In-Flight Airplane hacked - from the ground
Being hacked from the ground while in flight. That is what the thread is about isnt it?
Join Date: Jul 2007
Location: Germany
Posts: 1
Likes: 0
Received 0 Likes
on
0 Posts
Are the networks hardware federated or do they share the same cabling?
Join Date: Dec 2001
Location: England
Posts: 1,389
Likes: 0
Received 0 Likes
on
0 Posts
What are these wicked hackers alleged to be planning? My airliner has a red "OFF" button on the automatics and two individuals with a honed sense of self-preservation to press it if we ever started heading off somewhere we don't want to go.
Join Date: Jun 2002
Location: Wor Yerm
Age: 68
Posts: 4
Likes: 0
Received 0 Likes
on
0 Posts
Hacking into my aircraft will be extremely difficult. Even those who physically wired to the aircraft with appropriate permissions find it difficult to perform updates. And judging by the bugs in our current version of software, I reckon not even the flight control software writer has a clue what’s under the bonnet. So how will a hacker get in? I’m not saying never, but I think this story has been over-hyped. Maybe someone is writing a book or trying to publish a paper?
PM
PM
It would be more relevant to ask how will hackers be kept out.
Join Date: Jul 2007
Location: Germany
Posts: 1
Likes: 0
Received 0 Likes
on
0 Posts
Fortunately, I dont think anyone is advocating the Flight Control Bus being shared with the in flight entertainment. On the Boeing, I understand the system is completely federated.
This link is an interesting read into the art of the possible and why its really important to have decent protections in place for anything accessing safety critical data buses. Once in, its not that hard to emulate a controller.v
Last edited by VinRouge; 21st Jun 2018 at 17:33.
Join Date: Jul 2007
Location: Sweden
Posts: 23
Likes: 0
Received 0 Likes
on
0 Posts
Next time the "hacker alarm" goes off - a full scientific report should be published that could answer a couple of questions and put the sensationalism aside:
1. Is it possible to "hack" flight control systems and autopilots etc systems from the ground over one of the available datalinks?
If the answer is "yes":
What datalink?
What equipment do I need?
Do I need to "hack" some other facility first (such as a maintenance facility and then hack the aircraft from there)?
2. If we assume that I am able to "hack" the aircraft, the next series of questions come up:
Which systems can I enter?
What can I do with them?
What happens to my "hacking" if the pilot pull the circuit breakers (for example if I start to change different settings on the autoflight system such as changing heading on the A/P, reducing speed on the A/THR etc)?
3. If the "ground-to-air hacking" isn't possible and the argument start to revolve around "hacking" from the cabin comes the next set of questions:
Through which system do I gain access?
Do I need to do something in the avionics bay (such go through the maintenance terminals/connections)?
What equipment do I need to bring onboard to do the "hacking"?
What happens to my "hacking" if the pilot pull the circuit breakers?
If anyone can provide a link to a proper scientific report that can provide answers to those questions and also deal with the most important one - namely the possible consequence (i.e. if "hacking" can make an aircraft uncontrollable) I think the thread could become more useful.
If I am sitting in the cabin "hacking away" like there's no tomorrow and the pilot decide to power down the cabin bus - would I still be able to do my thing when the IFE and WiFi etc goes down?
A "hack" that is unable to survive "pull circuit breaker 2-A" isn't a particular threat, is it?
Same thing if I would "hack" the A/THR and the pilot disconnect it when I decide to throttle back to idle... Annoying perhaps but it's a matter of disconnecting it and then set the thrust manually and later give it another go (engaging it again).
It is first when the hacker can take full control of the aircraft AND the hack are able to survive circuit breaker resets and power downs of different buses that we can talk about a serious threat.
Same thing with "managed to hack A/P 1" - OK, A/P 1 disconnected, A/P 2 and 3 connected. Problem solved.
Hacks that require different modifications of the aircraft (i.e. software replacements and the installation of extra equipment) isn't exactly like the sensationalism of "Someone claimed that he were able to reduce thrust on the engines by hacking the aircraft through the IFE system".
There should be practical demonstrations and proper scientific reports about "hacking the aircraft" if it is to be treated as a serious threat. "It is theoretically possible to hack..." doesn't feel to convincing, does it?
1. Is it possible to "hack" flight control systems and autopilots etc systems from the ground over one of the available datalinks?
If the answer is "yes":
What datalink?
What equipment do I need?
Do I need to "hack" some other facility first (such as a maintenance facility and then hack the aircraft from there)?
2. If we assume that I am able to "hack" the aircraft, the next series of questions come up:
Which systems can I enter?
What can I do with them?
What happens to my "hacking" if the pilot pull the circuit breakers (for example if I start to change different settings on the autoflight system such as changing heading on the A/P, reducing speed on the A/THR etc)?
3. If the "ground-to-air hacking" isn't possible and the argument start to revolve around "hacking" from the cabin comes the next set of questions:
Through which system do I gain access?
Do I need to do something in the avionics bay (such go through the maintenance terminals/connections)?
What equipment do I need to bring onboard to do the "hacking"?
What happens to my "hacking" if the pilot pull the circuit breakers?
If anyone can provide a link to a proper scientific report that can provide answers to those questions and also deal with the most important one - namely the possible consequence (i.e. if "hacking" can make an aircraft uncontrollable) I think the thread could become more useful.
If I am sitting in the cabin "hacking away" like there's no tomorrow and the pilot decide to power down the cabin bus - would I still be able to do my thing when the IFE and WiFi etc goes down?
A "hack" that is unable to survive "pull circuit breaker 2-A" isn't a particular threat, is it?
Same thing if I would "hack" the A/THR and the pilot disconnect it when I decide to throttle back to idle... Annoying perhaps but it's a matter of disconnecting it and then set the thrust manually and later give it another go (engaging it again).
It is first when the hacker can take full control of the aircraft AND the hack are able to survive circuit breaker resets and power downs of different buses that we can talk about a serious threat.
Same thing with "managed to hack A/P 1" - OK, A/P 1 disconnected, A/P 2 and 3 connected. Problem solved.
Hacks that require different modifications of the aircraft (i.e. software replacements and the installation of extra equipment) isn't exactly like the sensationalism of "Someone claimed that he were able to reduce thrust on the engines by hacking the aircraft through the IFE system".
There should be practical demonstrations and proper scientific reports about "hacking the aircraft" if it is to be treated as a serious threat. "It is theoretically possible to hack..." doesn't feel to convincing, does it?
Join Date: Feb 2013
Location: 60 north
Age: 59
Posts: 17
Likes: 0
Received 0 Likes
on
0 Posts
I just want to point out that after the Swiss Air crash in Canada years ago the IFE is isolated by a single switch in all airliners , it is a requirement !
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
Join Date: Jul 2007
Location: Sweden
Posts: 23
Likes: 0
Received 0 Likes
on
0 Posts
I just want to point out that after the Swiss Air crash in Canada years ago the IFE is isolated by a single switch in all airliners , it is a requirement !
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
It would be something to send in an email outlining a scenario where the engines goes to idle, nothing works, resetting circuit breakers, disconnecting A/THR, nothing works. Finally they turn off the cabin bus and higher thrust settings becomes available again. Disaster averted.
Join Date: Oct 2017
Location: London
Posts: 36
Likes: 0
Received 0 Likes
on
0 Posts
I just want to point out that after the Swiss Air crash in Canada years ago the IFE is isolated by a single switch in all airliners , it is a requirement !
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
Next to the Coffeemaker in the 737 (Galley + pax stuff).
Also the IFE is not in contact with the FMC or any Flight-control computers, whatsoever!
Join Date: Jul 2007
Location: Germany
Posts: 1
Likes: 0
Received 0 Likes
on
0 Posts
Disclaimer - I don't know how they do this on newer networked aircraft like the 787, but the systems on the 737, 747, 757, and 767 use ARINC 429 ONE WAY data busses to communicate aircraft information to the IFE. I'm repeating myself (again), but ARINC 429 is effectively hack proof because it's one-way (so it's impossible to corrupt the source from the destination), and you need a physical connection to put data on the bus.
The most a hacker could hope to due via the IFE would be to take down the ARINC 429 data bus.
Just one of the many things that make the hacking claims so laughably fake...
The most a hacker could hope to due via the IFE would be to take down the ARINC 429 data bus.
Just one of the many things that make the hacking claims so laughably fake...
Join Date: Feb 2013
Location: 60 north
Age: 59
Posts: 17
Likes: 0
Received 0 Likes
on
0 Posts
IFE vs Aircraft
Thanks TD
For those of you that did not read my last line, please do so again.
The IFE does not have any INPUT to anything flight critical. It listens to some basic OUTPUT. One way Street!
Lets put it this way : The IFE is as much in contact with BBC News as You are when watching TV. Yell as much as You can : They cant hear You!
They , on the other hand are in contact with You.
Not a way to hack an airborne aircraft, Right!!??
For those of you that did not read my last line, please do so again.
The IFE does not have any INPUT to anything flight critical. It listens to some basic OUTPUT. One way Street!
Lets put it this way : The IFE is as much in contact with BBC News as You are when watching TV. Yell as much as You can : They cant hear You!
They , on the other hand are in contact with You.
Not a way to hack an airborne aircraft, Right!!??
"This airplane will have novel or unusual design features when compared to the state of technology envisioned in the airworthiness
standards for transport category airplanes. These novel or unusual design features are associated with connectivity of the passenger domain
computer systems to the airplane critical systems and data networks."
Join Date: Oct 2017
Location: London
Posts: 36
Likes: 0
Received 0 Likes
on
0 Posts
Disclaimer - I don't know how they do this on newer networked aircraft like the 787, but the systems on the 737, 747, 757, and 767 use ARINC 429 ONE WAY data busses to communicate aircraft information to the IFE. I'm repeating myself (again), but ARINC 429 is effectively hack proof because it's one-way (so it's impossible to corrupt the source from the destination), and you need a physical connection to put data on the bus.
The most a hacker could hope to due via the IFE would be to take down the ARINC 429 data bus.
Just one of the many things that make the hacking claims so laughably fake...
The most a hacker could hope to due via the IFE would be to take down the ARINC 429 data bus.
Just one of the many things that make the hacking claims so laughably fake...
Join Date: Mar 2015
Location: North by Northwest
Posts: 476
Likes: 0
Received 0 Likes
on
0 Posts
In its Special conditions for the 787, the FAA, in the Federal register / Vol. 73, No. 1 / Wednesday, January 2, 2008 said this:
"This airplane will have novel or unusual design features when compared to the state of technology envisioned in the airworthiness
standards for transport category airplanes. These novel or unusual design features are associated with connectivity of the passenger domain
computer systems to the airplane critical systems and data networks."
"This airplane will have novel or unusual design features when compared to the state of technology envisioned in the airworthiness
standards for transport category airplanes. These novel or unusual design features are associated with connectivity of the passenger domain
computer systems to the airplane critical systems and data networks."
AIRBUS Comment (a): Airbus said that the meaning of “shall ensure system security protection * * * from unauthorized external access” in the first sentence is not accurate enough. Airbus commented that this could be interpreted as a zero allowance and demonstrating compliance with such a requirement all through the aircraft's life cycle is quite impossible since security threats evolve very rapidly. The commenter maintained that the only possible solution to such a requirement would be no link and no communication at all between the aircraft and the outside world. Airbus asked, “if some residual vulnerabilities are allowed, which criteria have to be used to assess their acceptability?”
AIRBUS Comment (d): Airbus said that the external environment needs to be characterized in order to determine which threats the Aircraft Control Domain and Airline Information Domain must be protected from. Questions to be answered include who can and cannot access; who is and is not trusted; and what threat source profile must be considered. The commenter asked whether only new communication media (like internet protocol (IP) communications) would be considered not trusted, or whether all communications, including existing communications for which no security requirements have been applied up to now, would be considered not trusted. Airbus gave ACARS (the Aeronautical Radio Incorporated Communication Addressing and Reporting System) as an example of existing communications that currently have no security requirements.