×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Boeing 787 May Be Vulnerable to Hacker Attack

Zonk posted more than 6 years ago | from the does-anyone-speak-l33t dept.

Security 332

palegray.net writes "An article posted yesterday on Wired.com notes that 'Boeing's new 787 Dreamliner passenger jet may have a serious security vulnerability in its onboard computer networks that could allow passengers to access the plane's control systems, according to the U.S. Federal Aviation Administration.' They're already working on solutions to the problem - including placing more physical separation between aircraft networks and implementing more robust software-based firewalls."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

332 comments

I don't get it... (5, Insightful)

Spalti (210617) | more than 6 years ago | (#21926538)

Why aren't both networks physically completely seperated from each other?

Re:I don't get it... (4, Insightful)

Brian Gordon (987471) | more than 6 years ago | (#21926594)

Why can you remotely control aircraft systems at all? There should be no network equipment to compromise in the first place!

Re:I don't get it... (5, Informative)

badasscat (563442) | more than 6 years ago | (#21926698)

Why can you remotely control aircraft systems at all? There should be no network equipment to compromise in the first place!

The 787 is fly by wire, like most new aircraft designs. It's all computer controlled, not mechanical.

My guess is this [aviationtoday.com] - the "common core system" designed by Honeywell - has something to do with the various systems being connected. This is a system designed to simplify the airplane's various systems and reduce the number of separate systems (which means fewer failure points - usually a good thing in engineering). I do believe Boeing when they say that there are built-in separations and that the two systems are not completely tied together, but obviously it wasn't enough for the FAA. So they're fixing it. Nothing really all that unusual about a new airplane design; there are always various issues that need to be addressed before first flight.

Re:I don't get it... (5, Insightful)

fartingfool (1208968) | more than 6 years ago | (#21926916)

My guess is it has to do with controlling the actual system for the passenger use. Pilots gotta have access to the No Smoking sign switch for example. So without any real technical background in how these systems work, I'd say they were simply given a switch to turn access on or off etc, and that simply meant some sort of basic connection had to be issued between the cockpit systems and passenger entertainment systems.

The FAA report doesn't say exactly what the connection is between the systems, it just says there is a connection. My guess is it's the FAA over-hyping a situation, or someone else, to try and get these birds as safe as possible. Although I would agree that the passenger system should be as isolated as possible, and if control of these systems is needed, just run separate lines that link only to that system, even if it is basically pointless if the connection I assume it is really is that simple. I guess i welcome my first post to /. too after reading it for a year or so and keepin my thoughts to myself =D

Re:I don't get it... (0)

Anonymous Coward | more than 6 years ago | (#21926976)

I guess i welcome my first post to /. too after reading it for a year or so and keepin my thoughts to myself =D

Thanks, "fartingfool". We miss you too.

-- Anonymous Cowards

Re:I don't get it... (4, Insightful)

rlk (1089) | more than 6 years ago | (#21927272)

"Not completely connected" is a very strange phrase. I could say that my laptop is "not completely connected" to the internet because there's a router between them. But either there's a connection between the two networks or there isn't. I don't know what it means to be connected at some points and not at others.

The pilots certainly do need access to some of the cabin systems, for the seatbelt sign, for example. They may also need to be able to turn the cabin network off altogether. But those switches should have no signal connection of any kind to the maintenance and monitoring/control systems. The two networks should be physically partititioned.

The way I read the article, there really are some connections between the networks (my guess is that it was simply cheaper or more convenient to link them), and the FAA's not happy with that state of affairs. I can't say I blame them.

Somehow I have a suspicion that someone will crack this sooner or later, and the TSA will react by banning use of laptops or something equally foolish, rather than addressing the more basic fact that the plane's systems have not been hardened appropriately (in this case, by being physically partitioned).

Smith's not Honeywell (1)

amightywind (691887) | more than 6 years ago | (#21926970)

My guess is this - the "common core system" designed by Honeywell

The 787 common core system is designed by Smith's Areospace [aviationtoday.com], not Honeywell. Honeywell performed so badly on the 777 program that they were relegated to the 2nd tier. I have heard that their FMS is late for the 787 as well.

Re:I don't get it... (1)

Ignis Flatus (689403) | more than 6 years ago | (#21927052)

I don't agree, running everything through the same box does not simplify things from an engineering POV, it makes things a lot more complicated. Robust design is redundant, distributed, and independent. All of your nuts in one basket is not. Maybe from a systems engineering POV it might make it easier to see everything that is going on, but you could just model that if you wanted. It would certainly make it easier to change your mind about some engineering decisions (or possibly inject multiple fuckups with one simple software update).

I'll bet you a beer they did it to reduce costs, both manufacturing, and maintenance (the airlines' biggest concern).

Re:I don't get it... (0)

Anonymous Coward | more than 6 years ago | (#21926768)

Having many controls and sensors makes it wise to multiplex instead of wiring each control and sensor individually. And since you are multiplexing it, why not just have each sensor or control use an ADC/DAC combined with something to format/unformat packets. Then put it on a network which will make it easier to develop software.

Re:I don't get it... (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21927004)

i guess you're just too fucking stupid to know what fly by wire means. just like the other slashfags you guys go around talking up technology but don't seem to know dick about it. how about shutting your motherfucking face until you get a clue instead of talking out of your ass
 
i really love you science channel people. you have no real understanding of anything unless it can be put in a 30 second sound byte. fucking fantastic.

So the military/industrial complex can pull 9/11s (0)

Anonymous Coward | more than 6 years ago | (#21927134)

Operation Northwoodses, and so on.

And it's justifiable. Think of it from the perspective of a SimCity player rather than an individual or a citizen. Morality changes with scale.

Re:So the military/industrial complex can pull 9/1 (1)

encoderer (1060616) | more than 6 years ago | (#21927276)

The most important thing about Operation Northwoods is that IT NEVER HAPPENED.

The system worked.

The fact that not only did it never happen, but that we also heard about the plan, shows GOOD, GOOD things about our country.

Re:I don't get it... (3, Interesting)

creimer (824291) | more than 6 years ago | (#21926626)

Maybe because their network designer has a civilian background instead of a military background?

Re:I don't get it... (1)

backwardMechanic (959818) | more than 6 years ago | (#21926714)

Because a civilian couldn't figure out the potential risk? Oh, apparently not. I especially liked the "There are places where the networks are not touching, and there are places where they are" comment from the spokesgimp.

Re:I don't get it... (1)

badfish99 (826052) | more than 6 years ago | (#21926808)

The need for "in-flight testing of the safeguards" sounds like fun too. Perhaps it is to see whether the firewalls still work under reduced air pressure.

Re:I don't get it... (3, Informative)

bepe86 (945139) | more than 6 years ago | (#21926838)

The reason for that is simple. Techs in the military (at least in the nation where I'm hired, are practically brainwashed into seperating every system regardless of classification, to prevent hazards like this. It's really a royal pain in the ass, especially when you have to deploy 4 or 5 parallell networks using fibre optics only to take it down in a week or two, when one network could've served it all, but it is totally understandable, and I think that a lot of civilian businesses has a lot to learn when it comes to this.

Re:I don't get it... (5, Funny)

dunezone (899268) | more than 6 years ago | (#21926628)

Exactly, who the hell thought that it would be a good idea to allow the passenger network and pilot network system to even communicate with each other.

Oh wait I got it, what if terrorist took over the cabin, but then a passenger(Justin Long) who is a master hacker controls the plane from his seat using his cell phone, and safely lands the plane but after he flipped it a few times so the terrorist would be knocked unconscious. Who has Bruckheimer's phone number I have an idea.

Re:I don't get it... (2, Funny)

urcreepyneighbor (1171755) | more than 6 years ago | (#21926746)

Oh wait I got it, what if terrorist took over the cabin, but then a passenger(Justin Long) who is a master hacker controls the plane from his seat using his cell phone, and safely lands the plane but after he flipped it a few times so the terrorist would be knocked unconscious. Who has Bruckheimer's phone number I have an idea.
Wrong, wrong, wrong! Everyone knows all the l33t ub3r h4ck3r$ use MacBooks.

Now, maybe, if the cell phone is a iPhone... It may be plausible....

Re:I don't get it... (0)

Anonymous Coward | more than 6 years ago | (#21927018)

"Who has Bruckheimer's phone number I have an idea."

I got it, its 555-...... , hmm, forgot the last part

Re:I don't get it... (2, Interesting)

jamstar7 (694492) | more than 6 years ago | (#21927042)

More like, the 12 year old kid with his pocket videogame accidently hacking the network while playing a flight sim game and doing some stunt flying with the plane. Can you say ''ooppss!'?

Re:I don't get it... (3, Informative)

Naughty Bob (1004174) | more than 6 years ago | (#21926730)

It is mandatory that the avionics are physically disconnected from other systems. The story is a consequence of the Wired writers misunderstanding the FAA's report. A comment (by 'Vorsicht') in the article's comments points this out....

Re:I don't get it... (4, Insightful)

Com2Kid (142006) | more than 6 years ago | (#21926790)

This article is FUD. I worked on the 787 avionics during my internship in summer 2006 on the exact system the article is talking about. It has been awhile so I don't know what is still under NDA and what isn't, but anyone who has taken a basic networking class and who knows how the network is setup will have no worries at all.

(stupid NDA...)

Re:I don't get it... (1)

mrbobjoe (830606) | more than 6 years ago | (#21927076)

anyone who has taken a basic networking class and who knows how the network is setup will have no worries at all
Is it any surprise then that we're worried when they won't reveal how the network is set up? Though presumably the FAA both has networking experts and full access to the specifications yet is still worried...

Re:I don't get it... (0)

Anonymous Coward | more than 6 years ago | (#21927128)

The article may be FUD, but I'm much more interested in the FAA report, which implies that the control and entertainment networks are not isolated on the 787 to the point that they suggest a cutoff switch for the pilots as a possible fix.

Re:I don't get it... (0)

Anonymous Coward | more than 6 years ago | (#21926792)

In the article, Boeing states the systems are mostly separated, with some interconnection. My guess is various tidbits of flight information, such as altitude, lat/long, air speed, and outside temperature are accessible by in-flight entertainment systems. Perhaps this is the limited interconnection Boeing speaks of.

Re:I don't get it... (4, Interesting)

pchan- (118053) | more than 6 years ago | (#21926806)

Modern cars have two or more control networks. The class-1 network controls things vital to the car operation and safety such as the anti-lock brakes, air bags, and steering. The class-2 network(s) are for things such as rolling down your windows, controlling your CD changer, and turning on your headlights. NOTHING is allowed on the class-1 net without rigorous validation. If your satellite radio module goes bad, it won't stop you from being able to safely control your vehicle. And these are just control networks, they are not allowing hundreds of users to bring in their personal computers and an Internet connection.

Reading the story, it seemed like they wanted the airplane's maintenance systems to communicate with ground crews over the Internet, as well the aircraft reporting status to the airline while in flight. Personally, I'm uncomfortable with any part of the aircraft's vital systems being on the Internet.

Re:I don't get it... (5, Funny)

Linker3000 (626634) | more than 6 years ago | (#21926958)

A simple solution would be to use Token Ring for the avionics and plain old 100BaseT for the passenger areas - and then send to Guantanamo anyone Googling 'madge' or 'wtf is 802.5'.

The only totally secure network (4, Interesting)

Iphtashu Fitz (263795) | more than 6 years ago | (#21926544)

... is one that's physically isolated. I can't think of one good reason why passengers should have any access whatsoever to command/control networks used by the airplane.

Re:The only totally secure network (1)

sabrex15 (746201) | more than 6 years ago | (#21926578)

Absolutely, especially in our time security should have been second only to the airplanes ability to fly.

Yeah, WTF!? (4, Interesting)

mobby_6kl (668092) | more than 6 years ago | (#21926688)

What kind of an idiot would put the flight control systems and the on-board entertainment/voip/net/pr0n on the same physical network? Were they trying to save weight/money by running only one cable through the plane?
I recall reading about MS stuffing their software into cars (that probably evolved into Ford's SYNC) and even there the MS crap and the engine management systems were completely separate.

Re:The only totally secure network (1)

multi io (640409) | more than 6 years ago | (#21926796)

I can't think of one good reason why passengers should have any access whatsoever to command/control networks used by the airplane.

Accessing current position/altitude/velocity/flight direction/weather information/outboard camera images from the flight entertainment system (not sure that's a "good" reason, but it's a reason...).

On the plus side, no passenger has to install flight simulator programs on his/her laptop anymore when he or she can just as well use the real thing.

Re:The only totally secure network (1)

vertinox (846076) | more than 6 years ago | (#21926840)

Air Marshalls?

But it would make more sense if the FAA could just take over the planes controls from the ground.

Re:The only totally secure network (2, Informative)

MichaelSmith (789609) | more than 6 years ago | (#21926866)

... is one that's physically isolated.

I work in ATC and I have to say it is difficult to do that in a totally thorough way. For example your flight control system might need information on the flight plans being used by the aircraft. These might be generated off line by a variety of people using different sources of information. You don't want type that stuff in again to get it into the aircraft so you might have some kind of interface for doing that. The interface will be made deliberately crude, and thus less subject to the transmission of arbitrary data, but I am sure there will be a link of sorts between the a list of flights in some managers copy of excel and a few bytes of data in the flight control system.

ATC systems are like this. They are technically air gapped but they have links to the outside world and increasingly the operators expect to be able to make use of this information. How else does information on flight movements get on to the web? They don't have people typing that stuff in.

Two seperate networks (3, Informative)

maxrate (886773) | more than 6 years ago | (#21926564)

I'm not an avionics engineer - however, even in a small hotel I service, we keep the guest network and the hotel/admin network seperate. The only common hardware is the AC power and the modem that has a /28 assigned to it.

Re:Two seperate networks (5, Interesting)

Ethanol-fueled (1125189) | more than 6 years ago | (#21926666)

Note: IAAFMAT(I am a former military avionics technician) and I ask, "why the hell did that happen?" The flight control subsystems should share only a power bus with the non-critical subsystems(if even that). My tinfoil-hat theory is that the control system was made to be hackable so that the government could take control of a hijacked aircraft to prevent another 9/11 (or to cause another 9/11, depending on your point of view).

Re:Two seperate networks (2, Insightful)

ddrichardson (869910) | more than 6 years ago | (#21927040)

I am a Military Avionics Technician and I must admit that I find this report confusing.

The only thing that is being suggested is that the passenger system could corrupt the flight systems which I find unlikely - it's chalk and cheese with regard to how these systems communicate. The only way I can see a problem is if one of the Avionic bus controllers is swamped by requests from one of the passenger systems.

I know this isn't a military design but surely the flight systems such as flight management and navigation are not on the same bus?

Disclaimer - Digital is new in my countries military ;-)

Re:Two seperate networks (2, Interesting)

canuck57 (662392) | more than 6 years ago | (#21926920)

I'm not an avionics engineer - however, even in a small hotel I service, we keep the guest network and the hotel/admin network seperate. The only common hardware is the AC power and the modem that has a /28 assigned to it.

Yes, but you are competent.

Re:Two seperate networks (1)

Spazmania (174582) | more than 6 years ago | (#21927038)

The only common hardware is the AC power and the modem that has a /28 assigned to it.

Which means that if a customer in his room hacks the modem, he has access to your admin network.

No doubt this is the problem with Boeing's system. The radio is on the safety network but there's a gateway attached to both the safety and passenger networks that rebroadcasts the radio traffic so the passengers can listen in. If devices on the passenger network can send packets to that gateway then it is a potential point of breach.

Lies! (0)

Anonymous Coward | more than 6 years ago | (#21926572)

Just more anti-American FUD spread by Airbus.

Also, Windows is better than Linux :)

Re:Lies! (0)

Anonymous Coward | more than 6 years ago | (#21926650)

I am sure we all appreciate your opinions and are happy that we all have the right to express them. Thank you for leaving that little note here for everyone to read. I would have to concur, Windows is much better than linux in a many ways. Exploits, instability, needless complexity, and many other factors certainly put Windows in a category all it's own. Have a nice day!

Wow, this is scary (1, Insightful)

Anonymous Coward | more than 6 years ago | (#21926582)

There are dozens of landing patterns in America where a couple hundred feet to the right or left and you have another 9/11. I sure hope they get this fixed before this thing flies anywhere.

Priorities? (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21926754)

Niggers have been scary for 400 years, yet we as Americans haven't fully dealt with that problem yet.

Statistically speaking, it's easy to see what the more urgent problem is.

Re:Wow, this is scary (0, Flamebait)

VENONA (902751) | more than 6 years ago | (#21926844)

Dozens of landing patterns where airliners fly below the vertical height, and within 200 horizontal feet of a skyscraper? Riiiight.

Re:Wow, this is scary (3, Insightful)

ddrichardson (869910) | more than 6 years ago | (#21927062)

If that worries you, then I look into Airbus - at least Boeing beleives the pilot should always have the last say, not the computer [ncl.ac.uk]

WHAT?!? (2, Interesting)

koh (124962) | more than 6 years ago | (#21926642)

Nowadays you cannot get on a plane carrying any kind of gel or liquid. Hell, you there are places where you can't even get on board with a lighter. However, I've always been able to travel with my laptop (don't want "luggage management" to break it), provided that I prove it's a real laptop (i.e. turn it on).

And now this? What does that mean? I won't be able to board a plane with my laptop again, that's what that means. And who can I blame? The frightened Homeland Security officers who try to no end to sanitize flights with the Stupid Fear Of The Month, of the inept engineers who let that security flaw slip into production on a flying aircraft?

And where's my flying car?

Re:WHAT?!? (2, Informative)

dwater (72834) | more than 6 years ago | (#21926860)

Nowadays you cannot get on a plane carrying any kind of gel or liquid.
Not correct (unless things have changed in the past week). There are restrictions, but you can carry them on. From memory, liquids/gels have to be in containers of less than 100ml, and be placed in a clear plastic bag (I forget the volume of the bag, but they're not big and give them out at the security check point).

Re:WHAT?!? (1)

Daimanta (1140543) | more than 6 years ago | (#21927296)

And where's my flying car?
It was going to be delivered to you today, but someone hacked it and now it's gone :(

Where your flying car is... (2, Funny)

ImaLamer (260199) | more than 6 years ago | (#21927328)

As described on a Seinfeld episode:


GEORGE: When are they gonna have the flying cars, already?
JERRY: Yeah, they have been promising that for a while..
GEORGE: Years. When we were kids, they made it seem like it was right around the corner.
JERRY: I think Ed Begley Jr. has one.
GEORGE: No. That's just electric.
JERRY: What about Harrison Ford? He had one in, uh, Blade Runner. That was a cool one.
GEORGE: (Sarcastic) What's the competition, Chitty Chitty Bang Bang?
JERRY: Well, what do you think the big holdup is?
GEORGE: The government is very touchy about us being in the air. Let us run around on the ground as much as we want. Anything in the air is a big production.
JERRY: Yeah, right. And what about the floating cities?
GEORGE: And the underwater bubble cities?
JERRY: It's like we're living in the '50s here!

Were Al Kayeda and Terry Wrist ... (0)

Anonymous Coward | more than 6 years ago | (#21926644)

on the design team?

Madness (2, Insightful)

UESMark (678941) | more than 6 years ago | (#21926652)

This is pretty much the exact type of situation they invented red/black networks for. I can't imagine how any design for a passenger accessible network wouldn't use completely segregated networks for a)passenger use, b)flight logistics and maintenance, and c)actual flight control operations. And given the giant nightmarish spiderweb that aircraft wiring harnesses tend to be I'm guessing it will be a non-trivial task to implement it now, even ignoring the software and systems redesigns that would be required.

who cares? (4, Insightful)

f1055man (951955) | more than 6 years ago | (#21926702)

There are a few million easier ways to bring down an aircraft (or kill thousands and cause panic if that's your thing). Yes this is idiocy in engineering, but considering all the other threats I don't think it's way up the list. Ultimately, we aren't dead yet because there just aren't that many intelligent people that want to kill us, cause it just isn't that hard to pull off.

Madness, and probably a violation of safety regs (3, Insightful)

Protonk (599901) | more than 6 years ago | (#21926734)

I am not an avionics engineer, but I worked with electrical and electronic systems on nuclear power plants, and we had a pretty strict segregation between different types of systems--and with 0 connection between a critical system (power sensing, for example) and a non-critical system (Some water level management). That's not even COUNTING peripheral systems (computers on the local netowrk for email/ppt/xls).

My thought is that some asshole at boeing decided to save some money on cable runs and ginned up an explanation of how software segregation would serve as an adequate barrier between flight critical systems and passenger systems. They never learn.

Re:Madness, and probably a violation of safety reg (2, Insightful)

ddrichardson (869910) | more than 6 years ago | (#21927080)

My thought is that some asshole at boeing decided to save some money on cable runs

While I completely agree, designers are always under pressure to reduce the amount of wiring looms - they add a surptising amount of weight thereby decreasing fuel economy.

Re:Madness, and probably a violation of safety reg (2, Insightful)

Protonk (599901) | more than 6 years ago | (#21927138)

Right. I also posted a link later that showed that I was overestimating the seperation required between critical systems and non-critical systems and among critical systems. That being said, I don't feel that most of the decisions to skimp on safety measures are taken by engineers, they are taken by management over the protests of engineers. In my experience, engineers tend to overdo it. :)

Re:Madness, and probably a violation of safety reg (1)

ddrichardson (869910) | more than 6 years ago | (#21927254)

That's true to a degree, but the aviation industry is not like any other - right from day one of training , integrity is drummed into you. The vast majority of engineers I work with, myself included would never shut up about something we perceived as dangerous.

Fortunately the law and the huge number of regulations, combined with anonymous reporting systems make it difficult to keep this sort of thing quiet.

Of course I'm not saying it doesn't happen - just that it's not as easy as in other industries, especially given the industries proclivity for managers ahving been technicians.

Doesn't say how the networks are connected.... (2, Insightful)

poor_boi (548340) | more than 6 years ago | (#21926748)

The article doesn't specify how the networks are connected. It could be something fairly innocuous like sharing the same power source. I seriously doubt they put the passenger internet access on the same packet-switched network as flight control. But who knows...

Re:Doesn't say how the networks are connected.... (1)

MichaelSmith (789609) | more than 6 years ago | (#21927064)

I seriously doubt they put the passenger internet access on the same packet-switched network as flight control.

One thing which might happen is that they will have (say) five networks for carrying their critical data. They design them to be independent, run them along different paths etc. Then they say you know, there is this other network which is used to carry the sat phones or something, wouldn't it be good if we could use that as a kind of ultimate fallback? So then you have a dependency on a network which is used for something else. Not really an important dependency because you don't intend to rely on it. But a dependency none the less.

Re:Doesn't say how the networks are connected.... (1)

ddrichardson (869910) | more than 6 years ago | (#21927166)

It could be something fairly innocuous like sharing the same power source.

Inevitably - most aircraft utilise the same power supplies connected to at least two power bars - one for essential systems and one for non-essential, in the event of a loss in power the second bus bar is dropped offline.

Unless Boeing is doing something significantly different to everyone else, packet switching is unlikely in the avionics anyway. Avionics are no where near the power hungry systems used for internet access, Boeing's military aircraft are running in sub 10MHz clock speeds.

Like I said somewhere else here, I think the scenario is that the passenger systems could potentially swamp one of the bus controllers, however unless they have changed designs again then different vital systems are on different buses. Losing navigation is bad news, but losing instruments as well is possibly endex.

Someone should get fired for this (3, Insightful)

Aaron Isotton (958761) | more than 6 years ago | (#21926750)

If what TFA claims is really true, i.e. that the passenger network is physically connected to the control and navigation system, then someone should get fired for this.

The control and navigation system of an airplane is one of the most critical networks possible; the lives of hundreds of passengers (and potentially of thousands of people on the ground) depend on its correct functioning. There are not many more critical networks than that, except maybe control systems for weapons, nuclear plants and some factory control systems.

Even the worst sysadmin out there knows that you do not physically connect such a highly sensitive, highly critical network to something crappy like the in-flight passenger entertainment network.

Why should the two networks should be connected at all? To tell the passengers the current speed of the plane?

The XBox was hacked. The playstation was hacked. DVDs were hacked. HD-DVD was hacked. Pretty much anything out there was hacked if someone had an interest in it (and mostly the interest wasn't commercial, just "for fun"). Even if they do aren't "completely connected" as Boeing claims, the danger of it being hacked is very real. On one hand you are not allowed to use your mobile phone on a plane, and on the other you can play with a network which is attached to the navigation and control system? Come on.

Re:Someone should get fired for this (1)

BlueParrot (965239) | more than 6 years ago | (#21926930)

There are not many more critical networks than that, except maybe control systems for weapons, nuclear plants and some factory control systems.


Actually you can scratch nuclear plants off that list. While it is perhaps possible to imagine compromised software to result in damage to a nuclear plant ( and even that is a stretch since operators could still shut it down by cutting the power to electromagnetically suspended controll rods ), it is extremely unlikely to result in harm to humans, since even a meltdown is unlikely to release radioactivity on its own.

In contrast controll system faults can and has in the past downed airliners, and when these things go down it could easily kill hundreds of people at the very least.

Re:Someone should get fired for this (1)

nonsequitor (893813) | more than 6 years ago | (#21926932)

The equipment in question, the Electronic Flight Bag, was designed for the 777, which had no passenger network and not created with security in mind.

What's worse... (1)

Roger W Moore (538166) | more than 6 years ago | (#21927126)

Pretty much anything out there was hacked if someone had an interest in it (and mostly the interest wasn't commercial, just "for fun").

What is worse is that after 7+ hours on a transatlantic flight just about anything will look interesting.

Re:Someone should get fired for this (1)

VENONA (902751) | more than 6 years ago | (#21927306)

"If what TFA claims is really true, i.e. that the passenger network is physically connected to the control and navigation system, then someone should get fired for this."

If you meant that in an 'out of a cannon' sense, then I'd agree. But there's a weakness at the FAA as well. I checked the FAA doc linked from TFA (the cryptome.org mirror, actually), and found this:

"Because of this new passenger connectivity, the proposed
data network design and integration may result in security
vulnerabilities from intentional or unintentional corruption of data
and systems critical to the safety and maintenance of the airplane. The
existing regulations and guidance material did not anticipate this type
of system architecture or electronic access to aircraft systems that
provide flight critical functions. Furthermore, 14 CFR regulations and
current system safety assessment policy and techniques do not address
potential security vulnerabilities that could be caused by unauthorized
access to aircraft data buses and servers. Therefore, special
conditions are imposed to ensure that security, integrity, and
availability of the aircraft systems and data networks are not
compromised by certain wired or wireless electronic connections between
airplane data buses and networks."

I'd *like* to be stunned and amazed at multiple levels of problems. Unfortunately, I'm not. People never learn. Take a random walk through most large cube farms, and I'd bet you'll find at least one password on a Post-It note.

The best firewall (1)

Pig Hogger (10379) | more than 6 years ago | (#21926776)

The best hardware firewall is air. Air between the electrical conductors of each network.

Re:The best firewall (0)

Anonymous Coward | more than 6 years ago | (#21926964)

It is also a great contraceptive. And though readily available, seldom used.

Re:The best firewall (1)

ddrichardson (869910) | more than 6 years ago | (#21927192)

I see what you mean, but that's not always enough. Many years ago we experienced problems with the Bell 212's picking up external radio signals through the looms because of the way everything is interconnected.

Pilots access to Internet (4, Funny)

alegrepublic (83799) | more than 6 years ago | (#21926782)

My guess is that the navigation and control network is connected to the Internet for one of the following reasons:
  • If the plane deviates from the flight plan, access to Google Maps may become handy to plan a new route
  • While on autopilot, access to certain web sites may provide some entertainment to the captain, who usually is a lonely man
  • Given the bad quality of many onboard speakers, announcements from the cockpit can be emailed or IM'ed to passengers
  • Hacker intrusion may be a better excuse than malfunctioning engine as the reason for a plane crash
  • No more planes grounded due to lack of pilot operating manual, as it could be easily downloaded from the Internet
I am sure there are many other good reasons to connect the navigation network to the Internet, so this list is not exhaustive.

Re:Pilots access to Internet (1)

bigstrat2003 (1058574) | more than 6 years ago | (#21927016)

All of those but the second-last one are very simply dealt with. If they really want to give the pilots access to the Internet, fine, they just give them a terminal separate from all the navigation and controls which is on a different physical network. The reasons you listed for having an Internet connection available are good, but they don't require connecting the navigation and control network to the Internet.

Why Networks (1)

coyote4til7 (189857) | more than 6 years ago | (#21926798)

Most aircraft haven't been controlled by cables in a long long time. Between weight, undependability and cost, hydraulic-assisted cable operated controls were replaced by (to pull a term out ancient history) fly by wire a long time ago. The problem isn't that they use wire to route control signals through the plane. The problem is that the two arn't properly isolated.

Aviation software (4, Informative)

shawkin (165588) | more than 6 years ago | (#21926804)

The flight control and avionics networks as well as the hardware are separate from the passenger network.
The concern is that a separate network of maintenance and some limited flight information data share the same up/down links as the passenger network. The FAA notice is to demonstrate to the FAA that there can be no interference between the maintenance and flight information data and the passenger network.
Even if the maintenance and flight information data were compromised, at worst this would mean that the operating history of the aircraft is not accurate. This is a big deal but not something that will lead to in flight failure.
An additional requirement of the FAA notice is to prohibit future passenger services without testing for interference and security.

Source on Partition Requirements (1)

Protonk (599901) | more than 6 years ago | (#21926834)

This [faa.gov][PDF] seems to be a document developed in order to address software/hardware partition requirements AMONG flight critical components. It is interesting to see how much is able to be shared, even on a single processor.

[[WARNING!!! PDF!!]] :)

Re:Source on Partition Requirements (1)

nonsequitor (893813) | more than 6 years ago | (#21926884)

The summary is misleading, I believe the equipment in question is not safety critical but does involve the navigation system. It would be DO-178B level C and/or E, and following ARINC 659(?) guidelines for a partitioned operating system.

Re:Source on Partition Requirements (1)

Protonk (599901) | more than 6 years ago | (#21926954)

You're the boss, boss. I really know nothing about the classification systems/nomenclature for avionics.

Re:Source on Partition Requirements (1)

nonsequitor (893813) | more than 6 years ago | (#21927102)

I saw this on Slashdot and thought, "HEY, I think I worked on that!" Wow, that company was a trip, and all those numbers get mixed up in my head. It was either an RTCA created spec like the DO-178B software development guidelines for process quality, which is lengthy and can be extensively audited for compliance. Or one of the ARINC ones.

The Equipment in Question (3, Informative)

nonsequitor (893813) | more than 6 years ago | (#21926836)

http://www.astronautics.com/new/PIDDemo/Piddemo.html [astronautics.com]

With 2 of those in the cockpit, one for pilot, one for copilot, each running 2 Operating Systems Linux/Windows, and all networked together since each box has 6 network interfaces on it. The thing would be a field day for hackers. While they were designing it a bunch of the consultants helping with the coding were ranting about possible security, but were ignored.

I can't go into specifics because of my NDA, but considering it was 4 years ago I worked on it, I doubt that is still in force. Though I believe I can say I worked on it, and that information is all publicly available.

According to the article... (0)

Anonymous Coward | more than 6 years ago | (#21926868)

"There are places where the networks are not touching, and there are places where they are," she said.

Translation: The networks are touching.

How cute.

Incredible. (1)

Wilson_6500 (896824) | more than 6 years ago | (#21926880)

I used to think this was the kind of thing that could only happen in crappy tech-horror movies like that new "Untraceable" flick. I'm going to get a smarmy "told you so" call from my cousin if she hears about this--I'd told her that no (automobile) control system in the real world would be reachable through standard networking protocols.

Re:Incredible. (1)

david_thornley (598059) | more than 6 years ago | (#21927238)

I just saw a trailer for "Untraceable". What really bothered me was the voice-over saying that the things in there were really possible.

I'm willing to go along with a lot for the sake of a story, such as believing in the Tron de-rezzing machine, or that any hacker in the world looks like Sandra Bullock.

Just don't go scare-mongering like that, or I'll have to sic my velociraptors on you.

It's not UNSAFE it's uncompliant to CFR 14 regs (5, Informative)

gelfling (6534) | more than 6 years ago | (#21926994)

Did you READ the report? I did. It doesn't say anything is unsafe. What it says is there are unique architectures in the systems that put them at odds with CFR 14 regulations compliance whether they present an actual or potential danger or not. Furthermore there's a comment in the report which states that Airbus objects to the regulatory findings on the basis that the 'standard' is too high level to offer any concrete value for implementation or compliance.

Like any other IT security audit - compliance doesn't mean security it means compliance. And in the cases where there are deviations from the standard, the system has to be able to speak to that deviation and address it or contest it.

Re:It's not UNSAFE it's uncompliant to CFR 14 regs (1)

hyades1 (1149581) | more than 6 years ago | (#21927140)

When systems are speaking to deviations, but software engineers apparently aren't speaking to regulators, I think there's some cause for concern.

Doesn't this make Boeing sound stupid? (2, Interesting)

Anonymous Coward | more than 6 years ago | (#21927092)

Is it just me, or does this make Boeing (or at least this spokeswoman in the article) sound like a real grade A moron?

          The choice quotes to me were the article's quote that the solution involves some separation of networks, known as 'air gaps', and software firewalls. And the choice quote straight from the spokewoman from Boeing: "There are places where the networks are not touching, and there are places where they are".

          OK, so what, having the networks only connected at some points should reassure me somehow? It only takes a single interconnection to have these logically be a single network as far as hacking into it is concerned. I'm also DEEPLY troubled by the statement about using a software firewall. (Any firewall is really some box running software; the term "software firewall" typically implies a windows box running software.. which would be deeply troubling.) It is also troubling to me that they are even willing to imply that adding air gaps at *SOME* points amounts to anything. Sorry, saying a network has an air gap means that it is NOT connected to insecure networks.. not that it's connected at fewer points. (Although, I suppose they cold be confusing things, adding air gaps in the electrical sense, so an etherkiller on the entertainment network doesn't blow out the control network.)

Good to know the 787 may not be vulnerable! (0)

Anonymous Coward | more than 6 years ago | (#21927122)


Great news that the 787 may not be vulnerable to hacking!

Hi There ... (3, Funny)

IchBinEinPenguin (589252) | more than 6 years ago | (#21927236)

... It looks like you're trying to take over the flight controls ...

Or, for a more unix-y flavour...

# cat /dev/random > /dev/aileron

"Hackable" with an Ethernet patch cord? (1)

quazee (816569) | more than 6 years ago | (#21927318)

You don't even need a security hole, see:

1. Get on a plane
2. Find two unused Ethernet ports
3. Connect them with a cable, forming a loop
4. The flight control box, running Vista, cannot cope with the traffic due to 10000 packets/second limit
</sarcasm>

With the mac guy hacking (0)

Anonymous Coward | more than 6 years ago | (#21927406)

Die Hard 5 plot. CONFIRMED!
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...