Federal IT Is Too Big to Fail: The FAA’s NOTAM Fiasco
When one of the Federal Aviation Administration’s (FAA) critical information technology (IT) systems that provides airlines and flight operators with critical safety information failed this week, thousands of flights were cancelled or delayed. American flyers have been experiencing problem after problem recently, and while some events are unavoidable—nobody can really blame the FAA or commercial airlines for bad weather—others, including this one with the FAA’s computer system, are certainly preventable. And yet, until the federal government improves its IT modernization and operations efforts to be more resilient and adaptable, large critical IT infrastructure like this will continue to fail and Americans will pay the price.
According to the FAA, the Notice to Air Missions system, or NOTAM, provides flight operators and airline personnel with any abnormal status regarding the National Airspace System, or NAS. NAS is essentially the complete network of infrastructure and technology overseeing the FAA’s air traffic service to the “more than 45,000 flights and 2.9 million airline passengers” traveling throughout the United States.
Because of the critical nature of NAS in air travel, the NOTAM alert system is equally critical to daily operations. NOTAM is supposed to provide users, such as pilots and air traffic controllers, with real-time information that was not known far enough in advance to be delivered by any other communication means. This information can include air or ground hazards and closed runways. NOTAM, then, fills a vital contingency role for U.S. flight operations.
Unfortunately, earlier today NOTAM experienced a system outage, and the FAA decided to limit access to NAS while NOTAM was offline. As a result, most airlines had to simply ground their flights.
Though there are still questions as to how the system failed—and the FAA stated that, as of now, there is no evidence that it was caused by a cyberattack—the event demonstrates the critical role of federal IT in this country and why it is so important that the technology actually works. Based on its designated purpose, NOTAM is the kind of alert system that should not fail and yet it did.
According to a senior official from the FAA, a software issue last night caused a series of “cascading” IT failures resulting in this morning’s disruption. This system failure begs the question as to why NOTAM was vulnerable to such circumstances and if the FAA has the capabilities to identify and address the root cause, particularly without any permanent leadership right now.
The FAA, indeed all federal agencies overseeing such large and critical systems, need to be more diligent in modernizing, monitoring, and testing their technology systems. For example, the federal government has struggled to update its servers or migrate to the cloud, and overloaded servers without proper backups or load-balancing could certainly trigger an event like this. Additionally, while the FAA NextGen has plans for the continuous modernization of NAS, there have apparently been no major milestones since January 2020.
Furthermore, while it can be difficult to know every situation that results in cascading IT failures, a more thorough approach to system testing and change management could have likely prevented this outage, particularly by focusing on changes, updates, or other scenarios most likely to cause full system outages. Once identified, agencies can build internal measures that protect system integrity across a variety of circumstances.
The NOTAM fiasco demonstrates why trust and customer satisfaction in the U.S. federal government are at historic lows since these types of events seem to happen too frequently with federal IT. As one delayed traveler put it this morning, “It’s a system problem, so you’ve got to be concerned. You don’t know if they’re telling you all the truth or half the truth.”
