By Allison Lampert and Rajesh Kumar Singh
(Reuters) – A technology failure that temporarily halted all departures of Southwest Airlines Co flights on Tuesday is raising fresh concerns about the resiliency of the U.S. carrier’s IT infrastructure, industry experts and the carrier’s pilots’ union said on Wednesday.
The Dallas-based carrier has blamed the hour-long outage on a vendor-supplied network firewall failure, causing a temporary loss of connection to key systems.
Southwest told Reuters on Wednesday it opted to halt flights out of caution, adding there were no indications of a cyber attack. It declined to identify the vendor and did not address why this failure was not part of the company’s planning.
While the exact cause is not clear, some industry experts questioned why Southwest systems did not include more redundancy. The carrier has been under fire since a software problem over the Christmas holiday led to over 16,700 flight cancellations, disrupted travel plans for two million customers and cost it more than $1 billion.
“This would indicate that resiliency is not adequately addressed in their systems,” said Eric Parent, a private pilot and CEO of EVA Technologies, a cybersecurity firm with offices in Canada, the U.S. and Europe. “Some significant improvements should be considered to increase their maturity and capacity to maintain operations.”
Jose Fernandez, a pilot and retired professor specializing in aviation and cybersecurity at Ecole Polytechnique de Montreal, added: “If one firewall equipment failure led to this, it’s not very resilient.”
CHAIN OF EVENTS
At around 7:15 a.m. CST (1215 GMT) on Tuesday, the carrier lost access to a software application called SWIFT, said a person in the industry with direct knowledge of how the airline handled the matter. The application, which provides a real-time status report on everything from flight tracking to fuel usage and gate information, relies upon a data feed to operate.
An hour later, SWIFT was back up and running but other systems like dispatch and weather packets that provide weather information were also impacted, the source said. Southwest was able to manually launch flights while SWIFT was down but decided to suspend departures at 8:27 a.m. CST.
A message from a Southwest plane’s ACARS system – a direct data messaging system for pilots – said a lack of data on “aircraft position and location” caused the grounding, according to a copy of the message the source gave Reuters.
The FAA referred questions to Southwest and declined to comment further. The U.S. Department of Transportation could not immediately be reached to comment.
The carrier said it was working with the vendor to identify the issue and devise a solution to prevent future problems.
But Tom Nekouei, a vice president at the Southwest Airlines Pilots Association (SWAPA), said SWIFT is an ongoing problem as access goes down intermittently.
He called Tuesday’s problems yet another example of Southwest’s “chronic under-investment” in tech infrastructure.
“It is a known issue,” he said.
A Southwest spokesperson, however, said SWIFT is only one operational application and was not the root cause of Tuesday’s operational pause. Other functions such as weather packets, aircraft routing, crew duty time monitoring and passenger manifests required the data feed as well.
Southwest has developed a plan with inputs from aviation consultancy Oliver Wyman, which was hired to investigate the holiday disruption, to bolster its operations and prevent last year’s debacle from repeating.
Oliver Wyman did not respond to a request for comment.
Fernandez, the retired professor, said more should be done to protect non-critical aviation systems where cases of failure are not life threatening, but still disruptive.
“These ancillary systems that makes sure the business runs need to be resilient.”
(Reporting By Allison Lampert in Montreal and Rajesh Kumar Singh in Chicago, editing by Ben Klayman and Josie Kao)
