| Recurring |
multiple_organization |
(a) The software failure incident related to Chris Roberts being prevented from flying on United Airlines due to his comments on Twitter about hacking the airline's onboard systems is specific to United Airlines. There is no mention in the article of a similar incident happening before within the same organization or with its products and services.
(b) The software failure incident involving potential vulnerabilities in airline systems, as discussed by Chris Roberts, is not specific to United Airlines but rather a broader concern for the aviation industry. The Government Accountability Office report mentioned in the article highlights that some commercial aircraft may be vulnerable to hacking over their onboard wireless networks, indicating that this issue is not limited to a single organization but could affect multiple organizations in the aviation sector [35385]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of Chris Roberts, a computer security researcher, who was prevented from boarding a United Airlines flight due to comments he made on Twitter suggesting the airline's onboard systems could be hacked. This incident highlights a failure due to contributing factors introduced by system development or updates, as Roberts' comments on potential vulnerabilities in the airline's systems led to his removal from the flight and questioning by the FBI [35385].
(b) The software failure incident related to the operation phase is evident in the actions taken by United Airlines to prevent Chris Roberts from flying on their aircraft. United Airlines cited concerns about Roberts' claims regarding manipulating aircraft systems, which they deemed a violation of their policy and a potential threat to customers and crew members. This incident reflects a failure due to contributing factors introduced by the operation or misuse of the system, as United Airlines made the decision not to allow Roberts to fly based on his public statements about tampering with aircraft equipment and systems [35385]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident involving Chris Roberts and United Airlines can be categorized as within_system. This is evident from the fact that Chris Roberts, a computer security researcher, made comments on Twitter suggesting that the airline's onboard systems could be hacked [35385]. Additionally, Roberts discussed vulnerabilities in airline systems and claimed to have connected to a box under his seat multiple times to view data from the aircraft's engines, fuel, and flight-management systems [35385]. These actions and statements by Roberts indicate that the failure originated from within the system, involving potential security risks and vulnerabilities within the airline's software and systems. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case is more related to non-human actions rather than human actions. The incident stemmed from comments made by the security researcher, Chris Roberts, on Twitter suggesting that airline systems could be hacked. This led to United Airlines preventing him from boarding their flights and citing concerns about the manipulation of aircraft systems [35385]. The failure was triggered by the potential vulnerability of the airline's onboard systems, which could be exploited without direct human involvement.
(b) While human actions, such as the comments made by Chris Roberts on social media, played a significant role in triggering the software failure incident, the actual failure itself was more related to non-human actions. The decision by United Airlines to prevent Roberts from flying was based on concerns about the security risks posed by potential vulnerabilities in their systems, rather than any direct actions taken by Roberts to compromise the systems [35385]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware:
- The incident involved a security researcher, Chris Roberts, who was prevented from boarding a United Airlines flight due to concerns about his comments on Twitter regarding potential vulnerabilities in airline systems [35385].
- Roberts had made comments suggesting that airline onboard systems could be hacked, leading to his removal from a flight and subsequent questioning by the FBI [35385].
- Authorities seized Roberts' laptop and other electronics, indicating a hardware-related aspect of the incident [35385].
(b) The software failure incident related to software:
- Roberts had made public statements about manipulating airfare equipment and aircraft systems, which led to United Airlines deciding not to allow him to fly on their aircraft [35385].
- The decision by United Airlines was based on concerns about Roberts' claims regarding manipulating aircraft systems, which were seen as a violation of United policy [35385].
- Roberts had also discussed vulnerabilities in airline systems in media interviews, indicating a software-related aspect of the incident [35385]. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The software failure incident in this case appears to be more on the malicious side. Chris Roberts, a computer security researcher, was prevented from boarding a United Airlines flight and questioned by the FBI due to comments he made on Twitter suggesting that airline systems could be hacked. United Airlines cited concerns about Roberts' claims regarding manipulating aircraft systems and decided not to allow him to fly on their aircraft [35385].
(b) On the non-malicious side, the incident also involved concerns about vulnerabilities in airline systems and the potential for unauthorized remote access to aircraft avionics systems over onboard wireless networks, as highlighted by the Government Accountability Office's report [35385]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
The intent of the software failure incident reported in the articles is related to poor_decisions. United Airlines made the decision not to allow Chris Roberts to fly on their aircraft due to his public statements about manipulating airfare equipment and aircraft systems, which they considered a violation of their policy and a potential threat to customers and crew members [35385]. This decision was based on the comments made by Roberts on social media and in media interviews regarding airline system vulnerabilities and his ability to potentially tamper with aircraft systems, leading to United Airlines grounding him from their flights. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident in the provided article does not seem to be related to development incompetence. The incident primarily revolves around a security researcher, Chris Roberts, who made comments on Twitter suggesting the airline's onboard systems could be hacked. The actions taken by United Airlines, such as preventing Roberts from boarding the flight and seizing his electronics, were more focused on security concerns and potential threats rather than incompetence in software development.
(b) The software failure incident appears to be more aligned with accidental factors. Chris Roberts' actions, such as jokingly suggesting on Twitter about deploying oxygen masks and pondering whether he could hack into the flight's onboard computer settings, were likely not intended to cause harm but rather to highlight security vulnerabilities. The incident escalated due to these accidental actions and the subsequent response from United Airlines and authorities, leading to Roberts being grounded and questioned. |
| Duration |
unknown |
The software failure incident reported in the articles does not directly relate to a permanent or temporary failure of software systems. The incident primarily involves a security researcher, Chris Roberts, being prevented from boarding a United Airlines flight due to comments he made on Twitter suggesting vulnerabilities in airline systems and his previous statements about potentially tampering with aircraft equipment. The incident revolves around security concerns and policy violations rather than a specific software failure incident. |
| Behaviour |
crash, other |
(a) crash: The incident involving Chris Roberts being stopped from boarding a United Airlines flight can be considered a form of a crash. Roberts was prevented from flying due to concerns raised by his comments on Twitter about potential vulnerabilities in airline systems, leading to the system (United Airlines' decision-making process) losing its normal state and not allowing him to board the flight [35385].
(b) omission: There is no direct evidence in the articles to suggest that the software failure incident was due to omission, where the system failed to perform its intended functions at an instance(s).
(c) timing: The incident does not align with a timing failure, where the system performs its intended functions but does so too late or too early.
(d) value: The software failure incident does not relate to a value failure, where the system performs its intended functions incorrectly.
(e) byzantine: The behavior of the software failure incident does not exhibit characteristics of a byzantine failure, where the system behaves erroneously with inconsistent responses and interactions.
(f) other: The behavior of the software failure incident can be categorized as 'other' as it involves a unique situation where a security researcher was barred from boarding a flight due to concerns raised by his comments on social media regarding potential vulnerabilities in airline systems, leading to actions taken by the airline to prevent him from flying [35385]. |