Normally, when a crashed aircraft’s black box is recovered, it can reveal exactly what happened to cause the disaster but in the case of MH17, the political instability between Ukraine and Russia could hamper operations.
If the black box of MH17 is detained by an organisation in military and political dispute with others, the creditability of the analysis results may be in doubt. This case is different from that of MH370, where the black box has yet to be found, but the idea is the same. The black box is vital, as is the integrity of the evidence it contains. It is how we establish the provenance of the facts used in digital forensic analysis.
That means that the black box data needs to be verified. If cloud-computing technology has been used, the verification can be done by cross-validating the flight status with other publicly available flight information. Recently at Microsoft, researchers have used cloud computing technology to predict the wind speeds with better accuracy when crowdsourcing the information with real-time flight data.
But if cloud-computing technology is not used, the public must rely on whoever found the black box to truthfully relay the information inside. They might not release the raw data: as has happened in the past, the investigator may choose to reveal only a transcript or partial snippets of the sound tracks.
There are lots of forces at play in this evolving situation. It is not yet clear whether MH17’s black box has been found. Some reports have it on its way to Russia while others place two black boxes in the hands of Ukranian emergency services. The potential for problems is obvious. If both sides of the conflict produce their own analysis, who is to be believed? If only one has a black box, can we be sure of its analysis of the data?
The case of MH17 is exactly the same as MH370 in one respect – they should both have us thinking about how we monitor aircraft.
Real-time rather than offline verification would enable us to gather much the same information as that contained in the black box and allow us to cross-check it across sources more easily.
There would have been other flights nearby which can cross validate some of the data. Take speed for example – wind speed against those neighbouring flights could be used to indicate how fast MH17 was going. And because the real-time speed data is in the public domain – FAA offers access to them, for example – it would be hard, if not impossible, for whoever has the recorders of the individual flight to tamper with information about all the nearby flights.
Modifying flight data requires a substantial amount of computation. Making one lie is relatively easy but to cover up a lie that could be cross-checked by others, such as those operating neighbouring flights, would be much harder.
If we want the truth about MH17, we may have to look beyond the black box at data held elsewhere. Data is more powerful when it comes from a crowd, especially when the facts are likely to be disputed.