Originally Posted by deptrai
Many components are networked, but the networking protocols used for critical systems are very different from anything else. Eg there is no "dynamic" addressing or routing, unlike ethernet there is no ARP, no DHCP, because every single component is known. Messages are strictly filtered and prioritized to ensure enough bandwidth for critical applications. Even if you were "on the same wire"...you'd have a very hard time. If you wanted to interfere, I'd say you would need physical access to some components, and re-flash the firmware. You can't do that from a passenger seat. Also the real-time operating systems used are not something many are familiar with. It would take a huge effort.
You mean, as different as CAN bus from ethernet? That didn't help that Jeep. Aircraft might have slightly better security, but I doubt it - traditionally, reliability took a much higher priority than security.
The issue I see is that an attacker only needs to crack into one device that is connected to both the "public" and the critical networks. When he gets that far, he can spoof messages on the critical network and all bets are off.
Re-flashing the firmware isn't needed, the attacker just needs to modify the image that runs in memory at that very moment. Experience with RT-OS is also just "security by obscurity", which has been shown not to work in the long run.
Some data flows from aircraft system to IFE, but it's one way.
I really hope someone made sure that it is one-way physically (e.g. by leaving out the wires required for the other direction). I know there are devices that do this for ethernet.