But if the connection is bidirectional all an attacker needs to do is to gain access to the 'bridge' component between the networks. Beware that that remote code injection schemes exist even on systems that are thought of as being immune to this, such as Harvard archiecture systems.

I think the only way to keep planes safe is to have no such bridges at all, or to have flight control and monitorig systems that are at most unidirectionally connected to ACARS type systems on the physical level.