Lockheed Made A Three Minute Long Cartoon Just To Explain F-35’s ALIS

That’s good, because the vital, interconnected system is having some trouble at the moment.

byJoseph Trevithick|
F-35B photo


A squadron of U.S. Marine Corps F-35B Joint Strike Fighters is grounded due to problems with the software in its central cloud-based computer brain, known as the Autonomic Logistics Information System (ALIS). But then again, you know something is pretty complex when the manufacturer needs a three minute animated video presentation just to explain the most basic elements of how the system is supposed to work – and doesn’t mention any potential vulnerabilities to cyber attacks.

On June 22, 2017, the Marine Corps announced that it had halted Marine Fighter Attack Squadron Two One One’s (VMFA-211) flight operations at Marine Corps Air Station Yuma in Arizona because of unspecified “anomalies” in the ALIS software. The unit had recently installed an upgrade within the latest software build – effectively a patch to a patch – called Version 2.0.2. Afterwards, the system began spitting out bogus maintenance codes, potentially confusing ground crews and erroneously sidelining aircraft unnecessarily.

“There is nothing wrong with the performance or safety of the aircraft itself,” U.S. Marine Corps Major Kurt Stahl, 3rd Marine Aircraft Wing’s director of public affairs, insisted in a statement, according to Defense News. “But it is imperative that we ensure the ground-based ALIS system is working properly before flight operations continue.”

Without knowing the specifics of the situation, it’s impossible to say how significant the issue actually is for VMFA-211 or its ability to conduct missions if necessary. The faulty update appears to be isolated to the Arizona-based squadron. In this particular case, it could be more of an annoyance than anything, akin to driving your car for weeks on end with the “check engine” light on despite mechanics telling you everything’s fine.

Video thumbnail

But Stahl’s comments hit at the deeper core of the issue. In spite of its name, if and when it works as intended, ALIS serves as the core operating system for software handling an amazing array of functions, streamlining and speeding up operations and possibly reducing costs in the long term. You often hear about just how many lines of actual computer code there are inside it. After sending out the Version 2.0.2 update to F-35 operators in April 2017, Lockheed subsequently released a video online detailing the system’s vital role in the stealth fighter’s day-to-day activities.

“Think of ALIS like a smartphone,” the narrator says. “It has more than 65 applications that do everything from managing operations and training to maintenance and supply chain.”

The “ground-based ALIS system” Stahl mentioned is Lockheed’s Standard Operating Unit (SOU), which serves as a central terminal for collecting info from the Joint Strike Fighters and supporting personnel back at base. The U.S. military refers to this segment as the “Squadron Kit.” According to the Maryland-headquartered defense contractor, each squadron is supposed to have an SOU to help prepare data to upload on the jets or analyze information downloaded after missions. Ground crews use mobile terminals, basically militarized laptops, to actually get that data in and out of individual aircraft.


And like your phone, tablet, or computer, ALIS’ servers on the ground are constantly sending information back to Lockheed so it can study the “usage statistics.” In theory, this would allow the company to see whether certain parts wear out faster than they expected, spot unforeseen issues before they impact operations, and just be better able to respond to the needs of F-35 operators not just in the U.S. military, but in any of the nearly a dozen other foreign services that are flying the fighters or are expecting to in the near future. Additional countries are considering signing up to get Joint Strike Fighters.

The U.S. military also uses ALIS to push updates, like Version 2.0.2, down to both American and foreign operators through a centralized network. We don’t know if ground crews need to make an active decision to install the patches or whether the updates load up automatically like automatic software updaters on your home computer.

“The F-35 provides more maintenance data through its sensors than any other fighter and ALIS converts that into actionable information to keep F-35s mission ready,” the infomercial explains. “During flight, the F-35 collects data on a wide range of systems and once the flight is complete, maintainers then download that data into ALIS to determine what actions need to occur.”


Even more importantly, beyond logistics and preventative maintenance, the system is also critical to pre-mission planning and post-mission debriefing. Units use the system to upload mission planning details onto individual aircraft, including information about potential threats and hazards, routes and other details about where they're flying. After a sortie, ground crews can download similar information from the jet's extensive sensor suite for further examination. This has the potential to turn every F-35 into an electronic intelligence sponge on every mission, which could help American forces or their allies map integrated air defense networks and other threats ahead of future operations automatically and on an incredibly grand scale. The aircraft should even be able to do all this even during routine transits.  

Unfortunately, it’s ALIS’ vital and interconnected nature that has prompted concerns about the danger of cyber attacks on the system for years. The threat is real and we don’t know how well fortified the various parts of the system are against hacking or other intrusions. It's not clear how many aircraft have the the latest cyber defense upgrades, whatever they may be, either. Thanks to a process known as concurrency, the U.S. military already owns hundreds of F-35s and has been upgrading them as necessary. In order to declare the jets combat ready, the U.S. Air Force and Marines both adopted truncated and rigid development schedules, as well.

Still, in 2012, a team working for the U.S. Navy reportedly broke into some portion of the ALIS network, prompting a major fix to the system. The incident also highlighted fears that a enemy might be able to get into the system, or other parts of the F-35 program, indirectly through one of Lockheed's many subcontractors. Third party companies in 45 states and Puerto Rico, as well as additional foreign firms, support the Joint Strike Fighters.

"Even if Lockheed has top-notch cyber security, it's still vulnerable if its subcontractors are vulnerable," Ben Freeman, a national security investigator with the non-profit Project on Government Oversight, told Reuters at the time. "You have to be continually assessing the risk," Raphael Mudge, a former Air Force engineer and independent cyber expert, added.

Marines look at engine test data on a portable terminal during an operational evaluation aboard the USS Wasp in 2015., USMC

Then, in December 2015, the Pentagon’s main F-35 program office delayed an important cyber warfare test specifically because they were worried about it damaging the existing software build and impacting operations. In 2016, VMFA-211 did participate in a cybersecurity exercise, with opponents apparently trying to break into or otherwise disrupt their SOU, which was running Version 2.0.1 software at the time. Specific details about the event or its results are not publicly available.

“The cybersecurity testing in 2016 showed that the [F-35] program has addressed some of the vulnerabilities identified during earlier testing periods,” the Pentagon’s Director of Operational Test and Evaluation wrote in his annual review of the Joint Strike Fighter project for that year. “However, much more testing is needed to assess the cybersecurity structure of the air vehicle and supporting logistics infrastructure system … and to determine whether, and to what extent, vulnerabilities may have led to compromises of F-35 data.”

The nightmare scenario would involve an opponent causing a disruption during an actual crisis by either actively feeding bad information into the ALIS system or otherwise disabling some portion of it or its overarching architecture. The interconnected nature of the arrangement might allow a localized breach to infect larger segments of the F-35 fleet both in the United States or abroad or vice versa. It’s not hard to imagine the time and energy needed to sort out real inputs and outputs from fake ones hampering or halting operations entirely under the right circumstances. Given the jet's low-observable characteristics, advanced defensive systems, and other sensors, a cyber attack would be an attractive option for any enemy force. Why would an enemy use a $500,000 air-to-air or surface-to-air and put their personnel and equipment at risk in an attempt to down an F-35 when a simple worm may be able to do the same to a whole fleet of F-35s? It could also do so with plausible deniability, something kinetic weapons are far less adept to. 


American allies, who have to rely on U.S.-based software labs to develop updates and other data packages, would have similar concerns. It’s worth noting that Israel had secured the unique and unprecedented rights to tinker with its F-35Is, operate its ALIS systems outside of this centralized network—and possibly operate the F-35s independent of ALIS totally—and is in the process of developing its own software to sit on top of the existing applications. The Israeli Air Force has even purchased a special dedicated test aircraft to serve as the testbed for these and other future modifications. Israeli officials have said that they pushed for this level of autonomy from the rest of the F-35 program, in no small part because of fears that operations could grind to a halt in the middle of a conflict if they suddenly found themselves cut off from the central ALIS network.

“The ingenious, automated ALIS system that Lockheed Martin has built will be very efficient and cost-effective,” an anonymous Israeli Air Force officer told Defense News in 2016. “But the only downfall is that it was built for countries that don’t have missiles falling on them.”

To be fair, there’s a lot we don’t know about the latest ALIS issue. There is no doubt that ALIS offers some very attractive features, but in an age where cyberspace is increasingly becoming the front lines of international conflict, ALIS could also offer an incredibly attractive Achilles heel for enemy hackers to sink their teeth into. We can only hope all the data the complex, interconnected system is vacuuming up helps rather than hinders the development of a fix to the critical system.

Contact the author: joe@thedrive.com