Two Lessons for DevSecOps from Grounding of 737-MAX

As an IT professional who is working DevSecOps and with strong interest in Aviation industry, I learnt some lessons from the grounding of 737-MAX series.

Automation is Essential but People Need to Know What Automation Does

The crash of ET302 and JT610 might be due to MCAS (Maneuvering Characteristics Augmentation System). The computer reads attitude of the plane and in certain situation it would intervene. It is meant to assist pilots and in ideal situation the pilots would not notice.

In DevSecOps, automation is essential; in fact without automation, it is not possible to achieve DevSecOps. Tools are used to achieve automation.

Use it right and in the hand of good engineers, the tools would do wonder. The DevSecOps would be able to deliver features, fixes, and updates frequently to deliver business values.

US Airway flight US1549 showed how a pilot, Capt. Sully, was able to utilise automation (in the form of auto pilot) to help him to steer the crippled plane before ditching on Hudson River.

In contrast, the computer on Air France flight AF447 provided warning to the pilots that the plane was stalling and approaching terra firma; however the pilots did not respond to the warning and only at last minute it figured out what happened, but it was too late.

In DevSecOps, it is common to mix different tools from different vendors. Each tool has its own strengths and the organisation may have its specific needs and constraints that dictate the tools used.

An engineer who is clue-less on the tools would make DevSecOps fail to deliver its value.

The engineer must be familiar with all of those tools. Using the tools everyday, however, does not make an engineer familiar with the tools; it was simply making the engineer as operator.

The engineer is expected to know how the tools work, how the tools interact to each others, how to exploit each individual tool, how to interpret the errors generated by the tools and how to fix the issues.

Not easy, but at least the engineer could quickly recover the tool-chain when there is/are error[s].

If an engineer is not familiar what each tool in tool-chain does, then he would not know what to do when something unexpected happened. In DevSecOps, it would simply created delays.

Unmanageable Technical Debt will Snowball to Bigger Problem in the Future

The Boeing 737-MAX is the latest variant of the venerable 737 series that started in the 60s. Throughout the years, Boeing kept improving the plane. It accommodate bigger engines, longer airframe (for bigger capacity), etc. It makes the plane still relevant, especially after Airbus rolled out A320s in the 80s.

However, what Boeing has been doing was simply continuously tweaking the plane. As the landing gears are not high, there is a limit on how big the engines 737 could use. Boeing has been tweaking the engine pylons so much that on 737-MAX the pilot needs to be assisted by the MCAS.

The Boeing 737 design has limited the changes that Boeing could do. It has become a technical debt but nothing was done.

Likewise in DevSecOps. While meeting the objective to deliver business values is very important, the technical debt also matters. Delaying addressing the technical debts would simply make the problem bigger and soon or later becomes unmanageable and affecting the business.

It is important for the organisation and DevSecOps team to allocate time and resources to address technical debt. It is either to be done in specific sprints/releases or inserted as part of releases.

Airbus and the Unlucky 8

Recently Airbus announced that it would stop the production of the largest airliner, the A380.  Despite its popularity with the passengers, the plane is unfortunately not popular to bean counters airlines executives.

The premature end of A380 productions (as compared to its rival, Boeing 747 series), also cap Airbus unlucky experience of using supposed-to-be lucky number of 8.

From A300 to A380

Both Airbus and Boeing have naming convention for its planes.  Airbus named its first model it produced, the A300.  Subsequently it named the model in multiply of 10: A310, A320, the A330 and A340 .

However, when Airbus announced the A380, it deliberately skipped A350, A360 and A370.  The number ‘8’ was chosen because it resembles the double-deck cross section – the A380 is the first airliner to have a full-length double-deck* – and it is considered as lucky number in Chinese numerology.

It is not uncommon for aircraft manufacturers to have different variants for the same model; different in range, capacity or generation.  For example, the 747 started as 747-100 and subsequent variant was named 747-200.  Airbus A330-200 is shorter (and has more range) than the A330-300.

The A380 has, in fact, two eights because the base (and only) variant of A380 is … 800.

Despite having two ‘8s’, the Airbus A380-800 – shortened as A388 – has not been having good sales.  Other than Emirates – which ordered half of A388s produced, no other airlines acquired the A388s in large number. The A380 programme was doomed.

Alas, Airbus continues to have problem with number 8.

Among other models Airbus is currently producing, A350 is its largest twin-engine wide-body airliner.  It has at least 3 variants, A350-900, A350-900ULR and A350-1000; with -900 has the shorter frame (and lower passenger capacity) as compared to A350-1000.  However, the A350-900 was not planned as the smallest variant.

Airbus planned to ‘shrink’ the -900 to even shorter frame (and with less passengers count) and name it A350-800.  It was meant to serve thinner route while maintaining commonality with its larger cousins. However, the shrink made the variant noncompetitive; so the -800 variant was a stillborn.

Airbus unlucky experience with ‘8’ does not stop here.  It recently launched the re-engined variant of its popular A330 model, called A330NEO (New Engine Option).  It has two variants, A330-800 and A330-900; with the former is having shorter frame (and longer range) than the later.

However, the -800 model has not been popular. Airbus has received order for only 8 A338 from one airline, Kuwait Airlines; as opposed to 231 orders for the A330-900 variant. It is unlikely for A338 variant to have large orders, considering that the -900 variant is as capable as -800 and the entire A330NEO line is facing stiff competition from Boeing 787s.

Boeing has a better experience with number 8.

Even though its latest variant of 747, the 747-8, is not selling well (with only 154 orders), the saving grace for Boeing is it spent a modest amount to develop B747-8 as it was a modification from earlier model, 747-400.   Boeing also could claim that nothing could dethrone the ‘queen of the skies’ as it will still be producing 747-8 – with current backlog and production rate – will still be produced when the last A380 leaves Airbus production line.

While the 747-8 is not considered successful, Boeing has a better experience with number 8 with its latest twin-engine wide-body model, the 787.  This model has been a runway success, clocking more than 1,400 orders. Its smallest variant, 787-8 has similarity to A388, it has a ‘double-eight’. However the similarity ends there as airlines ordered 444 B787-8s, well better than 251 orders for the A380s.

So, number 8 may not be a lucky number for everyone!

 

* Technically the A380 has 3 decks; however the passengers would see only the main deck and upper deck. The lower deck is used for cargo or crew rest area.

Wireless IFE

Recently I flew to Surabaya and took Silk Air (MI) for the return flight.  It was a short flight, about 2 hours, and in the evening.  I was rather tired, I arrived in Surabaya in the morning (on SQ flight) and spent few hours before flying back.  I was looking forward to sleep on the plane.

The last time I took MI was a good 10+ years ago, also for flight to/from Surabaya.  So, I did not expect too much from the carrier that some people referred to as “budget airline with SQ fare.”

After I boarded the plane, and while waiting for the push back, I browsed the in-flight magazine and noticed now Silk Air provided in-flight entertainment; an improvement.  However, the plane had no in-flight entertainment equipment; no LCD screen at the back of the seat.  Instead, the movies were streamed to mobile devices through on-board WiFi.

20180930_185459.jpg

Such setup has becoming very common across many airlines.  With everyone has mobile devices and with pervasive access to contents – including movies, many passengers would prefer to watch their own movies on their own devices. For passengers who prefer to watch airline-provided movies, streaming the movies over WiFi saves the airlines lots of money by not having the in-flight entertainment equipment. The absence of such devices also means less weight, less weight means less fuels consumed, which in turn saves the airline more money.

However, I was intrigued by the whole setup on mobile devices in order to access the in-flight entertainment. I took the picture off the page of the in-flight entertainment magazine; and after I touched down in Singapore, I posted the picture on social media, with title ‘SilkAir teaches its passengers how not to do IT security.”

There are two reasons.

  1. Sideloading

For passengers with mobile devices running Android operating system, the magazine instructed the passengers to download the app and then install it directly without going through Google Play Store.

The practice of downloading and installing any applications from any sources other than the official app store is call sideloading; and it is not a recommended practice.

The official Google Play Store, while not perfect, provides some level of protection from malicious app. That may not be the case with an alternative app store or with a website or forum hosting an APK file.

By advising passenger to sideload the application, MI unintentionally is training its passengers to push past all of the warnings that Android displayed.

SilkAir may argue that they could be ‘trusted’.  However, such argument simply undermines the education given by IT security professionals: “Do Always download from official stores”.

  1. The usage of Flash

The magazine also stated that for laptop users, Flash must be enabled in order to enjoy in-flight entertainment.

Good luck for that.  Safari, Chrome and Firefox browsers have disabled access to Flash by default. Users must go through myriad setting just to have it enabled, and that only for current session.

Flash was originally a good platform for delivering multimedia content across multiple platforms.  The browser plug-in was available on many platform combinations (OS, browsers).  Web developer need only to develop the content once, and it was guaranteed to run and work consistently across platforms.

Flash came in the era when browser compatibility was a main issue. Using Flash, web developers could overcome browser compatibility issue with ease.

Now the issue has past with the adoption of HTML5; it could what Flash could natively on the browser, without any plug-ins.

Flash also started to decline after Apple refused to have Flash plug-in on its iOS, and even it went further downhill after strings of vulnerabilities have been discovered on Flash, even up to today.  Those issues really pushed browser manufactures to disable Flash [1], [2],[3]; and indeed Adobe itself will terminate Flash support by 2020.

As modern browser has disabled Flash by default, passengers need to tweak the settings in order to enable Flash (and watch the video).  It is an inconvenience to passengers; it also showed MI used an old, obsolete, soon-to-be decommissioned platform.

So, what SilkAir can do?

  1. Silk Air should advise passengers to download the applications ahead, before boarding. Show the instruction on the ticket, or even boarding gate.
    When I took Qantas last year to Australia, the website clearly indicates that to enjoy inflight entertaintment in domestic flights, passengers need to install Qantas app.
  1. Change the technology used to deliver video to HTML5. This will allow any passengers to use their mobile devices, connected to on-board wifi, to access inflight entertainment content with standard browser. It is a much simpler and requires no installation whatsoever.

 

Post script: after checking many sites, I don’t think Silk Air is unique. KA, TR do provide similar instruction; UA requires Flash plug-in, VA even requiring a more obsolete plug-in: Silverlight. But D8 seems to do it right.