PJ2
Route changes require manual executions using the FMS keyboard interface; no autoflight system changes altitude without manual input by the flight crew; speed changes are an autothrust function but inputs are reasonableness-checked by the FMS.
If I have exploit code inside the Common Core System, then I put the characters I want into the FMS keyboard buffer storage area in the CCS followed by a return and it executes just as if the crew had entered it. Nothing would appear on the CDU. The slide he shows also indicates that the display outputs come via the CCS - so the displays could be made to show something entirely different to what the aircraft is actually doing. A hacker could reallocate all the crew accessible keys in the translate tables so that the crew would be unable to use the CDU or perhaps even on/off switches if they are actually 'software configured'.