An airman with the 57th Aircraft Maintenance Squadron powers up a portable air conditioner to cool down an F15E's avionics, then ducks under the jet's wing to escape the broiling Nevada sun.

He opens a laptop to access the fighter's maintenance history over a wireless LAN, checks the airframe's flight hours and schedules maintenance on the right engine's utility hydraulics pump.

The laptop is a state-of-the-art ruggedized device from Itronix: You can submerge it in jet fuel and still type in commands. But the secure WLAN that connects technicians with data and application servers on the Nellis Air Force Base network is made up of off-the-shelf Cisco 802.11b access points and bridges.

Nellis was the incubator and first site for a WLAN model that is now being rolled out at 50 air bases across the US. It's a key element in a programme intended to speed aircraft maintenance by letting technicians finish more work right at the aircraft. This minimises travel over miles of runways and taxiways and pares down time-consuming paperwork at the end of work shifts that can last 10 to 12 hours.

The Nellis maintenance WLAN grew out of early wireless experimentation by a team of Air Force innovators with the 57th. These 900 people pump gas, change tyres, load rockets and bombs and oversee maintenance schedules for half a dozen types of warplane. They work on the flight line, where the jets are parked along Nellis' 3-mile-long runways, and in special concrete retaining areas where live munitions are stored and loaded.

The WLAN now blankets this entire area, giving all flight line maintainers instant access, at 5 Mbit/s to 11 Mbit/s, to Nellis' Core Automated Maintenance System (CAMS), a database that stores all kinds of data about each aircraft. The CAMS data is now updated faster, right from the flight line, and more accurately, says Master Sergeant Mark Howarth, the squadron's network administrator.

Users no longer have to collect and restore tools, and then wait for a ride back to an office to use a computer.

Taking the WLAN to Afghanistan
A related initiative developed by Telos, a federal systems integrator that's been working on Air Force wireless projects for several years, involves packaging this WLAN system into what the Air Force calls a deployment server. This server is an easy-to-install box that can be packed up and shipped anywhere that warplanes have to be cared for on short notice in areas that lack the infrastructure on established bases.

The deployment server has been shipped to units working with the Predator pilotless drone, which was used in Afghanistan, and its jet-powered counterpart, Global Hawk. Both are based at Nellis.

Eventually, the WLAN will access digitised technical data, Howarth says. The Air Force is phasing out the bulky, printed maintenance manuals, often with 2-foot-long foldouts of complex schematic diagrams, planning to replace them with digital data on servers and sometimes CD-ROMs. That's already being done partially for some aircraft, such as engines for the F15 fighter, and completely for the pilotless drones. A recent news story reported that Lockheed Martin Corp.'s plan to introduce electronic manuals for the F16 Fighting Falcon, to replace 50,000 printed pages in 250 volumes, would save US$500 million over the remaining life of this aircraft.

A key figure in the evolution of the WLAN project is former Sergeant Steven Carlson, now a senior WLAN administrator with Telos, still working at Nellis. In 1998, he persuaded his superiors to invest $95,000 in WLAN access points and bridges to cover about 90 percent of the flight line and another $5,000 on WLAN gear to be used instead of running fibre to the distant ordinance loading area, a project that would have cost $1.2 million.

"My people did the install, the troubleshooting and all that, and we stayed within USAF regs for security and management," he says. "We were pretty much writing those regs as they are now for wireless policy."

Military-grade security
Security initially consisted of changing encryption keys on a regular basis and a set of procedures for manually changing all the keys on all laptops and access points, if necessary. Today, Nellis uses multiple layers, including Wi-Fi Protected Access, key changes five times each hour and running all WLAN traffic over a VPN for encryption and authentication.

Eventually, says Telos' Chief Wireless Architect Rob Smith, there will be a single sign-on capability, a full 802.1x implementation and a public-key infrastructure. "Full-blown PKI requires a hardware token, like a smart card, but the government hasn't sorted that out yet," Smith says.

Howarth and Carlson are proud that the Air Force's Network Intrusion Team, dubbed the Red Team, has been unable to crack the WLAN's existing security. "They said it was a significant improvement (in WLAN security) over the previous generation of wireless," Carlson says.

One issue not faced by most enterprise networks was ensuring safety in the sites. "We checked the output power and frequencies to make sure we wouldn't make anything go boom," Carlson says.