Saturday, 8 February 2020

Uncle Sam tells F-35B allies they'll have to fly the things a lot more if they want to help out around South China Sea

Bernie C @flickr

Uncle Sam tells F-35B allies they'll have to fly the things a lot more if they want to help out around South China Sea • The Register

Plus: Move to Agile is 'high risk' and infosec snafus still not fixed


By Gareth Corfield 7 Feb 2020 at 16:2430 

British F-35Bs deploying to the South China Sea next year may not meet key reliability metrics set by an American government watchdog, its annual report has revealed.

The US Department of Defense's Director of Operational Test and Evaluation (DOTE) warned that the multinational F-35B fighter jet fleet is lagging behind a key flight-hours metric needed to show maintenance maturity.

On top of that, the supersonic stealth jet project's move towards Agile methodology for "minimum viable product" (MVP)-phased development of critical flight and weapons software every six months is a "high risk" strategy, according to DOTE.

The F-35B fleet worldwide needs to rack up 75,000 flight hours before DOTE thinks it has gathered enough data to meet the contract spec. Currently the B model has just 45,000 hours across the board – and with HMS Queen Elizabeth due to deploy to the Pacific next year with two squadrons of F-35Bs aboard, this could mean the aircraft carrier will set sail with jets that haven't met their required reliability standard. So far the B fleet is unable to meet its target of flying for 12 hours or more between critical failures.

Software development processes used to build F-35 software also fall under DOTE's remit, and the auditor is not impressed by what it saw.

In its report (PDF, 14 pages), DOTE said it "assesses the MVP and 'agile' process as high risk due to limited time to evaluate representative IDT/OT data before fielding the software," adding:

"Testing will not be able to fully assess fielding configuration of the integrated aircraft, software, weapons, mission data, and ALIS capabilities prior to fielding. The aggressive 6-month development and fielding cycle limits time for adequate regression testing and has resulted in significant problems being discovered in the field.

ALIS is the F-35's notorious maintenance software. Last seen on El Reg having been given Internet Explorer 11 compatibility two years ago, we now learn from DOTE that version 3.6, which was intended to be the Windows 10-compatible version with "cybersecurity improvements" will now no longer be developed. Instead the F-35 Joint Project Office, the US military unit in charge of F-35 development, "announced it plans to release capabilities via smaller, more frequent service pack updates."

This, wailed DOTE, "increases timeline uncertainty and schedule risk for corrections to ALIS deficiencies, particularly those associated with cybersecurity and deploying Windows 10."

Comically, the F-35 JPO has also drunk the DevOps Kool-Aid for these ALIS service packs – giving it the genuine codename "Mad Hatter". DOTE appeared unsure whether Mad Hatter was DevOps-based or agile, however, commenting: "It is unclear that new approaches, such as ALIS NEXT and 'Mad Hatter' will sufficiently improve ALIS, or if more resources are needed."

ALIS NEXT is an insourcing of ALIS by the US government, which plans to stick it on a public-sector-owned cloud in addition to having local deployments following F-35 squadrons around with large numbers of servers in tow.

Infosec? Config confusion? Meh

Concerningly for the main F-35 programme, cybersecurity requirements laid down by DOTE still have not been met. Despite previous years' reports stating that Lockheed Martin (builder of the F-35) and the US government alike needed to sharpen up, DOTE said: "Cybersecurity testing to date during [initial testing] continued to demonstrate that vulnerabilities identified during earlier testing periods still have not been remedied."

On top of that, an increasing number of deployed software versions and hardware (as in onboard computer) configurations pose a potential threat to reliability. Block 3F is the current main build of F-35 onboard software, with Block 4 being the next scheduled major release, though earlier versions of Block 3 are still in use.

Warning of the problems in store, DOTE said: "These configurations include the fielded TR-2 processors and [EW, electronic warfare; i.e. radar jamming] system for Block 3F, new EW equipment in Lot 11 and later aircraft, an improved display processor that may be added to TR-2, new TR-3 open-architecture processors to enable Block 4 capabilities and other avionics for later increments in Block 4. Adequate plans for supporting all these configurations do not appear to be in place."

The F-35B continues to be the only modern fighter jet capable of operating from Britain's two new aircraft carriers, HMS Queen Elizabeth and HMS Prince of Wales. ®


UK to receive F-35 DAS upgrade

No comments:

Post a Comment