Slashdot Mirror
US Switches Air Traffic Control To New Computer System
coondoggie writes: The Federal Aviation Administration this week said it had completed the momentous replacement of the 40-year-old main computer systems that control air traffic in the US. Known as En Route Automation Modernization (ERAM), the system is expected to increase air traffic flow, improve automated navigation and strengthen aircraft conflict detection services, with the end result being increased safety and less flight congestion. The FAA said the Lockheed Martin-developed ERAM systems “uses nearly two million lines of computer code to process critical data for controllers, including aircraft identity, altitude, speed, and flight path. The system almost doubles the number of flights that can be tracked and displayed to controllers.”
So how does a 40 year old computer system get replaced and only doubles the number of flights capable of being tracked?
what could possibly go wrong?
Where are we going and why are we in a handbasket?
Hmmm. People are still the same size, fuel is still the same, turbines still use the same theories, the planet hasn't gotten bigger, the atmosphere is still the same, our materials are still the same..
Could it be, and this might be a shocker, could it be that the limits on materials have nothing to do with information processing?
For example, you might want to sit down for this and read it a few times, could it be that just because processors got a thousand times faster it doesn't mean that we can somehow actually put a thousand times more airplanes in the air?
I'm just wondering out loud here.
The system has been rolled out one center at a time over the past several years. This article is just stating that the last center has been converted and the transition from HOST to ERAM is complete. That's not to say that there weren't glitches along the way.
It was a shortage of computer memory in the $2.4 billion air traffic control system while a U-2 spy plane flew over southwestern US that caused LAX computers to crash and hundreds of flights to be delayed on April 30. “In theory, the same vulnerability could have been used by an attacker in a deliberate shut-down,” security experts told Reuters. Now that the “very basic limitation of the system” is known, experts expressed concerns about aviation cyberattacks.
$2 billion air traffic control system failure blamed on shortage of computer memory
Lockheed Martin, which created the En Route Automation Modernization (ERAM) air traffic control system, claims it conducts "robust testing" on all its systems, yet the lack of altitude information in the U-2’s flight plan caused the automated system to cycle off and on trying to fix the error.
http://www.computerworld.com/a...
"If any question why we died, Tell them because our fathers lied."
It's mostly Ada running on AIX. See http://www.iaeng.org/publication/IMECS2009/IMECS2009_pp1095-1099.pdf.
"Display System (DS), User Requested Evaluation Tool (URET) and ERAM and have been developed mainly in the Ada programming language. " Page 2.
"Product supportability advantages led to the selection of the IBM P series processors, the AIX operating system, and CISCO switches." Page 3.
I say this as a thirtysomething computer programmer, although I've also always been a minimalist: Given the choice between something that uses software and something that does not, go softbare.
My car, TV, and entire life are now filled with much more software than ever. Now that they can "do" more, they are also slower, flakier, and more complicated. And as a computer programmer, I know why: even the simplest program is amazingly complex. Every keystroke is a pitfall.
Two million lines? I think I'll drive --- no, just walk.
You are insanely naive. You have no idea just how hard it is to build a safety-critical system on this scale. These systems have to be up nearly 24/7/365 and balance a ridiculous amount of data from redundant data sources while avoiding deadlocks and other sources of data contention. In addition to that, they undergo way more testing than you can imagine to ensure that the system handles those large volumes of data correctly and doesn't crash along the way. I used to think like you until I actually worked on an air traffic management system, so I can tell you that you can't possibly imagine how difficult it is until you actually do it.
And were those projects for safety-critical systems? Were they replacing 20 years of development where the new system was required to perform every task almost exactly as the original using an entirely different architecture or did you get to make your own requirements from scratch and adapt them however you pleased? Was that system so heavily integrated that a basic task was way too complicated for unit tests which means that all testing had to be performed manually in an integrated environment or using a vast array of virtual machines to push the test data? Did that project require extremely tight security with many different clients in the private and public sectors (requiring drastically different security checks) as the system processed data from those sources and sent custom-filtered data back? I could go on and on, but again, it probably wouldn't matter because it's not something you can appreciate until you've actually done it.
Were you willing to guarantee your projects were defect free? The FAA is an excessively risk adverse organization. In some ways this is good, it's safer to fly from LA to London than it is to drive 10 miles from your house to the airport, even though you're in a metal tube traveling at nearly the speed of sound (so fast that human reaction times are effectively a moot point, once you see an obstacle in your way you are already dead) through all sorts of crazy weather and other challenges. The downside of this is that it is almost impossible to get them to replace a working system, even if the replacement is objectively better than the old one. One problem the FAA runs into on a regular basis is that tertiary technologies (like their network and comms systems) are constantly going obsolete and most of the vendors disappear and the only ones that remain jack their prices up into the stratosphere because they know they have a captive market.
I read the internet for the articles.
This isn't just landing approaches. It's following planes as they fly all over the country.
What are you suggesting? Thousands of spotters with binoculars and CB radios? So commercial flights are to be restricted to a time slot between 10 AM and 3 PM in the summer only?
Goodluckwiththat.
Faster! Faster! Faster would be better!
Written in Ada can make things better, but written by Lockheed Martin, so it balances itself out.
You are largley right here, the gains in thoughput in the system will be made by reducing seperation between aircraft, so you can have twice as many aircraft on the same airways. Those reductions in seperation can only go so far, as you have to have a system that can still fail back to stone age (100% down) and still be reasonably safe. At that point controllers fall back to using primary radar, radio and bits of paper in stacks, i.e. how it used to be done before computers.
The improved processing and tracking allows some saftey margins to be compressed, but not many, and not by much.
Lockmart is complicated. My division of Unisys was bought by the Carlyle group, which also bought IBM's Federal Systems division, combined the two, and sold the result to Loral. They stirred in some other fragments of defense contractors and sold the result to Lockheed. I'd left Unisys before they sold us, so was surprised to get a call from Lockheed asking why I wasn't drawing my pension. Those two shards of Unisys and IBM had some very good people in them, something I knew both from working in the Unisys group and overseeing the IBM group when I was at MITRE. I was in the Ada community starting with Strawman in the mid-70s. A fair amount of our language design was intended to overcome the failures of management by both DoD PHBs and contractor PHBs. Ultimately, military use of Ada faltered because of the desire of the defense industry to de-skill the programming task. They wanted to pay C++ coder salaries, not software engineer salaries. Ada survives in places that want to do highly-reliable, life-critical systems, increasingly in Europe rather than here.
This is what one the old systems looked like
Stopped reading right there.