The potential gains of predictive maintenance are clear, and the basic concept fairly straightforward: use data to detect failures ahead of time, avoiding costly unscheduled maintenance.

But only a small portion of airlines, perhaps only 10%, are doing modern predictive maintenance. That is because implementing predictive maintenance requires many small, detailed steps that can be time- and effort-intensive.

Ankit Nanda, director of engineering and reliability at Allegiant Air, explained one of these steps to participants in the recent Global Connected Aircraft virtual conference. With all that predictive data whizzing around an aircraft and between the aircraft and the ground, an airline must develop and implement a solid Aircraft Network Security Program (ANSP), Nanda counseled.

Allegiant is a growing ultra-low-cost carrier that is nearing a fleet of 100 Airbus A320ceo-family jets. It uses Airbus’s Skywise tool as the basis of predictive maintenance, and Collins Aerospace’s flight operations and maintenance exchanger, or FOMAX, box to collect data onboard.

The airline has retrofitted 18 aircraft so far with FOMAX, with installation taking 3-4 days each. FOMAX can send data to the ground by either satellite or 4G links on the ground at the small airports Allegiant mostly serves. 
Nanda says the benefits of Skywise-supported predictive maintenance are clear: reduction in AOG times, reduction in unscheduled maintenance and having the right part available when needed, all adding up to significant money and manpower savings.

But an FAA advisory circular required an ANSP to reap these benefits. Allegiant had to submit its plan to the agency to move forward.  

An ANSP has to deal with preventing unauthorized access to the hardware and software supporting predictive maintenance onboard and on the ground. It must also deal with operating threats that could hamper the system and threats to uploads of software. And it must be able to detect threats and manage them.

Background checks of staff authorized to access systems are necessary. So is the physical security of hardware, for example door locks on cockpits and protection of panels on the hardware flight attendants use to access systems. Protecting galley and Wi-Fi access is also necessary. 

And whatever protections the airline uses for aircraft in its own facilities must be continued when the aircraft is at an independent MRO shop. “Talk to your MRO partner about its methods and people,” Nanda advises.

The key and hardest challenge is dealing with onboard Wi-Fi access. “This is the most vulnerable,” Nanda says. “You need different networks to segregate crew and passengers. Crew systems should be hidden networks.”

Another requirement lies in cyber security of maintenance equipment and tooling. So Allegiant has laptops dedicated just to working with FOMAX, and these dedicated laptops have no Wi-Fi or other software, not even Microsoft Office. The store clerk who issues these dedicated laptops monitors them, and if one is left out unattended, it is wiped clean before reuse.

When installing new software, security certificates must be checked. Downloading the security logs from the systems could be done manually, but with a hundred aircraft eventually covered, an automatic system was desirable at Allegiant. Nanda says this automation must be approved by OEMs, in his case Collins and Airbus. 

And once security logs have been downloaded, how should they be interpreted to detect and assess threats? Nanda says neither an avionics engineer nor a cyber-security expert alone can perform this review. “They must collaborate.”

All this requires “training, training, training,” the Allegiant manager stresses. He urges airline managers planning to do predictive maintenance to contact their regulatory up front and allow plenty of time to develop the ANSP.