back to article Digital air traffic control upgrade puts potential delays on London flights

Flights into London's Heathrow and Gatwick airports face small delays because air traffic controllers are finally upgrading to fully digital systems after decades spent pushing paper around. "It inevitably takes a little bit of time for controllers to build their confidence using EXCDS in an operational environment to a level …

  1. JeffyPoooh
    Pint

    Assuming that this goes well...

    If this is successful, then it should be carefully studied, documented and promulgated as an example of how to plan and manage such transitions.

    If not, then throw it on the pile with all the other IT Project Management failures.

    The lessons learned from success would be extremely valuable. I think that we already have enough examples of IT project mismanagement.

    1. colinb

      Re: Assuming that this goes well...

      You mean finally going all digital 17 years after opening (2001), that opening itself 6 years later that originally planned and costing half a billion pounds?

      There are permanent delays during the summer at Gatwick and others, dumping the paper comfort blankets is long overdue.

  2. toffer99

    What systems do they have for backing up in case of fire, flood, power cuts, terrorist attack or an idiot with excavator.?

    1. JeffyPoooh
      Pint

      Risk Analysis should be recursively applied

      "...in case of fire, flood, power cuts..."

      What about when the massive UPS battery bank in the basement of ATC HQ catches fire because of small flood caused by a minor leak in the fire control sprinkler system?

      When conducting Risk Analysis, please go back and check it again (recursively) after adding such potentially dangerous safety / back-up systems to the overall design.

      Once upon a time, we reviewed lithium battery safety on an aircraft fleet. The safety equipment contained the least safe batteries. It'd be ironic if an aircraft caught fire because of a safety system, oh - already happened at Heathrow when an ELT burned a hole in an airliner.

      I'll bet that most project managers fail to recursively apply risk analysis to their projects.

      1. Headley_Grange Silver badge

        Re: Risk Analysis should be recursively applied

        Jelly - you make a good general point. However ATC don't tend to have a massive UPS in the cellar. They distribute them about the racks and only protect key kit. UPS are sized to keep the kit going long enough to implement the identified shut-down procedures should the generators not kick in.

        1. JeffyPoooh
          Pint

          Re: Risk Analysis should be recursively applied

          "Jelly"? Please, call me Mr Belly. :-)

          They have to have a big silly radar, and at least a medium silly server farm in the basement. Plus a whole radio Comms network system. It can't just be people with PCs, and wee little UPSs.

          So, somewhere in the system is something that doesn't plug into a normal power socket, but requires a big fat 3-phase power supply. So there must be a big UPS somewhere, just itching to catch fire...

          Guessing Alert.

    2. Headley_Grange Silver badge

      Toffer - with regard to Air Traffic Control (i.e. not the other systems on the aiport like baggage and security)

      Backup - everything related to ATC is recorded real time - At the Glass (what the controller sees on the screen), Through the Wall (Data feeds - e.g. radar) and Voice Comms. All dual-redundant with backup power; it's a legal requirement in case of accidents and investigations.

      Fire, Flood - big airports have contingency facilities, which replicate some or all of the main tower's capability. Smaller ones might have limited contingency just with comms to clear their skies and hand aircraft over to other sectors/airports. Search for "Rubble Mode" or "remote contingency" in the ATC context if you're interested.

      Power - critical systems have UPS in the racks and generators on site, with maintenance plans and procedures to make sure they're working.

      Data - redundant, diverse systems. Key data feeds have no common points so it would take two idiots with excavators to take the data out.

      Terrorists - If terrorists attacked all these at the same time then NATS/CAA would ground everything not in the air and divert flying aircraft to other airports. Anyone on final would land on visual unless it was dark or foggy.

      1. Anonymous Coward
        Anonymous Coward

        @Headley_Grange

        With regards to power - NATs is strategically situated between Portsmouth and Southampton, it will likely feed to both grids. The thing that makes me say this, there is an SSE data centre a few minutes away, its the very same reason it was built there (Its a nice DC, not cheap to colo, but probably the best equipped in the South Hampshire region).

        1. Anonymous Coward
          Anonymous Coward

          Looks like SSE sold it to SCC, according to the name on the side of it.

      2. Norman Nescio Silver badge

        Data redundancy

        Data - redundant, diverse systems. Key data feeds have no common points so it would take two idiots with excavators to take the data out.

        I'm sorry to trot out one of my old stories here, but I'll emphasize that assuring no common failure areas (not points) is very, very, hard and expensive.

        If you have two data feeds into a location, you can ask your supplier for redundancy and/or resiliency, but what you need is (jargon term here) a specified degree of separacy all the way between data source and data delivery point. Organisations that need or want this (large financial institutions, critical national infrastructure, etc) are versed in requiring that data feeds are physically routed with a minimum distance between the two routes for the whole length of the route. If you are dealing with good old-fashioned physical wires, it can be relatively easily achievable, but once you get into the wonders of multiplexing and virtual services (like MPLS, Metro-Ethernet, and OTN services) you get into a whole new ball game, as you need to assure separacy at all levels of the networking stack. Buying your service from two different suppliers does not, for example, guarantee that they will route their services along separate cable ducts, as it is not unlikely they buy fibre from third parties, and both can use the same third party. I won't go into detail, as it was part of my boring daily job, but it is expensive to achieve. One of the complications is that networks change (additions, upgrades, faults), so a physical path can actually change from day to day, so what starts out as being separate can, by natural attrition (e,g, one path re-routing round a fault) end up sharing a path.

        Now for the story.

        A customer (who shall remain nameless) specified they wanted a particular degree of separacy for the data entering a location. In this case, it was acceptable to them that two fibre paths were used that routed for part of their length along opposite sides of a dual carriageway. So far so good.

        The local council decided to apply a non-default speed limit to the dual carriageway, so, of course had to set up the relevant speed-limit signage. So out went the earth-moving equipment to dig holes for the signs each side of the dual carriageway...I think you can work out what happened.

        I don't know if it was a failure of the local council's GIS*, or 'idiots with excavators' not following instructions, but the end result was the same. In my view, you should always be prepared for an outage, even if you have taken great (and expensive) lengths to not expect one. Reality has a tendency to find unexpected flaws.

        *I have a good few examples of what the GIS said and what was actually installed in the ground being very, very different.

    3. Anonymous Coward
      Anonymous Coward

      What systems do they have for backing up in case of fire, flood, power cuts, terrorist attack or an idiot with excavator.?

      You mean contingency plans to avoid being left up in the air?

  3. spold Silver badge

    >>>"It inevitably takes a little bit of time for controllers to build their confidence using EXCDS in an operational environment to a level which allows them to manage the vast volumes of traffic that pass through the airspace over the South East of England every day,"

    <<<

    OK they don't know what they are doing yet.

    ...Googles train timetable

  4. Alan J. Wylie

    Easter Holidays?

    Many of my friends are off this week skiing or enjoying Mediterranean sunshine. Is it such a good idea to introduce changes and slow everything down at a peak holiday time?

    1. Anonymous Coward
      Anonymous Coward

      Re: Easter Holidays?

      Some "Heathrow" data from the 'net...

      2017, Aircraft Movements

      Jan, 37,125

      Feb, 34,872

      Mar, 39,409

      Apr, 39,477 <- You are here

      May, 41,017

      Jun, 40,515

      Jul, 41,844

      Aug, 41,983 <- Wee feisty peak

      Sep, 40,623

      Oct, 41,016

      Nov, 38,417

      Dec, 37,735

    2. Will Godfrey Silver badge
      Angel

      Re: Easter Holidays?

      Stress testing?

  5. JaitcH
    Happy

    Nav Canada Has Years Of Data-Link Under It's Belt

    Nav Canada has years of data-Link under it's belt as it has used this technology to communicate with trans-Atlantic aircraft under it's control for many years which are in the 1,400-1,600 daily flights.

    Canada is an ideal country to test and update this technology as it has vast distances in a climate that ranges between from polar to temperate. Additionally it encompasses a crossroads international air traffic paths, including the busiest oceanic airspace in the world as well as unique northern air operations.

    Canada completed its nationwide implementation of Controller Pilot Data Link Communications (CPDLC) in July 10, 2014.

    1. Anonymous Coward
      Anonymous Coward

      Re: Nav Canada Has Years Of Data-Link Under *Its* Belt

      "it's" -> "its", 3 places.

  6. John Smith 19 Gold badge
    Go

    OMFG. Govt arms length company does not think Blighty requirments totally unique

    and does not buy totally unique, from the ground up, not used anywhere else (and never likely to be) system from any of "The Usual Suspects (TM)"

    I may have to lie down. I feel quite feint.

  7. Anonymous Coward
    Joke

    > I feel quite feint

    One does as a rule.

    1. Commswonk

      That is only marginally funny.

  8. TrumpSlurp the Troll
    Trollface

    What you need

    Is GPS enabled data packets to allow a true geographical trace route.

  9. Anonymous Coward
    Anonymous Coward

    SHOCK/HORROR……

    Outsource your ATC service to the Duty Free shop and have to close because of lack of staff!

    http://www.bbc.co.uk/news/uk-england-43698803

    ATC at LGW is run by:

    http://airnavigationsolutions.co.uk/about-ans/atc-gatwick

    NATS were ousted because they were too expensive…..

    Since 1st March 2016 Air Navigation Solutions Ltd has been responsible for air navigation service provision at Gatwick Airport on a 10 year contract.

    ANS is a wholly owned subsidiary of the DFS Group

    https://en.wikipedia.org/wiki/DFS_Group

    DFS (“DFS Group”) is a Hong Kong-based travel retailer of luxury products. Established in 1960, its network consists of duty-free stores located in 17 major airports and 18 downtown Galleria stores,

    Therefore, the Duty Free Shop owner runs ATC at LGW.

  10. John Smith 19 Gold badge
    Coat

    Therefore, the Duty Free Shop owner runs ATC at LGW.

    Which sounds terrible.

    But is it?

    1. Anonymous Coward
      Anonymous Coward

      Re: Therefore, the Duty Free Shop owner runs ATC at LGW.

      Well, when you consider that they had to get approved status for ATC provision which only came into effect on the day they took over from NATS.....

      Then you look at the fact that the airport has had to close because of a shortage of staff....at least under NATS they had a number of controllers available to either move or call in at short notice to cover - this shower dont want or are unable to call in temps to cover ....

      Im not saying NATS are perfect - they are not.....but, the whole reason NATS exists in its present form is that the major airlines decided that you cannot make money out of safety, so when the completely idiotic idea to privatise the countries air traffic service was pushed through, they formed a consortium to run it as a not for profit...

      Do you really think that a Duty Free Shop is in the business not to make money ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like