F-35 data sovereignty: Who controls the connected fighter?

Who controls a fighter that wins by sharing information faster than it fires weapons?

F-35 data sovereignty: In early 2025 and through late 2025, public debate sharpened across Europe about “kill switches,” software dependence, and what sovereignty means when combat power rides on code, encryption, and cloud-connected sustainment. Meanwhile, real-world tests kept pushing the jet deeper into coalition networks, including a Danish demonstration that moved classified data from F-35s in flight in Texas to a command centre in Denmark via an open-systems gateway and satellite communications (Military Embedded Systems).

However, the more consequential story is not a conspiracy. Instead, it is contract architecture, export control, and a global programme built to keep 20+ operators interoperable. Consequently, buying an F-35 Lightning II increasingly means buying into a software and data ecosystem where “ownership” splits between the operator, the Joint Program Office, and industry partners led by Lockheed Martin.

Moreover, Switzerland’s Federal Department of Defence, Civil Protection and Sport (DDPS) addressed the controversy directly on March 10, 2025, stating that remote control or blocking “is not possible,” and that Switzerland can use the system autonomously for its defence (Lockheed Martin). Even so, that reassurance sits beside a separate reality: modernization schedules, mission data pipelines, and sustainment tooling remain heavily centralized.

F-35 data sovereignty is now a procurement issue, not a footnote

F-35 digital sovereignty starts with software, not metal

Notably, the F-35 is best understood as a flying computer that happens to be stealthy. Consequently, the central procurement question has shifted from airframe performance alone to upgrade cadence, data governance, and access to mission-system evolution.

Moreover, the U.S. Government Accountability Office (GAO) has framed the programme’s modernization as a multi-decade software-and-hardware campaign, not a one-time delivery. In its May 16, 2024 report, GAO said the programme reached full-rate production in March 2024, yet still faced hardware and software delays tied to Technology Refresh 3 (TR-3), a suite of upgrades critical to Block 4 modernization (GAO).

Additionally, GAO has highlighted scale that can distort every sovereignty debate. The same report cited U.S. Department of Defense (DOD) estimates that development plus sustainment of 2,470 planned aircraft through 2088 will exceed US$2 trillion (GAO). When a fleet becomes that large, software becomes the main lever of capability and cost.

If you ever wanted proof that aerospace has become software engineering, try scheduling a “simple” upgrade across 2,470 military jets.

Why TR-3 and Block 4 delays matter for allies

Meanwhile, modernization delays are not just a U.S. budget headache. Instead, they shape coalition capability baselines, because partner fleets often train, deploy, and fight as mixed-nationality packages.

Notably, Reuters reported on July 11, 2024 that the U.S. planned to resume deliveries with a truncated TR-3 software configuration while full combat capability remained incomplete (Reuters). Subsequently, Reuters reported on August 29, 2024 that deliveries resumed under an agreement that withheld about US$5 million per aircraft until full TR-3 combat capability was delivered (Reuters).

Moreover, GAO’s critique has continued into 2025. On September 3, 2025, Defense News summarized a GAO finding that the Pentagon scaled back Block 4 ambitions to slow schedule slips and cost growth (Defense News). For operators, that matters because software releases translate directly into weapon clearances, sensor upgrades, electronic warfare changes, and interoperability improvements.

Therefore, “control” often looks less like a switch and more like a calendar. If your national defence plan assumes a capability drop in one year, a slip can become a strategic gap.

F-35 data sovereignty and the jet’s combat connectivity

F-35 connectivity is tactical networking, not airborne internet

Separately, the phrase “connected F-35” causes confusion because it mixes two different kinds of connectivity. First, the jet connects tactically in flight through secure data links designed for contested environments. Second, it connects operationally on the ground through mission planning and sustainment systems.

Specifically, the F-35’s in-flight connectivity centres on its communications, navigation, and identification suite, including the Multifunction Advanced Data Link (MADL) and Link 16, which appear in publicly available programme descriptions (U.S. Congress). Meanwhile, a Northrop Grumman press release distributed on April 23, 2013 described MADL as a high-data-rate, directional communications link for fifth-generation aircraft (PR Newswire).

However, none of that implies the jet streams to “the cloud” mid-dogfight. Instead, these links move mission-relevant data among aircraft and nodes using encryption, mission rules, and emissions control.

Gateways, BACN, and coalition translation

Additionally, coalition combat networking often requires translation between fifth-generation links and legacy networks. That requirement has shown up clearly in the United Kingdom’s parliamentary scrutiny of F-35 integration. In its February 16, 2018 response to the House of Commons Defence Committee, the UK Ministry of Defence (MoD) discussed trials that translated MADL messages to Link 16 format between F-35s and Eurofighter Typhoons (UK Parliament).

Notably, the modern “gateway” idea is now expanding beyond line-of-sight translation. On May 20, 2025, Military Embedded Systems reported that Danish F-35s demonstrated sharing classified data through Lockheed Martin’s DAGGR-2 open-systems gateway using commercial satellite communications to a command centre in Denmark (Military Embedded Systems).

Consequently, connectivity is becoming less about a single link and more about a mesh of gateways that can bridge classifications, waveforms, and national networks. For readers tracking Canada’s fighter debate, this gateway layer also intersects with airborne connectivity programmes such as Battlefield Airborne Communications Node (BACN), which Fliegerfaust has covered in the context of “universal translator” airborne nodes (Bombardier BACN delivery and coalition connectivity).

Can the US “block” an F-35 in flight?

Still, public concerns persist that “connectivity” implies external control. The most direct recent rebuttal came from Switzerland. In a March 10, 2025 statement reproduced by Lockheed Martin, Switzerland’s DDPS said a “remote control” or “blocking” of the F-35A “is not possible,” and that Switzerland does not need consent to use its weapon systems for defence (Lockheed Martin).

Moreover, that DDPS statement also said Switzerland would receive aircraft “with the same standard (Block-4) as all other customers and program partners” (Lockheed Martin). That phrasing matters, because it positions sovereignty as “operational autonomy” rather than “full software independence.”

Therefore, the better question is not whether a third party can joystick your jet. Instead, it is how much leverage exists through update cycles, cryptographic access, and sustainment systems when politics turns cold.

F-35 data sovereignty in software updates, mission data, and crypto

F-35 software sovereignty and the Operational Flight Program

Notably, the F-35 relies on mission systems software more than almost any fighter in service. That reality has long been acknowledged in UK parliamentary evidence, which noted the aircraft “probably relies more on software than any other defence programme in history” (UK Parliament).

Specifically, the core mission software runs as the Operational Flight Program (OFP), which integrates sensors, weapons, electronic warfare functions, and pilot-vehicle interfaces. However, export customers do not receive “ownership” of that software in the ordinary commercial sense. Instead, they receive a right to operate within agreed baselines, and they receive updates through a controlled certification process.

Moreover, the modernization story shows how centralized that pipeline remains. GAO has repeatedly documented that Block 4 capability delivery depends on TR-3 hardware and OFP maturity (GAO). Consequently, a buying nation can choose when to install upgrades, yet it cannot unilaterally create and certify new OFP builds.

In other words, you can decide when to update, but you cannot fork the repo.

F-35 mission data control through Mission Data Files

Meanwhile, the biggest area where operators fight for relevance is mission data. In simple terms, Mission Data Files (MDF) tailor sensors and electronic warfare performance to specific threat environments.

Notably, the programme has been investing in a dedicated enterprise for partner mission data. On April 22, 2024, the U.S. Air Force reported that the United Kingdom’s Royal Air Force and Australia’s Royal Australian Air Force reactivated former No. 80 Squadron at Eglin Air Force Base to provide mission data file programming for Australian, Canadian, and UK F-35 variants (Air Force Life Cycle Management Center). Two days later, Lockheed Martin’s F-35 site framed mission data as key enterprise input and highlighted the allied partnership behind that work (F-35).

Additionally, mission data governance has formal structures. On September 28, 2021, the F-35 Joint Program Office (JPO) announced that the Norway Italy Reprogramming Lab (NIRL) had been formally accepted at Eglin on September 22, 2021, to support mission data development and integration (F-35 Joint Program Office).

Consequently, MDF is where sovereignty becomes practical. Operators can shape threat libraries, prioritize national theatres, and validate mission sets. However, the tooling, test infrastructure, and export constraints still bind that work to a multinational programme.

Encryption, identification, and the quiet part of sovereignty

Additionally, the most sensitive elements of connectivity involve cryptography, identification, and secure network membership. In practice, those elements are often where national control meets alliance obligations.

For example, the UK MoD’s parliamentary response emphasized that partner nations’ sovereign data entered into sustainment systems is not shared with other partner nations, “including the US” (UK Parliament). That statement addresses data governance rather than crypto keys, yet it illustrates the core idea: programmes can ring-fence certain national information even inside shared architectures.

Still, encryption and waveform details remain tightly controlled for obvious operational reasons. Therefore, the credible sovereignty debate focuses less on “secret backdoors” and more on who issues, refreshes, and governs the credentials that make coalition networking possible.

F-35 data sovereignty on the ground: Autonomic Logistics Information System and Operational Data Integrated Network

From Autonomic Logistics Information System to Operational Data Integrated Network

Notably, the most contentious sovereignty arguments tend to involve ground systems, not in-flight links. The Autonomic Logistics Information System (ALIS) was designed to connect maintenance, parts, mission planning, and training in one enterprise system. However, ALIS became a lightning rod because it aggregated high-value operational data and tied it to a centralized sustainment model.

Moreover, GAO warned as early as April 14, 2016 that ALIS faced deployability risks because it required server connectivity and supporting infrastructure, a serious issue for forces operating from austere locations (GAO). That critique fed a broader recognition: logistics software can become a single point of friction for expeditionary airpower.

Consequently, the programme began transitioning from ALIS to the Operational Data Integrated Network (ODIN). On February 1, 2022, the F-35 JPO announced initial deployment of ODIN hardware, describing smaller, lighter servers designed to run ALIS software and future ODIN applications, with improved computing performance and security (Eglin Air Force Base).

A fifth-generation fighter can hide from radar. Unfortunately, it still cannot hide from a slow server.

The Sovereign Data Gateway and national “points of entry”

Meanwhile, operators pushed hard to prevent unwanted data exposure. That pressure produced the concept of a Sovereign Data Gateway (SDG), which sits within a nation’s architecture and controls what flows to shared hubs.

Notably, FlightGlobal reported on October 27, 2016 that the sovereign data gateway concept aimed to let partner countries inspect, verify, and even block, modify, or delay sensitive data flowing to the US hub (FlightGlobal). In the same article, the JPO described the SDG software as remaining within the partner country’s “central point of entry,” controlling data flow to programme operating units (FlightGlobal).

Additionally, concerns reached political boiling points. In 2019, Defense News reported documents suggesting some partners threatened to stop sending data or even withdraw if sovereign data concerns were not addressed (Defense News).

Therefore, today’s sovereignty posture is not theoretical. Instead, it is designed into the plumbing: national gateways, filtering rules, and contractual statements about what counts as sovereign data.

Global spares pools and the supply-chain dimension of sovereignty

Separately, “control” also includes physical dependencies. The F-35 programme uses global sustainment networks, pooled spares, and regionally distributed hubs. That architecture improves readiness potential in theory, but it also creates questions about ownership and access during crises.

Notably, Defense News reported on April 15, 2025 that parts in the global spares pool remain U.S. government property until installed on an aircraft, and that contractors maintain accountability for that property (Defense News). Meanwhile, GAO has also flagged sustainment strategy challenges, including the need to reassess technical data approaches and roles between the programme office and services (GAO).

Additionally, the programme has built regional maintenance, repair, overhaul and upgrade (MRO&U) capacity to reduce cross-border friction. On March 27, 2025, DVIDS reported the first U.S. Air Forces in Europe aircraft had been inducted into the Euro-Mediterranean airframe MRO&U facility at Cameri, Italy, underscoring the growth of European heavy-maintenance capacity for the fleet (DVIDS).

Consequently, sovereignty debates must account for spares, depots, and the legal status of parts as much as mission software. A nation can fly independently today, yet still rely on a multinational system for parts tomorrow.

F-35 data sovereignty and Israel’s exception

Why Israel got a different deal

Notably, Israel is widely viewed as the programme’s standout case for national customization. That perception is not baseless. In a November 19, 2025 Reuters report on Saudi interest in fifth-generation fighters, Reuters said Israel received permission to customize its F-35s with Israeli systems, including the ability to integrate its own weapons and radar-jamming technology (Reuters).

Additionally, reporting has long highlighted Israeli intent to add indigenous electronic warfare and weapons. In a February 27, 2017 Air & Space Forces Magazine feature, the magazine noted that some observers viewed Israel as the only customer with a “unique” variant, while Lockheed Martin spokesperson Eric Schnaible described three main modification areas:

• 1- command, control, communications, computers and intelligence.
• 2- electronic warfare.
• 3- and weapons integration (Air & Space Forces Magazine).

Earlier, Wired reported on May 10, 2016 that Israel had secured permission to integrate national systems and weapons as part of its F-35 plan (Wired).

Therefore, Israel’s “exception” is best described as negotiated interfaces and permissions, not total independence from the global baseline. Israel still operates within the broader F-35 upgrade universe, yet it secured room to integrate national systems where others must wait for programme-level integration.

Israel has the admin rights others rent, but it still shares the operating system.

What other operators can customise in practice

Meanwhile, other nations have made gains, even if they look less dramatic than Israel’s. For example, the UK’s status as a Level 1 partner has provided deep programme access and influence. In parliamentary evidence, the UK emphasized its embedded specialists within industry and test communities, and the ability to shape trials and requirements (UK Parliament).

Additionally, the UK government response stated the programme has governance “in which the UK has an equal vote to the US Services” for dealing with issues (UK Parliament). That matters, because sovereignty also means influence over what the common baseline becomes.

Moreover, some nations have pursued national security-of-supply measures within the global support model. That approach does not break dependence, but it cushions it through spares stocking, regional MRO&U capacity, and sovereign data filtering.

Industrial participation is not the same as operational independence

Still, industry participation and operational sovereignty are often conflated. A nation can build parts, host a depot, and still lack authority to modify core mission software.

For Canadian readers, that distinction has become central in national debate. Fliegerfaust has already framed how Canada’s fighter choices involve trade-offs between economics, interoperability, and control (F-35 cancellation risks and the sovereignty trade). Similarly, recent Canadian procurement signalling has kept the sovereignty theme alive, even when the headlines focus on jobs and assembly lines (Canada’s latest fighter procurement signals).

Consequently, the practical question becomes: which levers matter most in a crisis—software access, mission data agility, spares availability, or diplomatic alignment? In reality, operators need all four.

F-35 data sovereignty: what buying nations control versus Lockheed and the US

F-35 sovereign control begins with operations and mission decisions

Notably, every operator controls how it uses its aircraft day to day. Nations decide alert postures, basing, training syllabi, weapons loadouts within cleared envelopes, and rules of engagement.

Moreover, Switzerland’s DDPS statement is unambiguous on operational autonomy: “Switzerland does not need consent if it wants to use its weapon systems or guided missiles for its defence. It can do this autonomously, independently, independently and at any time” (Lockheed Martin).

Additionally, nations can choose when to accept software upgrades. That choice is not cost-free, but it is real. In practice, an operator can keep aircraft flying with an existing certified baseline, especially for homeland defence missions.

Where the programme office retains control

However, the programme retains control over core software baselines and certified modernization packages. That control flows through the U.S.-led programme structure and export governance.

Notably, GAO has emphasized how TR-3 and Block 4 modernization drive capability delivery timing (GAO). Similarly, Reuters reporting on the resumed deliveries with payment withheld until full TR-3 combat capability illustrates how programme acceptance criteria and contractor delivery intersect (Reuters).

Moreover, mission data development sits inside shared labs and processes. The reactivation of the 80th Fighter Squadron for partner support work underscores that MDF is now an institutionalized enterprise function, not an ad hoc national activity (Eglin Air Force Base).

Where Lockheed and industry remain indispensable

Separately, Lockheed Martin and other industry partners remain indispensable in sustainment tooling, software delivery, and parts support. That is not unique to the F-35, but the scale and integration of the system amplifies it.

For example, the UK Parliament record noted that “we have complete and unfettered use of ALIS and its technical data for the sovereign operation of our fleet” and, separately, stated that a partner nation’s sovereign data is not shared with other partner nations, including the US (UK Parliament).

Additionally, ODIN’s transition shows the shared nature of sustainment evolution. The JPO’s 2022 ODIN hardware rollout described installations supported by JPO and Lockheed experts, with uniformed maintainers operating the systems (Eglin Air Force Base).

A practical “control map” for operators

Below is a simplified view of what tends to sit where, based on public documentation and official statements.

F-35 utilisation: availability versus flying hours

“Utilisation” is usually discussed in two separate metrics. First is availability/readiness: how often the jet is actually available to fly. Second is use: how much it is flown when it is available.

Availability/readiness: how often is the jet available or mission capable?

In a December 19, 2025 press release, the U.S. Department of Defense Office of Inspector General said the average Air Vehicle Availability rate for all U.S. F-35s in fiscal year 2024 (FY2024) was 50% (DoD OIG).

On December 23, 2025, Reuters reported the same 50% figure and said it was 17 percentage points below the Pentagon’s minimum performance requirement of 67% (Reuters).

Separately, Air & Space Forces Magazine’s FY2024 dataset put the F-35A mission-capable rate at 51.5%. In the same FY2024 table, it listed the F-22 at 40.19% and the F-15EX at 83.13% (a small fleet) (Air & Space Forces Magazine).

For a mature fourth-generation benchmark, Air & Space Forces also reported the U.S. Navy has sustained about 80% readiness for its F/A-18 Super Hornets, citing Chief of Naval Operations Adm. Lisa Franchetti (Air & Space Forces Magazine).

Important caveat: “mission capable,” “full mission capable,” “availability,” and “readiness” are not identical terms across services and reporting systems. Consequently, comparisons are directionally useful, but not perfectly apples-to-apples.

Use: how much is it flown when it is available?

On flying hours, GAO reported on April 15, 2024 that planned annual use of the F-35 has been reduced versus earlier expectations, in part tied to reliability issues. In the same report, GAO said overall availability has trended downward over the past five years and none of the variants are meeting availability goals (GAO).

For broader cross-fleet context, the U.S. Defense Acquisition University summarized a June 2025 Congressional Budget Office analysis finding that availability and use tend to decline as aircraft age, and that F-35 availability and use have been lower in some cases than other fighters of the same age (Defense Acquisition University).

Bottom line: what the latest U.S. numbers suggest

Based on the most recent publicly reported U.S. figures above, current F-35 utilisation in readiness/availability terms is generally lower than mature fourth-generation benchmarks such as the Navy’s Super Hornet readiness level and lower than newer small fleets like the F-15EX—while also being higher than some stressed fleets, such as the USAF’s F-22 in FY2024 (Air & Space Forces Magazine).

Conclusion: the real trade in F-35 data sovereignty

Notably, the F-35’s “connected” design is not a flaw. Instead, it is the point: sensor fusion, secure data sharing, and coalition interoperability have become core combat multipliers. The Danish classified-data demonstration in May 2025 is a clean example of where the programme is heading (Military Embedded Systems).

However, F-35 data sovereignty still comes with a price. Nations can fly independently, yet modernization cadence, mission data enterprise tooling, and sustainment architecture remain highly centralized. Moreover, spares pools and depot networks add legal and logistical dependencies that do not disappear in a crisis (Defense News).

Consequently, the smart debate is not whether the jet has a mythical “off switch.” Instead, it is whether allied air forces have negotiated enough practical control over mission data agility, sustainment continuity, and upgrade timing to match their strategic promises. In that light, Israel’s exceptional customization rights show what is possible, but also how rare it is.

Finally, procurement leaders should treat software governance as a first-order defence requirement, not a contract appendix. Otherwise, “interoperability” can quietly become “dependency,” and that is not the same thing. If future conflict is as fast as the F-35’s data flows, have allied governments been rigorous enough about what F-35 data sovereignty will mean on the day diplomacy fails?

Leave your answers and comments below and on our Fliegerfaust Facebook page.

F-35 data sovereignty – Sources

• U.S. GAO — F-35 Joint Strike Fighter: Program Continues to Encounter Production Issues and Modernization Delays (May 16, 2024).
• U.S. GAO — F-35 Sustainment: DOD Needs a Plan to Address Risks Related to Its Central Logistics System (April 14, 2016).
• U.S. GAO — F-35 Aircraft: DOD and the Military Services Need to Reassess the Future Sustainment Strategy (2023).
• Reuters — US F-35 jet deliveries to resume soon with truncated software upgrade (July 11, 2024).
• Reuters — Pentagon withholds $5 million per F-35 jet as deliveries resume (August 29, 2024).
• Defense News — Pentagon cuts back F-35 upgrades to slow schedule slips: Auditors (September 3, 2025).
• Lockheed Martin — Switzerland Can Use the F-35A Independently (March 10, 2025).
• UK Parliament — Unclear for take-off? F-35 Procurement: Responses to the Committee’s Second Report (February 16, 2018).
• UK Parliament — Unclear for take-off? F-35 Procurement (December 19, 2017).
• UK Parliament — Written evidence on F-35 Procurement (2017).
• FlightGlobal — New F-35 software could quell ALIS sovereignty concerns (October 27, 2016).
• Eglin Air Force Base — F-35 Joint Program Office completes initial deployment of new, improved logistics hardware (February 1, 2022).
• Air Force Life Cycle Management Center — RAF, RAAF reactivate squadron for F-35 reprogramming mission (April 22, 2024).
• F-35 (Lockheed Martin) — Allies Strengthen F-35 Mission Data Partnership (April 24, 2024).
• F-35 Joint Program Office — Norway Italy Reprogramming Lab Formally Accepted (September 28, 2021).
• Defense News — Two F-35 partners threatened to quit the program. Here’s why they didn’t. (June 12, 2019).
• Defense News — F-35 nations prize spare parts, as US dismisses kill-switch angst (April 15, 2025).
• DVIDS — First USAFE Aircraft Inducted into Euro-Med Airframe MRO&U Facility in Cameri (March 27, 2025).
• Military Embedded Systems — F-35 shares classified data in flight during Danish interoperability test (May 20, 2025).
• Reuters — US F-35 jets to be sold to Saudi Arabia to lack Israel’s advanced features (November 19, 2025).
• Air & Space Forces Magazine — The Israeli F-35s (February 27, 2017).
• Wired — Why Only Israel Can Customize America’s F-35 (At Least for Now) (May 10, 2016).
• U.S. Congress — F-35 Lightning II and the Joint Strike Fighter Program (hearing document) (May 10, 2023).
• PR Newswire — Northrop Grumman-Developed Multifunction Advanced Data Link Achieves Successful Flight Test Milestone for F-35 Program (April 23, 2013).
• Fliegerfaust — F-35 Cancellation: Economic Risks & the Gripen Alternative for Canada (March 28, 2025).
• Fliegerfaust — Bombardier BACN delivery: 9th Global Jet Strengthens USAF’s ‘Wi‑Fi In The Sky’ Network (September 29, 2025).
• Fliegerfaust — UPDATE #3 Gripen deal Canada: Bombardier hears chances of Saab deal at 85% (February 2, 2026).

For full details, please refer to our Disclaimer page.

The appearance of U.S. Department of War (DoW) visual information does not imply or constitute DoW endorsement.