WASHINGTON — At some point over the recent history of the American-led Joint Strike Fighter program, at least two international F-35 partners issued an ultimatum to the U.S. Defense Department: Find a way to restrict U.S. access to foreign militaries’ sovereign data, or risk losing those countries as a customer.

The core issue, according to Defense Department documents about the F-35 program exclusively obtained by Defense News, surrounded the F-35′s logistics system, the Lockheed Martin-produced Autonomic Logistics Information System, otherwise known as ALIS.

ALIS is used by F-35 operators in virtually all stages of flying and sustaining the Joint Strike Fighter. The system is used to plan and debrief missions, order spare parts, walk maintainers through repairs, and view technical data and work orders.

But some partners on the F-35 program worried that data flowing through ALIS to the United States — and to Lockheed Martin — could give both the U.S. military and the American defense contractor a window into that country’s flight operations, including when and where its F-35s are flying.

Although several foreign F-35 customers have publicly discussed concerns about sovereign data moving through ALIS, this report marks the first time it has been disclosed that those concerns were so severe that multiple countries threatened to withdraw from the program.

“[Two-plus] countries have threatened that, if sovereign data is not addressed, they will either (a) pull out of the F-35 program of (b) stop sending any data to the U.S.,” one document states.

The documents, which are marked “for official use only,” do not specify which countries had considered dropping out. Vice Adm. Mat Winter, who has led the F-35 program since 2017, said he was unaware that any nations had made such threats.

Click here for more on the hidden troubles of the F-35.

“I don’t know where that ever came from, maybe from the politics, but there’s nobody pulling [out]," he said. “No one ever said those words to me, and I see all of my partners on a regular basis.”

It appears a solution may already be in hand.

On Aug. 17, 2018, the Defense Department awarded a $26 million contract to Lockheed Martin to develop and test an “ALIS Sovereign Data Management” system that will allow foreign partners to more tightly control and protect their own data.

That effort has borne fruit, and certain partner nations have begun using the new data guard, which rolled out earlier this year, Winter said.

“Sovereign data management has been fielded to those that have aircraft. Norway has it. Israel has it. U.K. has it. Italy has it. We’re rolling it out to the Asia-Pacific here, now,” Winter said.

According to Greg Ulmer, Lockheed’s F-35 program head, early feedback from international customers is positive.

New safeguards

The new data guard allows a foreign military to manage aspects of its data that is sent to the F-35 Hybrid Production Support Integration team, basically allowing a partner nation to review and block data leaving the country.

But the documents obtained by Defense News also mention a future iteration of the management system, which is set to be available in 2020 on a future version of the software known as ALIS 3.6. That future iteration is expected to allow countries to filter the “releaseable” data from the “nonreleaseable” data in every message.

But why might it be important for foreign nations to share certain data collected by ALIS?

Both the F-35 Joint Program Office and Lockheed use the data collected by the planes to analyze the health of the aircraft and gauge when maintenance is needed. Without it, foreign militaries could be required to perform extra inspections or work on the plane to mitigate additional safety risks. It would also hinder Lockheed’s ability to provide spare parts when needed, making it more likely that jets would be stuck on the ramp.

Although many partner nations already have the sovereign data management system, the problem is currently classified as a category 1 deficiency, the label given to technical problems of high severity. Winter could not say when the deficiency would be formally eliminated or downgraded to category 2 status, and the F-35 JPO did not provide an answer to this question by press time, despite several weeks of advanced notice.

Mark Gunzinger, a senior fellow at the Center for Strategic and Budgetary Assessments, said the sovereign data concerns raised by allies over the F-35 are a logical extension of the data security discussions that regularly occur between the United States and international countries that buy its weapons.

“It’s a two-way street,” he said, noting that the U.S. Defense Department is currently grappling with how to respond to Turkey, an F-35 partner nation that has triggered security concerns with its plans to buy the Russian S-400 air defense system.

“You can’t fault our allies and partners for expressing their concerns,” Gunzinger added. “They should certainly be expressed, and it looks like they are — just as we have expressed our concerns over other weapons systems programs, fairly recently, in fact.”

The documents stated that the concerns about ALIS sovereign data stem back to 2013, when the Australian Ministry of Defence conducted a review of ALIS data security.

“For [five] years, the international partners have highlighted the need for a sovereign data solution to ALIS,” the document states. However, the Pentagon did not recognize the problem as a deficiency until December 2016, when Todd Mellon, formerly the F-35 program office’s top civilian, directed that the issue be assigned as a category 1 deficiency.

“U.S. services are ambivalent to this issue,” the document states. But “foreign partners believe that the ability to inspect and control information coming into and leaving their country is critical to their cyber security posture.”

At the time, certain partners discussed working on their own solutions to the sovereign data issue.

The Royal Australian Air Force planned to create an interim product that would help F-35 partners protect their data and could be introduced as early as 2018, Air Vice Marshal Leigh Gordon told FlightGlobal in 2017. It is unclear whether the RAAF continued to develop that fix.

Norway and Italy stood up a software lab at Eglin Air Force Base, Florida, allowing the two nations to manage its mission data separately from the U.S. military. A spokeswoman for the Italian Air Force told FlightGlobal in 2017 that Italy was also working on hardware and software that would filter out sensitive F-35 data and keep it from being sent to the United States.

Correction 6/12/19: This story misstated the value of the sovereign data management contract, which is $26 million.

Valerie Insinna is Defense News' air warfare reporter. She previously worked the Navy/congressional beats for Defense Daily, which followed almost three years as a staff writer for National Defense Magazine. Prior to that, she worked as an editorial assistant for the Tokyo Shimbun’s Washington bureau.

More In The Hidden Troubles of the F-35