|
by Joe Vialls, October 2001
In
the mid-seventies America faced a new and escalating crisis, with US
commercial jets being hijacked for geopolitical reasons. Determined to
gain the upper hand in this new form of aerial warfare, two American
multinationals collaborated with the Defense Advanced Projects Agency (DARPA)
on a project designed to facilitate the remote recovery of hijacked
American aircraft. Brilliant both in concept and operation, "Home Run"
[not its real code name] allowed specialist ground controllers to listen
in to cockpit conversations on the target aircraft, then take absolute
control of its computerized flight control system by remote means. From
that point onwards, regardless of the wishes of the hijackers or flight
deck crew, the hijacked aircraft could be recovered and landed
automatically at an airport of choice, with no more difficulty than flying
a radio-controlled model plane. The engineers had no idea that almost
thirty years after its initial design, Home Run's top secret computer
codes would be broken, and the system used to facilitate direct ground
control of the four aircraft used in the high-profile attacks on New York
and Washington on 11th September 2001.
Pentagon Strike
Boeing 757 x 1
About 230,000 lbs
United Flight 175, South Tower
World Trade Center Strike
Boeing 767 x 2
About 420,000 lbs each
Before moving on to the New York and Washington attacks, we first need to
look at the ways in which an aircraft is normally controlled by its pilot,
because without this basic knowledge, Home Run would make no sense. In
order to control an aircraft in three-dimensional space, the pilot uses
the control yoke (joystick) in front of him, rudder pedals under his feet,
and a bank of engine throttles located at his side. Without engine thrust
the aircraft would not fly at all, so the throttles are largely self
explanatory: For more speed or altitude increase throttle, for less speed
or altitude decrease throttle.
In
order to raise or lower the nose of the aircraft, the pilot pulls or
pushes on the control yoke, which in turn raises or lowers the elevators
on the horizontal tailplane. To bank the aircraft left or right, the pilot
moves the control yoke to the left or right, which in turn operates the
ailerons on the outer wings. Lastly, to turn left or right at low speed or
"balance" turns at high speed, the pilot presses the left or right rudder
pedals as required, which in turn move the rudder on the vertical
stabilizer.
Back in the early days of flight, the control yoke and rudder pedals were
connected to the various flight control surfaces by thin cables, meaning
the pilot had direct physical control over every movement the aircraft
made. This was no great problem for an average man flying a small biplane,
but as aircraft grew ever bigger, heavier and faster over the years, the
loadings on the control yoke and rudder pedals became huge, certainly well
beyond the ability of a single pilot to handle unaided.
By
the late fifties we were well into the age of hydraulics, where just like
the power steering on your automobile, hydraulic rams were placed in line
between the pilot's control cables and each individual control surface.
Now when the pilot moved the control yoke, the cables activated sensors,
which in turn activated one or more hydraulic rams, which in turn moved
one or more control surfaces. For the first time since Bleriot and the
Wright brothers, pilots were of necessity being steadily distanced from
direct control of their own aircraft.
When the multinationals and DARPA finally came on the scene in the
mid-seventies, aircraft systems were even more advanced, with computers
controlling onboard autopilots, which in turn were capable of controlling
all of the onboard hydraulics. In combination these multiple different
functions were now known as the "Flight Control System" or FCS, in turn
integrated with sophisticated avionics capable of automatically landing
the aircraft in zero visibility conditions. In summary, by the
mid-seventies most of the large jets were capable of effectively
navigating hundreds of miles and then making automatic landings at a
selected airport in zero-zero fog conditions. All of this could be
accomplished unaided, but in theory at least, still under the watchful
eyes of the flight deck crews.
In
order to make Home Run truly effective, it had to be completely integrated
with all onboard systems, and this could only be accomplished with a new
aircraft design, several of which were on the drawing boards at that time.
Under cover of extreme secrecy, the multinationals and DARPA went ahead on
this basis and built "back doors" into the new computer designs. There
were two very obvious hard requirements at this stage, the first a primary
control channel for use in taking over the flight control system and
flying the aircraft back to an airfield of choice, and secondly a covert
audio channel for monitoring flight deck conversations. Once the primary
channel was activated, all aircraft functions came under direct ground
control, permanently removing the hijackers and pilots from the control
loop.
Remember here, this was not a system designed to "undermine" the authority
of the flight crews, but was put in place as a "doomsday" device in the
event the hijackers started to shoot passengers or crew members, possibly
including the pilots. Using the perfectly reasonable assumption that
hijackers only carry a limited number of bullets, and many aircraft
nowadays carry in excess of 300 passengers, Home Run could be used to fly
all of the survivors to a friendly airport for a safe auto landing. So the
system started out in life for the very best of reasons, but finally fell
prey to security leaks, and eventually to compromised computer codes. In
light of recent high-profile CIA and FBI spying trials, these leaks and
compromised codes should come as no great surprise to anyone.
Activating the primary Home Run channel proved to be easy. Most readers
will have heard of a "transponder", prominent in most news reports
immediately following the attacks on New York and Washington. Technically
a transponder is a combined radio transmitter and receiver which operates
automatically, in this case relaying data between the four aircraft and
air traffic control on the ground. The signals sent provide a unique
"identity" for each aircraft, essential in crowded airspace to avoid
mid-air collisions, and equally essential for Home Run controllers trying
to lock onto the correct aircraft. Once it has located the correct
aircraft, Home Run "piggy backs" a data transmission onto the transponder
channel and takes direct control from the ground.
This explains why none of the aircraft sent a special "I have been
hijacked" transponder code, despite multiple activation points on all four
aircraft. Because the transponder frequency had already been piggy backed
by Home Run , transmission of the special hijack code was rendered
impossible. This was the first hard proof that the target aircraft had
been hijacked electronically from the ground, rather than by
[FBI-inspired] motley crews of Arabs toting penknives.
The Home Run listening device on the flight deck utilizes the cockpit
microphones that normally feed the Cockpit Voice Recorder (CVR), one of
two black boxes armored to withstand heavy impact and thereby later give
investigators significant clues to why the aircraft crashed. However, once
hooked into Home Run , the CVRs are bypassed and voice transmissions are
no longer recorded on the 30-minute endless loop recording tape. If Home
Run is active for more than thirty minutes, there will therefore be no
audible data on the Cockpit Voice Recorders. To date, crash investigators
have recovered the CVRs from the Pentagon and Pittsburg aircraft, and
publicly confirmed that both are completely blank. The only possible
reason for this, is data capture by Home Run , providing the final hard
proof that the attack aircraft were hijacked electronically from the
ground, rather than by "Arab terrorists".
Many readers might by now be indignant; convinced this is incorrect or
misleading information because of "those telephone calls from the hijacked
aircraft". Which telephone calls exactly? There are no records of any such
calls, and the emotional claptrap the media fed you in the aftermath of
the attack was in all cases third-person. We had the media's invisible
"contact" at an airline who "said" a hostess called to report a hijacking,
and we had a priest (?) who "said" he received a call from a man asking
him in turn to call his wife and tell her he loved her. Presumably this
man would have had his wife's name filed in his cellphone, and faced with
imminent death would have called her direct. The FAA helped out by
claiming that it had "overheard" a heated argument from a cockpit where
the radio transmit switch had been left in the "on" position. When push
came to shove, the FAA was forced to retract, and admit that the mythical
argument was not on the tapes at all.
Whether more information will be forthcoming about Home Run is unknown,
but nowadays there are large numbers of people apart from the author privy
to the basic data. As long ago as the early nineties, a major European
flag carrier [Lufthansa] acquired the information and was seriously
alarmed that one of its own aircraft might be "rescued" by the Americans
without its authority. Accordingly, this flag carrier completely stripped
the American flight control computers out of its entire fleet, and
replaced them with a home grown version. These aircraft are now
effectively impregnable to penetration by Home Run , but that is more than
can be said for the American aircraft fleet. A casual count indicates
around 600 aircraft in the USA and elsewhere are still vulnerable and
could be used in further attacks at any time, which might help explain why
America has lately been bombing the Afghans primarily with bags of wheat.
For the first time in US history, American officials appear to be
genuinely fearful of future reprisals, and justifiably so with 600 giant
bombs parked on the wrong side of their missile defence shield.
It
is a "Catch 22" situation. In order to make all of the aircraft safe, the
flight control systems would have to be stripped out and replaced, at a
cost of billions of dollars the airlines cannot afford because they are
going broke. Nor is there enough time. The most innovative anti-hijacking
tool in the American arsenal, has now become the biggest known threat to
American national security.
For the purpose of public reassurance I would like to publish a complete
list of aircraft which cannot be affected by Home Run, but I cannot do so
for legal reasons. Any aircraft manufacturer not on the list might feel
inclined to sue me for defamation and I can't afford that. However, there
is nothing to stop me publishing my personal choice of aircraft for a
flight from, say, Atlanta to Singapore via JFK, Frankfurt, and Kuala
Lumpur.
From Atlanta to JFK I would probably travel on a Boeing 737, and connect
with a Boeing 777 for the onward flight to Frankfurt. At Frankfurt I would
probably board an Airbus A340 for Kuala Lumpur, and finish the journey to
Singapore on a DC9 or a Fokker 100. Naturally I might be unlucky enough to
pick an aircraft with an intoxicated pilot, or an unrelated mechanical
problem, but apart from those minor risks I'd feel pretty safe.
Return to Table of Contents |