I have no expertise here except in computing but it does strike me that the aspect which would be interesting is how software updates are managed and uploaded. e.g. I have read that the Typhoon uses FPGAs as part of flight control. I can see how it would be tempting to treat software like any other component and manage it from a logistics system, so this means that an attack might e.g. compromise the program for an FPGA associated with the flight control system.
It would be a silly way to attack since it would be discovered after a crash or two and then the usefulness would be at an end. It would obviously be better to introduce more subtle and random problems or even to simply get information about location and availability and not do anything at all.
How feasible? It's almost impossible to defend anything that is widely accessible - not 'forever' and not against 'everyone'. I saw a great lecture the other day about how passwords and cryptography are rarely attacked because there are so many ways around them that are easier. It's a bit like having a very fancy door and the thief enters by taking a couple of tiles off the roof or bribing the cleaner. To a certain extent it's a matter of how persistent and determined the thief is and whether you are the easiest target.
The degree of accessibility (how much of the system is directly or indirectly connected to one person) is the degree to which you have to assume things can go wrong. If they aren't testing it against attack as part of the development process then I assume it is full of holes because my general experience is that whatever isn't tested is definitely broken.
I'm not a security expert, but I am utterly cynical about software security because it's so complicated and difficult that I have never been in a software company that really truly took it seriously (apart from a lot of bull****ting) because if you got super-ultra serious you'd be using an abacus in a locked room underneath a mountain or something like that.