Flight Safety Information - February 5, 2024 No. 026 In This Issue : Incident: Cargolux B744 over Atlantic on Feb 5th 2024, main cargo deck fire warning : Incident: United B772 at Hong Kong on Feb 1st 2024, smoke indication on board : Accident: Avion Express A320 at Vilnius on Feb 3rd 2024, temporary runway excursion : Incident: Porter E290 near Tampa on Jan 24th 2024, smoke on flight deck : Boeing may delay jet deliveries after supplier finds glitch with fuselages : FAA Tells Pilots To Go Analogue As GNSS ‘Spoofing’ Incidents Increase : Deputies make arrest in reports of laser pointing at aircraft : People with measles traveled through CVG airport in Kentucky, health officials say : Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs : FAA renews liquid oxygen exemption for HAI air medical operator members : Global Aerospace Unveils Refreshed Brand, Celebrates a Century of Service : CALENDAR OF EVENTS Incident: Cargolux B744 over Atlantic on Feb 5th 2024, main cargo deck fire warning A Cargolux Boeing 747-400 freighter, registration LX-NCL performing flight CLX-94K from Miami,FL (USA) to Amsterdam (Netherlands) with 3 crew and a cargo load of flowers, was enroute at FL370 over the Atlantic Ocean about one hour out of Shannon (Ireland) when the crew donned their oxygen masks and reported they had a main cargo deck fire warning. The aircraft diverted to Shannon for a safe landing on runway 24 and stopped on the runway. The crew evacuated the aircraft via an emergency slide. Emergency services found no trace of fire, smoke or heat. The airport was closed for about two hours until the aircraft was towed off the runway. There had been two similiar occurrence with Cargolux B744s in the past, see Incident: Cargolux B744 over Atlantic on Feb 1st 2022, cargo smoke indication and Incident: Cargolux B744 near Shannon on Mar 14th 2014, cargo fire indication, in 2014 the airline reported the cargo fire warning had been caused by moisture from the flowers. https://www.avherald.com/h?article=51490087&opt=0 Incident: United B772 at Hong Kong on Feb 1st 2024, smoke indication on board A United Boeing 777-200, registration N794UA performing flight UA-869 from San Francisco,CA (USA) to Hong Kong (China), was descending towards Hong Kong when the crew reported a smoke indication on board prompting emergency services to deploy to their stand by positions. The aircraft continued for a safe landing on runway 07L. After a check by emergency services the aircraft taxied to the apron. The aircraft remained on the ground for about 67 hours, then attempted to position back to San Francisco but had to reject takeoff at about 90 knots over ground due to the failure of the left hand engine (PW4090), which emitted a lot of smoke. The aircraft returned to the apron and is still on the ground about 41 hours after the rejected takeoff. https://www.avherald.com/h?article=5147fb91&opt=0 Accident: Avion Express A320 at Vilnius on Feb 3rd 2024, temporary runway excursion An Avion Express Airbus A320-200, registration LY-NVL performing flight X9-8242 from Milan Bergamo (Italy) to Vilnius (Lithuania), landed on Vilnius' runway 19 at about 14:19L (12:19Z) but veered right off the runway onto soft ground, went across a turnoff and returned onto the runway centerline at about 5 knots over ground. The aircraft subsequently vacated the runway via the next turn off and taxied to the apron. The aircraft sustained substantial damage. The occurrence aircraft is still on the ground in Vilnius about 6 hours after landing. https://www.avherald.com/h?article=5147d9d5&opt=0 Incident: Porter E290 near Tampa on Jan 24th 2024, smoke on flight deck A Porter Airlines Embraer ERJ-190-E2, registration C-GKQM performing flight PD-521 from Toronto,ON (Canada) to Tampa,FL (USA) with 63 people on board, was enroute about 30 minutes prior to top of descent when the crew noticed an acrid smell in the cockpit followed by hazy smoke at the right hand side of the cockpit. The crew worked the related checklists, and the smoke dissipated. The crew continued to Tampa, reported smoke in the cockpit to ATC and landed safely on Tampa's runway 19R. The Canadian TSB reported the crew requested emergency services on standby for landing but refused to declare emergency, Air Traffic Control did declare emergency for the flight. Emergency services inspected the aircraft and also noticed the acrid smell. https://www.avherald.com/h?article=51473eb9&opt=0 Boeing may delay jet deliveries after supplier finds glitch with fuselages A worker at Spirit AeroSystems, based in Wichita, Kansas, reported a production issue to managers in the latest alert for Boeing which is already facing an investigation over a mid-air incident during a flight last month. Boeing might have to delay deliveries of more of its 737 jets after a worker discovered a production issue with some of its fuselages. In a letter shared with the media, Boeing Commercial Airplanes chief executive Stan Deal told staff a worker at a supplier had found misdrilled holes in fuselages. Spirit AeroSystems, based in Wichita, Kansas, makes many of the fuselages for Boeing MAX jets. Mr Deal wrote: "While this potential condition is not an immediate safety issue and all 737s can continue operating safely, we currently believe we will have to perform rework on about 50 undelivered planes." The employee at the fuselages supplier told his manager two holes may not have been drilled according to specifications, Mr Deal added. Spirit spokesperson Joe Buccino told the Reuters news agency: "We are in close communication with Boeing on this matter." It comes after more than 170 planes were grounded by US regulators when an Alaska Airlines 737 MAX 9 was forced to make an emergency landing on 5 January. In that incident a window and chunk of fuselage blew out of the side of the plane shortly after taking off from Portland, Oregon. Loose hardware in door plugs Alaska Airlines and United Airlines, the only other US airline flying the MAX 9, reported finding loose hardware in door plugs of other planes they inspected after the incident at the start of the year. The Federal Aviation Administration grounded all MAX 9s in the US the day after the blowout - two weeks later, the agency approved the inspection and maintenance process to allow the planes to return to flying. Alaska Airlines and United Airlines have begun returning some to service. Boeing, based in Washington, said last week it was withdrawing a request for a safety exemption needed to certify a new, smaller model of the 737 MAX airliner. https://news.sky.com/story/boeing-may-delay-jet-deliveries-after-supplier-finds-glitch-with-fuselages-13064698 FAA Tells Pilots To Go Analogue As GNSS ‘Spoofing’ Incidents Increase The Federal Aviation Administration is advising pilots to prepare to use conventional navigational aids to manage the risks of ‘spoofing’ attacks on global positioning systems and global navigation satellite systems. Incidents of aircraft navigation systems disrupted by false data have become more frequent, causing pilots to veer dangerously off course. Though all pose a danger to aircraft, interference, jamming, and spoofing, differ in the extent of risk. Interference and jamming prevent aircraft navigation systems from obtaining a reliable positioning signal. Spoofing sends false navigational data, sometimes corrupting critical flight systems and making them unusable. In a recently published Safety Alert for Operators, the FAA advises civilian flight crews to monitor the performance of their equipment onboard, report any GPS/GNSS issues to air traffic controllers, and prepare to fly without digital satellite navigation systems before they take off. Understanding the Threat To Global Navigation Satellite Systems The flight-deck crew of a Sri Lankan Airlines A340-300 series Airbus - registration number 4R-ADE - ... [+]CORBIS VIA GETTY IMAGES GPS/GNSS attacks threaten defense, maritime, aviation, and other transport and critical infrastructure reliant on satellite global positioning data. In the skies, interference, jamming, and spoofing have affected military aircraft, commercial airlines, and private jet operators. Forbes Daily: Get our best stories, exclusive reporting and essential analysis of the day’s news in your inbox every weekday. “The Airbus Flight Data Monitoring has reported a substantial increase in GNSS outages, with 49,605 incidents in 2022 compared to 10,843 in the previous year,” the European Business Aircraft Association reported in November last year. These incidents most often occur near conflict zones and military operations. Sometimes GPS/GNSS interference, jamming, and spoofing are used as countermeasures to drones and missile attacks. Whether applied as a defense strategy or as a deliberate attack by nefarious actors, GPS/GNSS disruptions can put civilian flights at risk. Pilots can no longer rely on digital satellite data-dependent navigation systems when faced with these attacks. They must contact air traffic control to recover navigation; depending on where they are, that may not be immediately possible. Pilots and air traffic controllers can lose situational awareness, which could lead to an increased workload to manage the flight, an unintended flight diversion, or an accident. Spoofing Degrades Multiple Flight Systems Some warning signs of potential spoofing mentioned in the FAA’s SAFO include a significant GPS/GNSS display shift, warnings of position error from flight navigation systems, and aircraft clock changes showing incorrect time. The combination of these false indicators can disorient pilots and increase their workload to recover safe operations. The FAA’s advisory also warns of potentially unreliable triggering of aircraft terrain avoidance and warning systems. This type of system failure might give pilots the false impression they are about to collide with the ground or fail to warn pilots when they are. The attacks could also feed false data to the aircraft’s moving map and the pilot’s electronic flight bag. While pilots previously used paper guides to make critical flight calculations, many of these guides are now digital. The potential corruption of EFBs could make it difficult, for example, for pilots to calculate whether they have sufficient fuel to recover if they have drifted off course. Also at risk is the aircraft's Automatic Dependent Surveillance-Broadcast system, which helps identify and track aircraft during a flight. During some recent incidents, aircraft have disappeared from sites that track them. These attacks can also degrade air traffic management infrastructure on the ground that relies on GPS/GNSS data. As a result, air traffic controllers may be unable to help pilots avoid infringing on protected airspace or veering from their approved flight path. The FAA warns that flight operators should prepare for potential risks by checking Notices to Air Missions and planning fuel supply to adjust to aircraft deviations before departure. The FAA also recommends pilots “research alternative conventional arrival/approach procedures at the destination and all alternate airports.” When flying in locations of reported interference, the FAA advises pilots should use conventional navigational aids and flight instruments rather than relying on digital systems. ‘Spoofing’ Technology Is More Accessible Than Before The extent to which a spoofing attack could compromise systems is worrying, especially for those flying over danger zones as they cross the globe. The European Union Aviation Safety Agency and the International Air Transport Association organized a workshop with key stakeholders to discuss incidents and develop strategies to protect civil aviation. While the aerospace industry grapples with the threat, these attacks are more accessible for bad actors to deploy than in the past. French aerospace conglomerate Safran has developed simulators to test navigation systems' resilience against spoofing scenarios. Safran states in a brochure for its defense simulators, “Until a few years ago, a GNSS spoofing attack required expensive, high-end equipment in the $50,000- $500,000 range. Today, low tech equipment and open source software can enable anyone to spoof for as little as $100.” https://www.forbes.com/sites/marisagarcia/2024/02/03/faa-tells-pilots-to-go-analogue-as-gnss-spoofing-incidents-increase/?sh=24ee0b573e3e Deputies make arrest in reports of laser pointing at aircraft COLUMBUS, Ind. — Bartholomew County Sheriff deputies have made an arrest in a case about complaints involving an individual shining a green laser at aircraft in the area.’ Sheriff’s Department spokesman Sgt. Dane Duke said earlier attempts to locate the individual were unsuccessful until Saturday. At approximately 10:38 p.m. Saturday, Deputy Dylan Prather was dispatched to the area of the Columbus Municipal Airport for yet again a report of someone pointing a laser at an aircraft. Prather was initially unsuccessful in locating the source. Approximately 20 minutes later while traveling on U.S. 31 near I-65, Prather observed a green laser emitting from a black passenger car, Duke said. At this time the laser was then pointed at Prather’s patrol car as he drove by the vehicle. A traffic stop was conducted on the vehicle and the driver was identified as Christopher Clem, 49, of 1055 Robert Drive – 1A, Columbus, Duke said. During the investigation two laser devices as well as methamphetamine and crushed prescription pills were found, Duke said. While speaking with Clem, he admitted to deputies to pointing the laser at an aircraft as it flew overhead, Duke said. Clem Clem was transported to the Bartholomew County Jail where he remains on a 48 hour hold on the preliminary charges of: Pointing a laser at a public safety official, possession of methamphetamine, possession of a controlled substance and dealing in a controlled substance. All charges were enhanced due to Clem being in possession of a handgun at the time of the incident, Duke said. The United States Air Marshals and Federal Aviation Administration continue to investigate the incident at a federal level, Duke said. https://www.therepublic.com/2024/02/05/deputies-make-arrest-in-reports-of-laser-pointing-at-aircraft/ People with measles traveled through CVG airport in Kentucky, health officials say State officials say those who flew through Cincinnati/Northern Kentucky International Airport on two days in late January may have been exposed to measles. The two individuals traveled through Terminal A on Jan. 27 between 5 p.m. and 9 p.m. and Jan. 29 between 8:30 p.m. and 11:30 p.m., the Ohio Department of Health announced in a news release. The department said the risk of vaccinated people getting sick is very low and advised that children who have not received the measles, mumps and rubella vaccine should get it as soon as possible. https://www.cincinnati.com/story/news/2024/02/05/measles-exposure-cvg-airport-ohio/72480131007/ Researchers remotely exploit devices used to manage safe aircraft landings and takeoffs The closest thing we may ever get to a real-life Die Hard 2 scenario Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research. In a scenario that elicits strong memories of that nail-biting flight scene from Die Hard 2, researchers investigating electronic flight bags (EFBs) found the app used by Airbus pilots was vulnerable to remote data manipulation, given the right conditions. In reality, that Die Hard scene was, surprise surprise, riddled with plot holes – the researchers proved that a few months ago – but proving the possibility of something similar would always be exciting. An EFB is usually a tablet or tablet-like portable computer that runs aviation-specific apps used for a variety of flight deck or cabin tasks, such as making calculations to improve aircraft performance. The vulnerability was found in Flysmart+ Manager, one of many apps within the Flysmart+ suite used by Airbus pilots to synchronize data to other Flysmart+ apps which provide data to pilots informing safe takeoffs and landings. Developed by Airbus-owned NAVBLUE, Flysmart+ Manager was found to have disabled app transport security (ATS), by setting the NSAllowsArbitraryLoads property list key to "true." ATS is a key security control responsible for securing communications between the app and the app's update server. "ATS is a security mechanism that forces the application to use HTTPS, preventing unencrypted communications," blogged Antonio Cassidy, partner at Pen Test Partners, who carried out the research. "An attacker could use this weakness to intercept and decrypt potentially sensitive information in transit." A feasible attack would have to involve the interception of data flowing to the app, and a number of very specific conditions would need to be met. Even Ken Munro, another partner at Pen Test Partners, admitted exploitation would be unlikely in a real-world scenario. Oh, yes that hotel the airline always uses.... First, an attacker would need to be within Wi-Fi range of the EFB loaded with Flysmart+ Manager. Sounds unlikely, but Munro said airlines often use the same hotels to accommodate their pilots between flights, and you can spot them, and the airline they work for, fairly easily. Secondly, and perhaps the biggest blockade to realistic exploitability, is the fact that an attacker would need to be monitoring the device's traffic at the time of the EFB handler initiating an app update. The update cycle is determined by the Aeronautical Information Regulation and Control (AIRAC) database. The AIRAC database can be updated with important information such as when new runways are installed or made temporarily unavailable, or when significant changes are made to the runway environment, like the installation of a crane. When the database is updated with new data, the app must download it to provide pilots with accurate and timely information. This is typically done once a month. The attack scenario devised by the researchers involved targeting a pilot sitting at a hotel bar – so, within Wi-Fi range – and performing directional Wi-Fi hunting while targeting a specific endpoint that the attacker would be aware of as they know the target app. "Given that airlines typically use the same hotel for pilots who are down route / on a layover, an attacker could target the hotel's Wi-Fi networks with the goal of modifying aircraft performance data," said Cassidy. In developing a proof-of-concept for an exploit, the researchers were able to access data being downloaded from update servers. Most of it came in the form of SQLite databases, with some including weight balance data of an aircraft and the minimum equipment list – information on what systems can be inoperative for a flight. Cassidy said the possible consequences of a successful exploit could include an airplane tailstrike or a failed takeoff, leading to runway excursions. "Do I think this is likely? No, absolutely not," said Munro. "But, the point is there is a vulnerability. There are issues with flight systems and the good news is we're finding them and manufacturers are fixing it." Pilots get electronic flight bag Airbus was commended by the researchers for fixing the issue within 19 months, which is in the expected range for aviation tech, they said. A window of 19 months would be entirely unacceptable in regular IT patching, but in aviation, an update like this would typically take around 12 months, so not a million miles away. A longer period of time is required for it to go through certification processes with the aviation industry, we're told. Munro said: "Could that be a bit quicker? Yeah, I think it could have been a bit quicker, but they fixed it – that's the important thing, and it was done in a reasonable amount of time for aviation software." One active commercial pilot told The Register the finding was a "concern," particularly with regard to takeoff performance speeds since the Airbus performance program is known for producing different speeds and flap settings to optimize takeoffs. They said because of this frequent change, a pilot probably wouldn't spot a manipulated dataset if it appeared in the EFB app, which could lead to dangerous takeoff procedures. Some airlines have gross error checks that examine the relationship between the calculated speed and actual aircraft speed, based on the aircraft's weight and balance data, the type which was accessed by the researchers while looking into Flysmart+ Manager. "I assume [these checks] would pick up a hack… but I couldn't say that categorically," the pilot said. Responding to the research, an Airbus spokesperson said: "We identified a potential vulnerability in a specific version of the NAVBLUE FlySmart+ EFB product in 2022. "Our analysis, confirmed by EASA, showed that there was no safety issue thanks to the security procedures in place to validate flight-relevant data. Product improvements have addressed this potential vulnerability in subsequent versions of NAVBLUE EFBs." https://www.theregister.com/2024/02/03/researchers_remotely_exploit_devices_used/ FAA renews liquid oxygen exemption for HAI air medical operator members In response to a biennial request from Helicopter Association International (HAI), the Federal Aviation Administration (FAA) has issued a two-year extension of Exemption 6002, permitting properly trained air ambulance/medical evacuation pilots employed by HAI member companies to remove and reinstall liquid oxygen (LOX) system containers under certain conditions. February 2024 This extension, titled 6002O, is effective Feb. 1, 2024,. and, barring FAA changes, expires Jan. 31, 2026. HAI first petitioned the FAA for this exemption almost 30 years ago, receiving the initial authorization letter in December 1994. Following FAA policy, petitioners must request an extension every two years. Exemption 6002 and its subsequent renewals permit pilots employed by petitioner member operators to remove and reinstall LOX containers in their aircraft after receiving and documenting prescribed training in this task by a properly certificated airframe mechanic. The FAA Exemption document also specifies that the pilots and the task are subject to certain conditions and limitations. Ultimately, this petition helps specific HAI members save time and money by permitting correctly trained pilots to change oxygen canisters or tanks instead of requiring the work to be done by an A&P mechanic. https://verticalmag.com/press-releases/faa-renews-liquid-oxygen-for-hai-air-medical-operator-members/ Global Aerospace Unveils Refreshed Brand, Celebrates a Century of Service New Look. Same Commitment. London, England – Global Aerospace, a world-leading provider of aviation and aerospace insurance, today unveiled a refreshed brand, including a new logo and website. The rebranding initiative reflects its commitment to the future of aviation and focus on developing innovative insurance products that meet the industry’s unique challenges. The update comes as the company celebrates a century of success as an aviation insurance specialist, with the new look exemplifying its dedication to providing industry-leading insurance solutions and risk management programs. The company’s new website illustrates many of its contributions to advancing aviation, including simplified online access to insurance solutions, insightful thought leadership, and advocacy and action toward sustainability. Rachel Barrie, group chief executive for Global Aerospace adds, “The rebrand provides an exciting opportunity to reinforce our unique dedication to the future of aviation and our passion for helping our clients thrive.” The company recognises the current buyer-empowered market, and its decision to rebrand aligns with its desire to collaborate with clients and their brokers to deliver first-class underwriting, trusted claims service, and advanced technology to meet their unique needs. As the company embarks on its second century of aviation insurance leadership, it remains committed to earning the trust of aviation and aerospace stakeholders for the next 100 years. About Global Aerospace Global Aerospace has a century of experience and powerful passion for providing aviation insurance solutions that protect industry stakeholders and empower the industry to thrive. With financial stability from a pool of the world’s foremost capital, we leverage innovative ideas, advanced technology and a powerful synergy among diverse team members to underwrite and process claims for the many risks our clients face. Headquartered in the UK, we have offices in Canada, France, Germany, Switzerland, and throughout the United States. Learn more at www.global-aero.com. To learn more about the company’s SM4 Aviation Safety Program, visit sm4.global-aero.com. Contact: Suzanne Keneally VP, Group Head of Communications skeneally@global-aero.com 973-490-8588 CALENDAR OF EVENTS • SINGAPORE AIRSHOW 2024 - February 20 - 25 • HAI Heli-Expo 2024 - February 26 - 29 - Anaheim, CA • 2024 Women in Aviation International Conference - March 21-23 (Orlando) • SMU Air Law Symposium - March 21-22, 2024 ( Dallas, TX) • 2024 ACSF Safety Symposium – Air Charter Safety Foundation - April 1-3, 2024 • Blazetech - Aircraft Fire Hazards, Protection, and Investigation Course June 4 - 7, 2024 • Airborne Public Safety Association, Inc. (APSCON 2024) - July 29 - August 3; Houston TX • Asia Pacific Airline Training Symposium - APATS 2024, 0-11 September, 2024, Singapore • • 2024 ISASI - Lisbon, Portugal - September 30 to October 4, 2024 • 2024 NBAA Business Aviation Convention & Exhibition - Oct. 22-24 (Vegas) Curt Lewis