Cyber Security
Cunning Artificer
Thread Starter
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
Cyber Security
Cyber Security was on the agenda at something called the "2015 Global Connected Aircraft Summit"
I - and many other avionics engineers practising in Continuing Airworthiness Management - are concerned by the rush to add Internet connectivity to commercial operations. In flight entertainment has until recently, never shared the aircraft data distribution networks. These systems operated in splendid isolation - sometimes not very well. Now we are beginning to see public internet data mingling with flight critical data in on-board distribution systems. Can no-one see the problem with that?
Especially since it isn't necessary for the safe operation of the aircraft. If an internet connection is to be added to an aircraft, a proper physical firewall between that network and the operational communications network is essential - internet communication must be through a completely separate transceiver and on-board data distribution system.
Then there is Controller-Pilot Datalink or CPDLC, designed to reduce pilot-ATC work loads and improve separation. This is fine in theory and the way it is intended to operate, but in practice it allows automatic ATC data transmission directly into the Flight Management Computers. Can the ground based ATC networks be kept secure ? Given that there are people out there with malicious intentions, who the hell thought linking insecure ground networks to automatic flight systems was a good idea?
The whole idea of placing airborne cyber security in the hands of IT security organizations is foolhardy. They can't keep our bank accounts or medical records secure so why we would expect them to keep our flight operations safe is a mystery. The integrity of avionics systems must be kept out of the hands of people who have little or no understanding of how avioncs systems work.
I - and many other avionics engineers practising in Continuing Airworthiness Management - are concerned by the rush to add Internet connectivity to commercial operations. In flight entertainment has until recently, never shared the aircraft data distribution networks. These systems operated in splendid isolation - sometimes not very well. Now we are beginning to see public internet data mingling with flight critical data in on-board distribution systems. Can no-one see the problem with that?
Especially since it isn't necessary for the safe operation of the aircraft. If an internet connection is to be added to an aircraft, a proper physical firewall between that network and the operational communications network is essential - internet communication must be through a completely separate transceiver and on-board data distribution system.
Then there is Controller-Pilot Datalink or CPDLC, designed to reduce pilot-ATC work loads and improve separation. This is fine in theory and the way it is intended to operate, but in practice it allows automatic ATC data transmission directly into the Flight Management Computers. Can the ground based ATC networks be kept secure ? Given that there are people out there with malicious intentions, who the hell thought linking insecure ground networks to automatic flight systems was a good idea?
The whole idea of placing airborne cyber security in the hands of IT security organizations is foolhardy. They can't keep our bank accounts or medical records secure so why we would expect them to keep our flight operations safe is a mystery. The integrity of avionics systems must be kept out of the hands of people who have little or no understanding of how avioncs systems work.
Do a Hover - it avoids G
Join Date: Oct 1999
Location: Chichester West Sussex UK
Age: 91
Posts: 2,206
Likes: 0
Received 0 Likes
on
0 Posts
I have no relevant expertise but you seem to make a good common sense case.
Do you feel the certification agencies agree with you? They must be the backstop surely?
Do you feel the certification agencies agree with you? They must be the backstop surely?
Cunning Artificer
Thread Starter
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
They must indeed be the backstop, John: but the FAA, EASA, CDTO, CASA etc. were conspicuous by their absence at that "Summit" meeting. I don't feel the authorities either agree or disagree with me. They simply haven't taken notice yet.
Do the authorities know?
I can assure you the authorities have taken notice of network security on transport category airplanes and that the issue has been addressed during aircraft certification. Keeping up technologically is a challenge, though, no doubt, and can make no claims that a "water-proof" solution has been established.
I am equally concerned that the horse is, or soon will be, out the barn, but not that the issue is getting no attention. My personal belief is that Wifi, internet and bluetooth connectivity has NO place on the flight deck with aircraft systems associated with operating the airplane. Mere "separation", encryption and password security is inadequate. The potential for disastrous interference, whether intentional or not, is too dire. Desktop cyber security is not sufficient for aviation application - and as the current news will tell you, just about anything related to data and communications, whether corporate or government is subject to malicious action.
I am equally concerned that the horse is, or soon will be, out the barn, but not that the issue is getting no attention. My personal belief is that Wifi, internet and bluetooth connectivity has NO place on the flight deck with aircraft systems associated with operating the airplane. Mere "separation", encryption and password security is inadequate. The potential for disastrous interference, whether intentional or not, is too dire. Desktop cyber security is not sufficient for aviation application - and as the current news will tell you, just about anything related to data and communications, whether corporate or government is subject to malicious action.
Join Date: Sep 2007
Location: New York
Posts: 225
Likes: 0
Received 0 Likes
on
0 Posts
Hacks
The problem is actually more profound and deeper. Clearly; separating Flight Critical and IFE systems is required, but even with an airgap there is still a substantial attack vector. Nav Databases, FMC Software loads et al are delivered on media that can be compromised. The good news; because aircraft computer systems don't run commercial, off the shelf software, and are written & compiled in very low level real time code there's a very limited skillset at risk. I wouldn't be at all surprised if the Performance Management laptops on the FD are infected with some form of malware already; but it can't affect the Aircraft Systems. Bad guys have much easier ways to cause mischief than messing around with this stuff; but regulators & operators should be cognizant of the potential risks.
Join Date: Jul 2001
Location: East of West and North of South
Posts: 549
Likes: 0
Received 0 Likes
on
0 Posts
Didn't you see "Die Hard 3"?
The bad guys can already just hack into the airport systems, lower the glide slope and cause approaching planes to crash!!
Scaremongering! So a passenger hacks the IFE and doesn't pay for his movie - who cares...
The bad guys can already just hack into the airport systems, lower the glide slope and cause approaching planes to crash!!
Scaremongering! So a passenger hacks the IFE and doesn't pay for his movie - who cares...
Cunning Artificer
Thread Starter
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
LOT cyber attack grounds 1,400 passengers at warsaw airport.
Not flight critical systems, but note the words of LOT spokesperson Adrian Kubicki:
"...there is not much airlines can do to protect them from cyber attacks. He said cyber attacks are becoming an “industry-wide problem with a much wider scale,” which needs to be addressed".
Who cares, cosmo? Well, I'm not scare-mongering as you put it. As a person who is professionally involved in the integration of commercial entertainment into aircraft cabins I am aware that the latest Wi-Fi systems being offered to airlines, share circuits with flight critical systems - and I don't believe that is acceptable.
Not flight critical systems, but note the words of LOT spokesperson Adrian Kubicki:
"...there is not much airlines can do to protect them from cyber attacks. He said cyber attacks are becoming an “industry-wide problem with a much wider scale,” which needs to be addressed".
Who cares, cosmo? Well, I'm not scare-mongering as you put it. As a person who is professionally involved in the integration of commercial entertainment into aircraft cabins I am aware that the latest Wi-Fi systems being offered to airlines, share circuits with flight critical systems - and I don't believe that is acceptable.
Join Date: Aug 2005
Location: fairly close to the colonial capitol
Age: 55
Posts: 1,693
Likes: 0
Received 0 Likes
on
0 Posts
Imagine an enemy that is aiming for your inner sanctum. Now imagine a team of sharpshooters with eyes on your perimeter taking out the bad guys one by one. This is how a software solution (firewall) works.
Now imagine the same scenario with a 100 foot wall and ceiling of reinforced missile resistant concrete. This is the physical protection of a separate network/hardware solution.
Software is fallible, ie, imperfect and unable despite our best efforts to cover every possibility out here in the real/analog world. Properly designed hardware, while not 100% perfect, supersedes any and all software solutions in nearly every situation.
As explained to me by a top level cyber security person.
Now imagine the same scenario with a 100 foot wall and ceiling of reinforced missile resistant concrete. This is the physical protection of a separate network/hardware solution.
Software is fallible, ie, imperfect and unable despite our best efforts to cover every possibility out here in the real/analog world. Properly designed hardware, while not 100% perfect, supersedes any and all software solutions in nearly every situation.
As explained to me by a top level cyber security person.
Join Date: Jun 2015
Location: Middle East
Posts: 8
Likes: 0
Received 0 Likes
on
0 Posts
FAA just issued a draft of Advisory Circular (AC) 119-ANSP addressing this very issue:
https://www.faa.gov/aircraft/draft_d...Coord_Copy.pdf
https://www.faa.gov/aircraft/draft_d...Coord_Copy.pdf
Cunning Artificer
Thread Starter
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
I know, but...
1. It is already too late. Aircraft with TCP/IP protocol systems are already flying and
2. It does not specifically address a requirement for physical separation of flight critical systems (Flight Management, ADS-B and similar data communications networks etc.) from external sources that could compromise their operation.
It even mentions coordinating avionics engineering and a company's IT departments. They obviously have little grasp of reality: IT people have no understanding of the concept of airworthiness. Just look at the farce that was installation of Class 1 and 2 Electronic Flight Bags...
1. It is already too late. Aircraft with TCP/IP protocol systems are already flying and
2. It does not specifically address a requirement for physical separation of flight critical systems (Flight Management, ADS-B and similar data communications networks etc.) from external sources that could compromise their operation.
It even mentions coordinating avionics engineering and a company's IT departments. They obviously have little grasp of reality: IT people have no understanding of the concept of airworthiness. Just look at the farce that was installation of Class 1 and 2 Electronic Flight Bags...
