The FAA's ERAM system provides "look-ahead" data about aircraft courses and highlights potential conflicts (also known as mid-air collisions).

Lockheed Martin

Last week's failure of a Federal Aviation Administration computer system handling air traffic in the southwestern US was caused by an error that filled the available memory to the system, Reuters reports. Security experts who evaluated the system told Reuters that the flaw could have been used by attackers to shut down the FAA's En Route Automation Modernization (ERAM) system, stopping air traffic nationwide. However, creating the conditions to exploit the error would be difficult.

ERAM, a system designed for the FAA by Lockheed Martin, has a capability called "look-ahead" which searches for potential conflicts between aircraft based on their projected course, speed, and altitude. Because of the computing requirements for handling look-ahead for all of the flights within a given region of controlled airspace, Lockheed Martin designed the system to limit the amount of data that could be input by air traffic controllers for each flight. And since most flights tend to follow a specific point-to-point course or request operation within a limited altitude and geographic area, this hasn't caused a problem for ERAM during previous testing.

A Lockheed Martin video describing the "En Route Domain" of the FAA's traffic control system and how ERAM works.

A flaw in the system was exposed when a U-2 spy plane entered the air traffic zone managed by the system in Los Angeles. The aircraft had a complex flight plan, entering and leaving the zone of control multiple times, according to Reuters' sources. On top of that, the data set for the U-2 flight plan came close to the size limit for flight plan data imposed by the design of the ERAM system. Even so, the flight plan data lacked planned altitude data, so it was manually entered by an air traffic controller as 60,000 feet.

However, the system ignored this manually keyed altitude data. It started evaluating all possible altitudes along the U-2's planned flight path for potential collisions with other aircraft. That caused the system to exceed the amount of memory allotted to handling the flight's data, which in turn resulted in system errors and restarts. It eventually crashed the ERAM look-ahead system, affecting the FAA's conflict-handling for all the other aircraft in the zone controlled out of its Los Angeles facility.