Find an article
Connect with us

Register For Latest Posts and Risk Lounge Weekly

Aviation Risks: Thinking Outside the Black Box
Friday 12 February 2016
Author: Russell Group
Tags: Lloyd’s Realistic Disaster Scenario; Drone Perils; Cyber Hazards; Cyber Insurance; Cyber Risks; Airport Risk Management; Aviation Risks; Aviation Underwriters; Airport Insurance; Aviation Reinsurance; Commercial Aviation Risks; Lloyd’s RDS
The Lloyd’s of London Aviation Realistic Disaster Scenario is well known. It asks us to assume a collision between two aircraft over a major city, anywhere in the world, using the syndicate’s two highest airline exposures. The Aviation RDS states:
“Assume a total liability loss of up to USD4bn: comprising up to USD2bn per airline and any balance up to USD1bn from a major product manufacturer’s product liability policy(ies) and/or an air traffic control liability policy(ies), where applicable. Consideration should be given to other exposures on the ground.” 
So far so good, it’s safe to say that underwriters understand the risk here and have made the correct risk management or reinsurance provisions to reduce their exposures. This is what is known in the trade as a known risk. What about the known unknown aviation risk scenarios though?

New Aviation Realistic Disaster Scenarios

We thought it would be interesting to explore the latest thinking on emerging aviation perils and posit a few new aviation Realistic Disaster Scenarios, which we outline in this article.

Prospects for the aviation industry look good, with growth in passenger numbers expected to reach 16 billion by 2050, a 384% increase on today’s numbers. Air freight is expected to increase to 400 million tons from just 50 million today, according to the International Air Transport Association (IATA).

That is good news for the aviation industry but it does bring with it a number of risks. As the aviation industry explores more revolutionary forms of technology, for example, Underwriters will need to keep up with latest developments in composite materials and digital technology. 

At the same time the airlines need to address the high financial and environmental cost of traditional fossil fuels, which will likely bring about a wave of experimentation with potentially hazardous consequences.

Technology Problems That Ground an Entire Fleet

Henning Haagen, Global Head of Aviation, AGCS says: “A problem with a component, engine or airframe can now lead to the grounding of an entire fleet.” For example, the latest Boeing 787 Dreamliner experienced on-board technology problems that led to the entire fleet grounded for three months until a solution was found.

Increasing business interruption risks, new technologies such as composite materials, human factors, increasing cockpit automation and information, growing demand for air travel, pilot training – it is estimated that 498,000 new commercial airline pilots will be required over the next two decades – and pilot lapses and automation are all major causes for concern.

Pilot Mismanagement

Pilot mismanagement and confusion caused Asiana Flight 214 to crash in San Francisco in 2014, for example, US accident investigators concluded. The Asiana flight crew "over-relied on automated systems that they did not fully understand", said Chris Hart, the National Transportation Safety Board (NTSB's) acting chairman.

"In their efforts to compensate for the unreliability of human performance, the designers of automated control systems have unwittingly created opportunities for new error types that can be even more serious than those they were seeking to avoid," Hart said.

Unmanned Aerial Vehicles (UAVs) and cyber-related disruption are other emerging risk areas for aviation likely to have appeared on underwriters’ risk radars. Russell Group Limited has written at some length on the subject of cyber disruption, for example, our 2015 report Does 8,000 iPads = 8,000 Cyber Headaches for Airline Companies? where we reported that an error in an iPad navigation application used by airline pilots caused 74 flight delays at American Airlines. 

Aviation Interconnectedness

A US supervisory body warned of the possibility of in-flight Wi-Fi being used to hack into the avionics system of a plane. The Government Accountability Office (GAO) warned that: “Modern aircraft are increasingly connected to the internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems.”

UAVs or drones (as they are more commonly known) are also causing a big buzz. The US’ Federal Aviation Administration (FAA) has predicted the number of UAVs in the US will rise to approximately 15,000 units by 2020. The Teal Group’s 2012 market study forecasts that total spending for unmanned aircraft systems (UAS) – another acronym for drones - is expected to reach $89.1 billion over the next 10 years worldwide. 

Drones are a real worry. The British Airline Pilots’ Association (BALPA) reports that a drone was flown within 20ft of an A320 landing at Heathrow. This certainly gives some pause for thought. If a drone can be flown within 20ft of a large aircraft at Heathrow – with thankfully no apparent malicious intent on this occasion, what other similar scenarios can we envisage?

A New Aviation RDS?

Is it unrealistic to envisage a scenario where terrorists or perhaps participants in an overseas conflict attack a major airport hub somewhere else in the world using drones? What if some of the drones are launched at the cockpit of a large aircraft taking off or landing while other drones simultaneously target air traffic control? Is this a new RDS?

Meanwhile, Lloyd’s is already on the case when it comes to a Cyber RDS. The Lloyd’s Market Bulletin Ref: Y4938 recently stated:

“For present purposes, Lloyd’s focus is on exposures arising from a malicious electronic act which for the purpose of this bulletin we label as ‘cyber-attack’. Cyber-attack is therefore the proximate cause of loss, although the consequences may include property damage, bodily injury, financial loss or other forms of damage.”

According to the Bulletin: “Syndicates are required to adopt a scenario-based approach for considering gross aggregate exposure to cyber-attack. Each syndicate must conceive and design at least three internal scenarios for this purpose. This is a minimum – the number and type of internal scenarios is otherwise entirely at syndicates’ discretion. Having created the internal scenarios, syndicates must then estimate their aggregate potential exposures to each, across all affected lines of business and report aggregate exposures to Lloyd’s by 1 April 2016.”

Terrorist Aircraft Spectaculars

In the wake of 9/11 and terrorists apparent obsession with aircraft “spectaculars” one imagines that there is every chance that a cyber aviation attack will make it into the top three scenarios. A 2013 AIAA Decision Paper: A Framework for Aviation Cybersecurity outlines the cyber challenge, as follows:

“Understand the threat actors and their intent: The aviation community must have a common understanding of these actors, their motivations, and intents to efficiently plan our defences. Think about the unthinkable: Our adversaries are thinking outside the box to plan cyber-attacks and we must do the same to stop them.”

The paper’s conclusion is chilling: “However, the global aviation system is at a crossroads. Implementing ICT (Information Communications Technology) across the aviation system increasingly connects the global aviation system. The full implications of the increased connectivity and dependency on ICT need to be understood in light of evolving cyber threats to ensure continued confidence in aviation.”