recommended reading

Coast Guard Aviators Shop for a Course-Plotting iPad App

The U.S. Coast Guard wants to buy a navigating app, similar to those already used by civilian pilots, for service members who are substituting iPads for flight bags, according to a government solicitation. But the software specifications omit certain safeguards to prevent hackers from hijacking the cockpit, some information technology specialists say.

The section of the Aug. 14 work order pertaining to security requirements states, "There are no special security requirements.”

Today, with paper-based aviation charts, it's hard, if not impossible, for bad guys to corrupt directional guides. But, as flight planning migrates to software-based resources, it is critical that agencies ensure those programs do not contain malicious code, said Bernard Skoch, a retired Air Force brigadier general and government IT consultant. 

"It doesn't take much imagination to envision a horrible scenario in which a bad actor corrupts every Coast Guard cockpit with a few keystrokes," he said.  

The service's purchase plans do not require that the app's code be developed in the United States or that it be subjected to penetration attempts by hired hackers. "I think that opens up a significant risk area. The software will become mission critical and should be domestically written, or as a minimum it should be provided only by programmers in countries friendly to the U.S.," Skoch said. 

Coast Guard officials did not respond to a request for comment. 

The app will display confidential government information, such as maps and charts collected by the National Geospatial-Intelligence Agency, but stolen secrets are not the main concern. 

The sensitivity-level of that NGA data does not require special data protections, Skoch said. But that data and all the other code in a navigation app, regardless of content, should require that the software be designed stateside and undergo thorough testing and validation, he said, because digital vulnerabilities can be exploited to manipulate aircraft. 

The Air Force Special Operations Command canceled an iPad procurement in February 2012, after receiving a query from Nextgov about its stated plans to use Russian-developed GoodReader software for mission security and as a document reader.

There is room to enhance the Coast Guard’s security requirements, but this expected IT buy is "a good sign" for the federal acquisition process, said Warren Suss, a government telecommunications analyst. "In recent years, the security cops have really stood in the way, by being absolute, looking for the 100 percent security."

Now, civilian agencies, and even the Pentagon, are deploying “mobile device management” systems to reduce the risk government-issued consumer electronics will compromise agency networks or leak information.

The Coast Guard is probably considering, “How likely is it that these maps either could get in the wrong hands or could be changed or compromised, and how do you weigh that against the potential benefits of giving these fliers a better solution for getting their geographic information? I believe that is a legitimate tradeoff,” Suss said.

During potentially four years of use, the app will support between 200 and 1,100 iPads, according to the contract documents.

The tool, described as "critical to USCG aviation's operation requirements," will feed the service's personnel terminal instrument approach procedures, arrival and departure instructions, and en route navigational charts, officials said. Like a consumer iPad app, it must understand finger gestures, such as pinch-to-zoom, as well as incorporate "night settings" for easy viewing during operations in the dark. 

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.