Can they force an install? Or will it be a choice?
I like Mentor Pilot and Air Disasters, so I know I’ve heard of a few where the problem that caused an accident was already known and a fix was available but the airline just chose not to do it because they had that option. Or it was scheduled but hadn’t been performed yet because it wasn’t thought to be that critical.
Having the FAA mandate the fix seems like it would be a much better option.
I know the FAA can, I was referring to the manufacture. If Boeing makes a software patch do they have any way of forcing everyone to install it other than asking the FAA to issue a directive?
They might be able to, but, if they are effectively saying "our product is broken and you can't use it until you do X" they could be responsible for massive contractual liabilities.
Based on aviation law they can notify the certification authority of a mandatory fix which will be then required to be applied for users to aircraft operators to apply. If necessary with 0 deadline, i.e. "if the plane is on the ground it's not flying till the following change is applied"
I read through the 787 Dreamliner manual for setting up the software for patch distribution to the planes, and there are checks and overrides at every step. The whole thing is physically controlled by the owning airline or maybe the leasing company, but not Boeing.
I wasn’t thinking a “we’re pushing an update too bad” kind of thing but more a “hey you have to do this to be allowed to fly, your choice” with the weight of law behind it.
That guide book was genuinely amazing, it was easily the best-written technical document of any kind that I had read.
The security is dialed up to 11 as well. It explicitly calls out the following scenario:
1) The plane is leased.
2) the maintenance is outsourced.
3) The plane at an airport in an "unfriendly" country.
4) The plane is not allowed to take off until it is patched due to an emergency directive.
That scenario is handled, securely!
There is encryption between the plane and the airport WiFi.
The maintenance crew can also plug in to an Ethernet port near the front landing gear.
There is a VPN back to the patch server managed by the airline.
The VPN host certificate is explicitly whitelisted in the plane.
The plane won't accept a patch unless it has been digitally signed by Boeing, the FAA, the Airline, and potentially the manufacturer and the local equivalent of the FAA!)
The pilot has to enter a 4-digit pin code in the plane.
Most of the associated wiring is only physically connected if there is weight on the front landing gear. You can't "hack" a plane in-flight and patch it with malware, the required cabling isn't connected.
Sometimes the vendor will provide an optional fix in a safety information bulletin, sometimes they will be mandatory (Sometimes the optional ones become mandatory [1]).
They are coordinated with applicable certification bodies (civil aviation authorities) and distributed as airworthiness directives that can, in fact, force a specific action to be taken.
[1] (writing from memory unfortunately) an airflow modification for 737 NG (iirc, could be older 737, pre-MAX definitely) avionics bay was "optional", as in mandatory only for aircraft flying in hot enough regions. After a near miss in Poland when steadily overheating avionics essentially slowly lobotomized a plane after takeoff. Turned out europe got hot enough for it.
After that incident, Boeing issued a change in safety information bulletin that the modification was now mandatory.
I like Mentor Pilot and Air Disasters, so I know I’ve heard of a few where the problem that caused an accident was already known and a fix was available but the airline just chose not to do it because they had that option. Or it was scheduled but hadn’t been performed yet because it wasn’t thought to be that critical.
Having the FAA mandate the fix seems like it would be a much better option.