything out, I'll post it here.
Weaselmancer
rediculous.
Typical inept Slashdot editing: the data is *encoded* (as the original AvWeb article states), not encrypted. Sure, JPI is an evil company with a history of slimey dealings as shown here http://home.earthlink.net/~timrv6a/jpi.html but lets be accurate about what they've done. If JPI (or someone else) was to provide info on the format of the encoded data there would be no news story.
It's simple, really.
"Can you say, with absolute certainty, that no third party fault detector would have found the problem with your engine?"
"No, but..."
"So, you intentionally embarked on a development program that hid problems with your engines. Thank you."
This exchange, vaguely hinted at by FAA, would be quite enough.
Is it a "fix" when you deliberately broke it in the first place?
Well, yes, but OBD-II (On Board Diagnostics, Version II) is federally mandated, and the Society of Automotive Engineers has a set of standard codes for most every fault an ECM would detect. They also, however, made it possible for manufacturers to have proprietary codes, starting with 1. For example, if the oxygen sensor on my engine's #1 cylinder bank is indicating that the engine is running lean more than is allowed, and the ECU is correcting by running it intentionally rich, the SAE code would be P0130. However, my car, a Ford, gives the code P1311. Same exact meaning, but it's a Ford specific code. Fortunately for me, a quick search on the 'net found out what the code meant, but it wasn't in my book.
Fortunately, the Feds have said they cannot hide the definitions of codes like these as not only is it federally mandated that the diagnostics system be there, there is already a standard set of codes and definitions that works just fine.
Within Doc's context, however, he was making a valid point.
As for the smaller aviation industry, Doc's jibe is still perfectly valid. It was a jibe against the federal government, and it's the federal regulations controlled by federal politicians and influencing the opinions of federal judges which allows the liability lawsuits to decimate any company which may have a chance at competing with the big aviation industry.
So, next time, be more polite and consider what the other person is saying before you drop a ton of poop on them.
fast as fast can be. you'll never catch me.
In a nutshell JPI's owner has some vendetta against a competing company that was selling software to read and analyze the data from the JPI analyzer. JPI changed the format of the data output from the serial port of the device, and the format it was stored in the device's non-volatile RAM.
JPI had sold software for Palm OS that would connect to the serial port and display the data in graphical format in real time on a Palm Pilot. Since the data stream was ASCII text you could do the same with any laptop.
JPI had also supplied what at first they sold, but later became a free DOS utility called EZ-Save that would download the data and uncompress it to a comma separated plain text file. They also made available some Excel spreadsheets with macros that would turn the data into some nice charts for easy analysis.
At some point recently the owner got bug up his backside about some competitor that is selling a competing program to analyze the data. JPI changed the steam and the stored data on current products to use encryption and removed all traces of the utilities on their web site. Of course this did not affect the 1000s of products already installed in planes. What they were doing though, was updating the firmware on any that came in service to have the encryption. Based on that, I vowed I wouldn't send mine in for repair if it burst into flames.
Some excerpts from a aircraft owner mail list: