Thiruvananthapuram: The preliminary investigation into the crash of Air India Flight AI171, involving Boeing 787-8 aircraft, has revealed a critical design vulnerability, leading to compensation demands exceeding $150,000 per passenger and also necessitating a probe into potential cyber terrorism, internationally renowned CPS security researcher and CII-SCADA engineer KS Manoj said.
The probe into the Ahmedabad crash revealed that both engines shut down mid-air due to nearly simultaneous actuation of the fuel cutoff switches, raising serious questions over aircraft design, system redundancy, and regulatory oversight, technical author K.S. Manoj said.
The Aircraft Accident Investigation Bureau (AAIB) confirmed that the engine shutdown occurred seconds after takeoff from Ahmedabad on June 12, 2025, resulting in the deaths of 260 persons on board, he said.
The report quotes cockpit voice recordings in which one pilot asks, “Why did you cutoff?”, to which the other replies, “I didn’t.”
"Experts say the incident may not be due to pilot error but rather points to a critical design vulnerability in the Boeing 787 architecture, where both fuel switches can be toggled in flight without lockout, software inhibition, or physical safeguards," he said.
While Boeing’s 787 is marketed as a fly-by-wire aircraft with triple-redundant systems, the investigation has exposed a “Zero Redundancy Window” (ZRW) — a critical phase during takeoff when no backup power or control protection was available once both engines were shut down, the expert said.
In comparison, Airbus aircraft such as the A320neo and A350 are equipped with guarded fuel switches, flight-phase-aware interlocks, and full authority digital engine control (FADEC)
systems that prevent dual-engine shutdowns in-flight, he added.
Airbus also allows its Auxiliary Power Unit (APU) to remain active or on standby during takeoff, offering immediate power recovery in case of engine loss, said KS Manoj, who contributed significantly to operational technology (OT) security initiatives across India’s power and healthcare sectors.
The Boeing 787, however, disables the APU during takeoff and relies on delayed auto-start, which experts say proved inadequate in the seconds following the AI171 engine cutoff.
Another key difference is the use of hydraulic accumulators. Airbus aircraft are equipped with pre-charged accumulators that maintain hydraulic pressure for flight controls, brakes, and
landing gear during engine loss.
Boeing 787 reportedly lacks such accumulators capable of sustaining flight-critical functions in a dual engine failure scenario.
As a result, the aircraft lost control before the Ram Air Turbine (RAT) or APU could restore system functions.
The crash has triggered calls for legal action and compensation. Under the Montreal Convention, the airline and aircraft manufacturer may be liable for damages exceeding USD 150,000 per passenger if negligence or design flaw is established.
Aviation legal experts suggest Boeing could face substantial compensation claims similar to those filed after the 737 MAX crashes.
In the aftermath of two fatal 737 MAX accidents in 2018 and 2019 — Lion Air Flight 610 and Ethiopian Airlines Flight 302 — Boeing agreed to pay over $ 2.5 billion in settlements and penalties.
This included $500 million compensation fund for the victims’ families and a $243.6 million criminal fine, he said.
The settlements were tied to Boeing's admitted concealment of safety issues related to the Maneuvering Characteristics Augmentation System (MCAS).
Legal experts say that if a design flaw in the Boeing 787 fuel system is confirmed in the AI171 case, it could establish a comparable or even more severe liability precedent for the
manufacturer.
Further complicating the case is the possibility of cyber sabotage. Both pilots reportedly denied activating the switches, and both engines attempted relight seconds later.
Given the 787’s high level of networked system integration, the potential for avionics compromise, including FADEC manipulation or maintenance terminal exploitation, cannot be ruled out.
Despite these factors, no first information report (FIR) has been registered under Section 66F of the Information Technology Act, which pertains to cyber terrorism, KS Manoj, one of India's leading cyber security professionals, said.
India’s air transportation sector is classified as Critical Information Infrastructure (CII) under the
National Critical Information Infrastructure Protection Centre (NCIIPC).
Experts say failure to initiate a CERT-In or NCIIPC investigation may constitute a lapse in national cybersecurity enforcement.
The AAIB report also refers to a 2018 Safety Bulletin (SAIB NM-18-33) issued by the US Federal Aviation Administration (FAA) concerning fuel switch locking mechanisms in Boeing aircraft.
Air India confirmed that the recommended inspections were not carried out, citing the advisory nature of the bulletin.
Aviation safety analysts have recommended several urgent measures, including the filing of a
cyber terrorism case under Section 66F, a joint forensic audit by CERT-In and NCIIPC, mandatory retrofitting of switch guards and software interlocks on Boeing 787 aircraft, and a temporary suspension of the 787 fleet in Indian airspace until safety verifications are
complete.
Boeing has not issued an official statement in response to the findings of the preliminary report, KS Manoj, who is also a Research Engineer at CPS Security CPS Security Intelegrid ECC (P) Ltd, pointed out.
