The underestimated power of xml in Aviation

For years now, aircraft manufacturers understood that using xml to write manuals is the obvious option, but when it comes to operators and pilots, that’s a different story 🙄

While some airlines find it smart to build their future strategy around pdf readers, giving up on xml custo, viewers and other tools provided to them, their end users are expecting nothing else than a pdf, portrait mode with page numbers and the ability to swipe left and write.

If there’s very often many ways to skin a cat, not in that case. xml does way better on all topics, but it takes a bit of efforts and open minds to dive into it.

At FEEL.aero, we developed few scripts to work on xml manuals, using the Airbus Document Type Definition (DTD) mainly:

• Script producing an xml OM-C from mixed source(Airport/runways database and a web app for authored content)
• Patching a MEL in various way, like when it’s a new aircraft is joining the fleet
• Re-applying company customizations to the FCOM or FCTM when Airbus publishes an update
• Extracting MEL & CDL items to a database in order to make them available for example to feed a maintenance software

We just published an extension to our Telegram Bot, using the MEL & CDL xml data, making important information available for search instantly. This is just one use case, but so much more could be done!

Aviation has to evolve faster than it does now, to reduce mistakes, delays, costs, and we’re working on it.

‼️Aviation Security: Why your airline shouldn’t use self signed certificates

To make it short, and beyond basic IT related reasons, because IT security for an airline is directly linked to Aviation security and passengers safety.

What are the risks associated with self-signed certificates? Mainly:
• Leave the door open for various attacks, intercepting or corrupting information
• Train users to be less securelock

Here is a bit of reading about it:
https://en.wikipedia.org/wiki/Self-signed_certificate
or Google about «risk self signed certificate»

There are multiple ways to skin a cat, so let’s focus on one of them applied to Windows running Wildfly, «free», easy to implement, using automatic renewal. Here are some few steps which will put your operation back to an acceptable level of security using Let’s encrypt free SSL/TLS certificates

Note that the self-signed certificate is just one aspect among others, and if you skipped this one, it would be very wise to discuss privately about some other potential vulnerability aspects. Contact us directly in private: contact@feel.aero

Here are some few steps that you should pass to your EFB admin or IT department.

Download the binary build of letsencrypt for Windows there:
https://www.win-acme.com/
At this time, the latest version is 2.1.12 64bits (Upper banner link)

Unzip and move the folder under C:\Program Files\win-acme

Modify or replace the Script\ImportJKS.ps1 by:
• Specifying the correct java path for your installation
Set-Alias keytool "C:\Program Files\Java\jre1.8.0_181\bin\keytool.exe"
• Add -deststoretype pkcs12 to both keytool calls

I left the default password ‘airbus’ for the keystore unchanged to ease the setup, but it’s a good practice to change it based on the documentation, as well as the default port 8443, subject to frequent scans.

Place the attached script in the win-acme folder. It stops the Wildfly service, moves the .jks, creates or renews the certificate, and starts the service again

The first launch has to be executed manually «as an administrator» because it’s interactive. Accept all options.

Finally, go to modify in «task scheduler» the task which was generated:
• Set the trigger to 60 days instead of 1, as recommended by letsencrypt (Certificates are valid for 90 days)
• Change the action to launch C:\Program Files\win-acme\cert-fsa.bat (Starts in C:\Program Files\win-acme\)

cert-fsa.bat

@echo off

set HOST=fsa.yourdomain.com
set KEYSTORE=C:\Airbus\Wildfly\standalone\configuration\fsa-keystore.jks
set KEYSTOREPASS=airbus

sc stop wildfly

:loop
sc query wildfly | find "STOPPED"
if errorlevel 1 (
  timeout 1
  goto loop
)

move /Y %KEYSTORE% %KEYSTORE%.old

wacs.exe ^
    --target manual ^
    --host %HOST% ^
    --store none ^
    --installation script ^
    --script "Scripts\ImportJKS.ps1" ^
    --scriptparameters "\"{CacheFile}\" \"{CachePassword}\" \"%KEYSTORE%\" %KEYSTOREPASS% %KEYSTOREPASS%"

if not exist %KEYSTORE% (
    move /Y %KEYSTORE%.old %KEYSTORE%
)

sc start wildfly

Scripts/ImportJKS.ps1

param(
    [Parameter(Mandatory=$true)]
    [string]
    $PfxFile,
    
    [Parameter(Mandatory=$true)]
    [string]
    $PfxPassword,

    [Parameter(Mandatory=$true)]
    [string]
    $KeyStoreFile,

    [Parameter(Mandatory=$true)]
    [string]
    $KeyStorePassword,
    
    [Parameter(Mandatory=$false)]
    [string]
    $KeyStoreKeyPassword
)

Set-Alias keytool "C:\Program Files\Java\jre1.8.0_181\bin\keytool.exe"
echo "Keystore $KeyStorePassword"
if ([string]::IsNullOrEmpty($KeyStoreKeyPassword)) 
{
    keytool `
        -v `
        -noprompt `
        -importkeystore `
        -srckeystore "$PfxFile" `
        -srcstoretype PKCS12 `
        -srcstorepass "$PfxPassword" `
        -destkeystore "$KeyStoreFile" `
        -deststorepass "$KeyStorePassword" `
        -deststoretype pkcs12
} 
else 
{
    keytool `
        -v `
        -noprompt `
        -importkeystore `
        -srckeystore "$PfxFile" `
        -srcstoretype PKCS12 `
        -srcstorepass "$PfxPassword" `
        -destkeystore "$KeyStoreFile" `
        -deststorepass "$KeyStorePassword" `
        -destkeypass "$KeyStoreKeyPassword" `
        -deststoretype pkcs12
}

blinkHub published on Github

What’s the most important for you? Use an approved process where having expired weather and NOTAMs is not a big deal, or work with actual near real time information? Today we’re publishing on Github our service to handle Aviation messages from multiple sources, store them, and notify users via DM and websockets! Pretending to do the work is not enough, now you have a solution:

https://github.com/aerofel/blinkHub

#airlines #flightoperations #flightsafety #businessaviation #airbus #boeing #a350 #a330 #a320

Visualize areas defined by coordinates in NOTAMs

We’re introducing today a new feature to our NOTAM and weather monitoring platform.

You’re probably pretty familiar with text NOTAMs like the one hereafter, but how many times have you been actually spotting on a map the area defined with coordinates?

🗺 NOTAMN VVTS A1241/20
W-[BO]/001NM FIR VVTS
[17]07:00 ↔️ [20]08:00
FRNG WILL TAKE PLACE WI:
115737N1091613E - 115650N1091649E - 115636N1091631E - 115716N1091545E
- 115737N1091613E
BRG: SE
- ALL FLIGHTS ARE PROHIBITED WITHIN THIS AREA.
- DURING THIS TIME, DEP/ARR ACFT IS NOT TEMPO OPERATED AT CAM RANH
INTL AP.
GND ↕️ 2100FT AMSL
⏱ 17 0700-0800 2330-2359 18 0000-0010 0040-0120 19 2330-2359 (RESERVE DAY) 20 0000-0010 0040-0120 0700-0800 (RESERVE DAY)
✨【DISPLAY ON MAP】

Our @blinkAeroBot  will display a map overlaying the region for you. You just have to click

https://t.me/blinkAeroBot

Use a DM bot to enhance communication

Why not using Telegram DM (Direct Messages) to communicate with crews? We have a bot capable of monitoring weather, NOTAMs, notices, display roster or changes, enable communication between crew or operation. Ask us to get more information about this very innovative and exclusive platform.