Automation Evolution Strategy
Contents: ⇣ What is AES? | ⇣ Why Modernize? | ⇣ How Will AES Help The FAA Evolve? | ⇣ Documents | ⇣ Scope | ⇣ What's Next? | ⇣ Contacts | ⇣ Videos
What is AES?
The Automation Evolution Strategy (AES) is the strategy the FAA is using to modernize its automation by adopting a services-based architecture, with emphasis on more timely development and delivery of new capabilities. A service-based architecture is an architecture framework in which different parts of a system-of-systems interoperate by exposing and accessing data and processing functions as services that can be accessed over a network.
In simple terms,
"AES is a vision for the future evolution of how FAA's automation systems are built."
AES Vision
Create a National Airspace System (NAS) composed of automation capabilities that utilizes layered enterprise components and reusable services which can be developed, acquired, and sustained independently
Why Modernize NAS Automation Development And Deployment Architecture?
In many of today’s FAA automation systems, each system independently maintains similar technological infrastructure elements (e.g., hardware, operating systems, data management tools). These systems generally do not take advantage of shared, enterprise-based infrastructure elements and methodologies that could optimize operating costs, scale to meet dynamic user demands, and enable the use of common data flows to ultimately improve Air Traffic Management (ATM) service delivery.
The AES aims to migrate these systems to a modern, layered architecture to accrue a number of benefits for the FAA and enable the transition to an Info-Centric NAS.
Current State
- Many of FAA's automation systems independently maintain similar technological infrastructure elements such as hardware, COTS, and data management tools.
- These siloed systems do not allow programs to take advantage of shared, enterprise-based infrastructure elements and methodologies.
Transition State
- Migrate systems to a layered, service-based architecture thru a combination of cloud, Development, Security and Operations (DevSecOps), and enterprise/micro services.
Future State
- An Info-Centric NAS and improved Air Traffic Management (ATM) service delivery that:
- scales to meet dynamic user demands
- enables the use of common data flows; and
- optimizes operating costs.
- New business opportunities as well as expansion of industry base.
The AES was created with specific strategic objectives in mind. These are listed below.
AES Strategic Objectives:
Obtain efficiencies in the development, operation, and sustainment of NAS automation systems/services.
Reduce time to develop, integrate, and deploy new capabilities.
Leverage commercial best practices.
Promote competition to ensure optimal return on investment.
Establish a scalable, flexible, secure, and resilient architecture to support ATM service delivery.
This website, and the Request for Information (RFI) recently released, seeks to move forward on leveraging commercial industry best practices by engaging with industry to learn from their experience in agile, while at the same time mitigating potential risks.
How Will AES Help The FAA Evolve?
AES envisions a layered, service-based architecture [⇣ 1] that encompasses air traffic management services.
This architecture leverages advances in service-orientation using modern design patterns (e.g., microservices [⇣ 2]), enterprise processes, information technology services, like cloud technologies, and using industry best practices in software Development, Security, Testing (e.g., Test Driven Development [⇣ 3]), and Deployment to Operations (DevSecOps).
In the image below, we have identified the three AES layers.

Note: Enterprise services and tools depicted in the diagram are examples of capabilities that can be available within the AES architecture.
Starting from the bottom-up:
The Computing Resources Layer
- Leverages FAA's work in cloud services (for example, National Cloud Integration Services (NCIS), FAA Cloud Services (FCS)) to provide underlying computing infrastructure (on the right-hand side) and end-user devices (for example, workstations).
- The benefit of this is that this is a change paradigm for infrastructure acquisition and deployment to provide improved scalability, flexibility and resiliency for the architecture.
Standards-Based Software Platform Layer
- The objective of this layer is to provide a shared platform capability to support development, testing and deployment of applications and services.
- FAA has already developed initial information sharing platform capabilities such as SWIM.
- The benefit of this is that it helps streamline and accelerate development and deployment of capabilities by providing a shared set of Enterprise Services and Tools.
Mission Software Layer
- With the infrastructure capabilities provided by the computing and platform layers that we just described, the programs will not need to worry about acquiring and supporting the underlying infrastructure. They can now focus on providing services and applications to the users utilizing shared enterprise platform capabilities.
To accomplish this vision, the FAA has organized the AES work in five focus areas.
Systems Engineering & Architecture Planning
Refine Service-Based Architecture
Outcome: Establish Service-Based Architecture and automation evolution strategy with associated work plan
Architecture Transition Planning
Outcome: Define transition strategies that balances the need to reduce costs while transitioning effectively to strategy vision
“Learn by Doing”
Architecture Validation and Risk Reduction Efforts
Outcome: Conduct risk mitigation efforts that will support architecture validation and enable FAA to apply Agile/DevSecOps processes and tools, help establish roles and responsibilities across government and industry and capture lessons learned
Leverage Innovation
Stakeholder Engagement
Outcome: Engage internally and externally to solicit input on Automation Evolution Strategy, potential transition opportunities and acquisition enhancements to best implement strategy
People & Processes
Acquisition, Budget, and Contracting
Outcome: Conduct acquisition of Service-Based Architecture that includes budgetary needs, contractual approach, and senior leadership approval; Define acquisition strategies, budget requests, as well as contracting artifacts and processes that are necessary to enable implementation
In summary, AES delivers a new paradigm creating a more agile NAS that responds to new entrants, improves air traffic management, and maintains our commitment to safety, by empowering FAA programs to focus on developing high priority user features and capabilities, faster.
AES Documents
AES released several documents to industry via the AES RFI. The links to the RFI and the related documents are referenced below.
- AES released an RFI on August 4, 2023. Industry is being asked to provide input on the themes outlined in the RFI, which are also detailed below in the AES Scope section; inputs will be collected via a response to the RFI, and if desired, one-on-one meetings. To schedule a one-on-one meeting, please email AES@faa.gov.
- The Service-Based Reference Architecture for NAS Automation describes the technical characteristics of the future architecture to achieve the goals of AES.
- The Concept of Use for Service-Based Reference Architecture describes how the architecture will be created, sustained, and used.
AES Scope
Based on the envisioned roles associated with the Service-Based Architecture (see Concept of Use for Service-Based Reference Architecture), a set of themes are summarized below to organize responses on industry solutions and applied experience for any given area. These themes establish a framework for providing inputs, are not intended to be exhaustive, and may be refined based on industry feedback. In addition, industry inputs do not need to cover the whole framework, and may focus on a single theme or span multiple areas.
The FAA is seeking input on industry experience with architecting, designing, developing, operating, sustaining and governing mission layer software (e.g., applications, mission and common mission services), with a focus on innovative solutions that can be applied at enterprise scale across multi-vendor industry and government teams. The FAA is interested in industry approaches that allow software components developed by independent vendors to be deployed to interoperate as well as seamlessly share data (e.g., via APIs) and computation services (e.g., algorithms, etc.).
The FAA is also interested in industry experience with application of modern software methodologies and architecture approaches (i.e. Agile, DevSecOps, Service Mesh, Cloud Native/Well-Architected Framework). In particular, examples of how these methodologies have been applied while addressing integration at scale as well as application of enterprise governance while ensuring that performance and availability requirements are met across end-to-end service threads (see also Services Integrator topic).
Inputs on recommended approaches for transitioning legacy systems and processes (i.e. waterfall acquisition model to modern software methodologies) to the envisioned Service-Based Architecture Mission Layer is also of interest. In particular, contracting approaches needed to adopt an agile acquisition framework (e.g., enable flexibility for FAA to refine requirements and schedule based on evolving project priorities, supports incremental and more frequent deliverables). Recommendations and methodologies for deprecating legacy software and reducing technical debt while continuing service delivery is of special interest to the FAA.
The FAA is seeking input on enterprise data management solutions (to include master data management, local, as well as enterprise shared data) for a Service-Based Architecture, including relevant technologies, architectural solutions, and applications that include the following areas of interest:
- Data Access: How best to provide layered, flexible, efficient, simultaneous data access to external and internal end users and services.
- Data Consistency: Optimal solutions to maintain data consistency across different operating environments.
- Performance: Ensure scalable performance to handle concurrent requests and high volumes of data.
- Disaster Recovery: Ensure data is not lost in the event of a failure.
- Data Security: Support for securing data of various levels including ensuring data integrity and protecting sensitive data from unauthorized access while maintaining privacy.
- Integration: Integration of the data management capabilities with other technologies including enablement of a unified data integration architecture that accounts for metadata to integrate and govern data across different environments (e.g., data mesh, data fabric approaches).
The FAA is interested in industry experience with providing enterprise platform solutions that can be used for development, integration, testing, and production operations. The platform should support the Mission Layer and Data Management functions described above, including tools (e.g., service discovery, service catalog, self-service portals) to support modern software methodologies (i.e. Agile, DevSecOps) and should insulate application and services in the mission layer from the underlying enterprise-wide compute environments. The FAA also seeks industry experience in deploying a Platform as a Service (PaaS) approach.
The FAA is also seeking industry experience with architecting, providing, and operating the underlying compute solutions, to include hybrid off-premise (e.g., commercial and Gov cloud) and on premise (e.g., data centers or dedicated server) compute environments. In addition, information on industry experience with government systems that have been deployed and are operating in GovCloud is also of interest (i.e. outage metrics). The FAA is especially interested in industry experience with technical and business requirements analogous to those of the NAS that includes the need to provide high availability, low latency, high throughput, secure computing with data sources and FAA personnel performing critical functions at locations widely distributed across United States Controlled Airspace.
The process of establishing the compute layer will need to consider other enterprise efforts such as cybersecurity and telecommunications activities to ensure there is sufficient connectivity and the Authorization to Operate (ATO) is achieved for production activities. The FAA is also seeking input on topics that relate to optimization of the compute and storage environment, scaling, and migration of legacy system functions to modern compute environments (i.e. Infrastructure as a Service (IaaS), PaaS). In addition, the FAA is seeking input on processes needed to ensure proposed platform and compute solutions are kept current with latest industry advancements and without having any impact on mission layer services.
The FAA seeks industry experience with enterprise and system security infrastructure that is responsive to changes in laws, regulations, and risk. The FAA seeks input on approaches for securing widely distributed critical operational infrastructure, as well as mission support and administrative functions within the larger enterprise. The FAA is also interested in experience with implementing zero-trust, specifically as it relates to this architecture as the FAA has an increasing number of interactions with external entities including information exchange with industry and government partners as well as dissemination of approved FAA data to the public. Also, as part of an overall internal threat mitigation strategy, the FAA is seeking technology solutions including but not limited to data loss prevention, database monitoring, and access management tools that can assist in mitigating internal threats. The combination of the above requires cybersecurity and information integrity solutions necessary to adequately protect FAA’s mission and business processes at all levels of the enterprise architecture.
Given the above, the FAA is interested in security solutions from industry, which can be applied throughout the FAA’s enterprise infrastructure including both on-premise and off-premise assets (e.g., mission applications, data management, platform and computing resources). Such solutions must make sure that appropriate security controls at all levels are in place to protect the enterprise. Furthermore, the FAA seeks input based on industry experience with operating or supporting cybersecurity operations centers that monitor services and networks, pre-emptively identify potential attacks, and respond to incidents. Security solutions must also provide the ability to perform forensic investigation of data breaches, system, and network compromises. In addition, consideration must be given for solutions that can be integrated into current FAA cybersecurity operations.
The FAA is interested in industry experience with applied solutions that will enable successful technical integration across IaaS and PaaS solutions to meet NAS enterprise requirements. Additionally, the FAA is seeking solutions that includes integration across application and services using IaaS and PaaS solutions for capabilities developed both inside and outside of the FAA. This includes industry input on best practices associated with different integration frameworks that have been applied for government agencies, for example, federated approaches where the integrator acts primarily as a coordinator or facilitator versus an approach where the integrator has primary responsibility for integrating components across different vendors.
In addition, this topic also includes industry experience with supporting the FAA in establishing governance and management processes for unifying efforts across multiple vendors and FAA domains to meet NAS enterprise requirements. These governance efforts will also include configuration management activities associated with enterprise platform services and common mission services to include identifying and approving new services, integrating new services into NAS operations as well as deprecating legacy services.
The FAA is seeking input on industry solutions to maintain, monitor, manage, and operate common mission, platform, and compute services (both off-premise and on-premise, including interfacing with communication and satellite service providers) that are used by multiple NAS stakeholders. These capabilities ensure that quality of service objectives are met during operations and changes in service or application status are addressed appropriately. Industry experience with other government agencies on best practices for allocation and integration of monitoring and control functions across the mission, platform and compute layers is also of interest. Also, inputs on approaches for maintaining mission and common mission services to include integrating proposed maintenance solutions with the FAA's current maintenance operations is desired.
What's Next?
This website and the AES RFI are part of our AES Stakeholder Engagement Focus Area approach. The FAA wants to leverage industry innovations, and collaborate to help shape this strategy vision, address key challenges, as well as mitigate potential risks. In parallel, we are defining the potential industry engagement activities to do all this. To accomplish this, we have divided our Industry Engagement approach in three phases.
- Awareness Phase
- Level-set industry understanding of AES concepts and principles by establishing awareness around key messages such as:
- The FAA’s vision of a layered architecture approach introduces new business opportunities as well as expansion of industry base
- FAA is seeking to leverage technologies and solutions that are outside of the aviation domain (i.e. target traditional and non-traditional vendors)
- Level-set industry understanding of AES concepts and principles by establishing awareness around key messages such as:
- Understanding and Collaboration Phase
- Collaborate with industry to obtain industry feedback with respect to AES objectives as well as specific topics (e.g., incremental acquisitions, DevSecOps toolchains and processes)
- Refinement Phase
- Refine potential procurement and market research activities (e.g., industry day, market survey) to reflect improved understanding of FAA and industry needs
We are really excited about this vision! The FAA is targeting more industry engagement activities in 2023 so stay tuned as we keep updating this website. We look forward to engaging further in this vision.
AES Contacts
For general AES information, requests/questions, and one-on-one meeting requests, please email AES@faa.gov.
AES Videos
To gain more understanding of AES, the FAA has created a 3-part series of videos.
1 Service-based Architecture is an architecture framework in which different parts of a system-of-systems interoperate by exposing and accessing data and processing functions as services that can be accessed over a network. | ⇡ Back
2 Microservices are small self-contained, loosely coupled services. In today's world it is all interconnected. The idea behind microservices is that you establish services and capabilities that are loosely coupled so if you need to upgrade the system, you don't have to bring down the whole system. You modify that service, and not have to worry about breaking all other parts. | ⇡ Back
3 Test Driven Development is a software development process relying on software requirements being converted to test cases before software is fully developed. It tracks all software development by repeatedly testing the software against all test cases. In other words, it is the process of modifying the code in order to pass a test previously designed. | ⇡ Back