Go Back  PPRuNe Forums > Flight Deck Forums > Tech Log
Reload this Page >

Your 787 controlled from seat 34G?

Tech Log The very best in practical technical discussion on the web

Your 787 controlled from seat 34G?

Old 5th Jan 2008, 15:51
  #1 (permalink)  
Thread Starter
 
Join Date: Jul 2005
Location: SoCal
Posts: 1,929
Likes: 0
Received 0 Likes on 0 Posts
Your 787 controlled from seat 34G?

Have a look at this

In short, it appears that the FAA are concerned about a linkage between the pax computer network (presumably the entertainment stuff) and the a/c systems computers.

Why would Boeing mix the two ??
172driver is offline  
Old 5th Jan 2008, 16:29
  #2 (permalink)  
LH2
 
Join Date: May 2005
Location: Abroad
Posts: 1,172
Likes: 0
Received 0 Likes on 0 Posts
The link that appears towards the end of the Wired article is a much better source of information, assuming it is an accurate copy of the Federal Register.

Why would Boeing mix the two ?
That is explained in the link above.
LH2 is offline  
Old 5th Jan 2008, 17:07
  #3 (permalink)  
PJ2
 
Join Date: Mar 2003
Location: BC
Age: 76
Posts: 2,484
Received 0 Likes on 0 Posts
assuming it is an accurate copy of the Federal Register.
This link seems to verify the accuracy...

http://regulations.justia.com/view/98960/
PJ2 is offline  
Old 5th Jan 2008, 18:47
  #4 (permalink)  
 
Join Date: Jan 2001
Location: Fantasy Island
Posts: 555
Likes: 0
Received 0 Likes on 0 Posts
Doesn't the A380 have the same setup - all aircraft data goes around on an ethernet bus, with ops and pax data separated by a firewall?
BahrainLad is offline  
Old 5th Jan 2008, 19:06
  #5 (permalink)  
PersonalTitle to help support PPRuNe against legal bullying.
 
Join Date: Sep 2005
Location: France
Posts: 134
Likes: 0
Received 0 Likes on 0 Posts
Technology exists which allows sharing of resources without allowing unauthorized access and inappropriate actions to systems and data
Whoever wrote that is having a laugh, right? Pretty much every technology which exists for this purpose is quickly broken or compromised in a way that was not foreseen; thus creating a new degraded security scenario that was not in the original design reveiwer's scope. I am not impressed with the FAA's response in this report; they could have easily done more.

For example, why not state things such as: "Events from the pax systems domain must not be observable by any of the components in the aircraft control system domain"? Hardly rocket science, yet the sort of rule that will stand the test of time.

To just leave it up to the manufacturer is absurd. I hope there is much more to this story; background info that would make that report seem much less nave. Perhaps the responsible person was out of his depth in this subject but senior in his poistion in the FAA?

Consider:

The applicant is responsible for the design of the airplane network and systems architecture and for ensuring that potential security vulnerabilities of providing passenger access to airplane networks and systems are mitigated to an appropriate level of assurance, depending on the potential risk to the airplane and occupant safety
So, the design authority is also the reviewer and certification authority of this architecture design? If it wasn't serious this would be comical. They haven't even made any reference to documents that might specify the scope of the threats that should be considered, nor have they given a ballpark indication of what "appropriate level of assurance" might mean. If the subject area was stress tests we would be swamped with details. Does this mean the FAA are not up to date enough to regulate this technology effectively?

There has to be more to this, that puts this report in context and gives it more credibility. Stand-alone, this report reads as absurd.
tallsandwich is offline  
Old 5th Jan 2008, 19:14
  #6 (permalink)  
 
Join Date: Aug 2003
Location: FR
Posts: 234
Likes: 0
Received 0 Likes on 0 Posts
Although this particular combination does not appear explicitely in the Federal Register, the possibility of "wired connection" between "passenger Internet services" and flight systems is really scary! No sane person would implement this.
pax2908 is offline  
Old 5th Jan 2008, 19:28
  #7 (permalink)  
 
Join Date: Dec 2001
Location: England
Posts: 1,389
Likes: 0
Received 0 Likes on 0 Posts
This link seems to verify the accuracy...
http://regulations.justia.com/view/98960/
Very interesting reading.

Airbus appear to want the FAA to promote physical isolation...
"The only possible solution to such a requirement would be to physically segregate the Passenger Information and Entertainment Domain from the other domains."

Whereas the FAA appear to want to allow design flexibility and put the responsibility on the manufacturers...

"We agree that Airbus's interpretation of zero allowance for any ``inadvertent or malicious changes to, and all adverse impacts'' to airplane systems, networks, hardware, software, and data is correct. However, this does not prevent allowing appropriate access if the design incorporates robust security protection means and procedures to prevent inadvertent and intentional actions that could adversely impact airplane systems, functionality, and airworthiness."

and

"The applicant is responsible for developing a design compliant with these special conditions and other applicable regulations. The design may include specific technology and architecture features, as well as operator requirements, operational procedures and security measures, and maintenance procedures and requirements, to ensure an appropriate implementation that can be properly used and maintained to ensure safe operations and continued operational safety."
cwatters is offline  
Old 5th Jan 2008, 19:43
  #8 (permalink)  
None but a blockhead
 
Join Date: Nov 1999
Location: London, UK
Posts: 535
Likes: 0
Received 0 Likes on 0 Posts
From reading that, the only reason for linking pax and avionics domains is to share satcomms (I exclude unidirectional stuff like nav feeds to skymaps, etc, which already exist and can be made arbitrarily secure). Have I got that right? If so, then it's not as nasty as it sounds.

R
Self Loading Freight is offline  
Old 5th Jan 2008, 20:08
  #9 (permalink)  
 
Join Date: Dec 2001
Location: England
Posts: 1,389
Likes: 0
Received 0 Likes on 0 Posts
I'm sure it isn't as easy to hack as this makes it sound...

http://www.aviationtoday.com/av/cate...rcial/932.html

Data Loading

Data loading and configuration management are separate functions provided by the maintenance system. The data loader supports the insertion of data loads (operational software) into the appropriate avionics systems. "If you wanted to load a new piece of flight management software, it would come through this function," Morrow explains.

<snip>

.. this is the first time a maintenance technician with a wireless laptop (equipped with a Wi-Fi card) can walk up to the aircraft and get maintenance info on and off the airplane," Boeing's Sinnett says. "
cwatters is offline  
Old 5th Jan 2008, 20:42
  #10 (permalink)  
 
Join Date: Mar 2002
Location: Ireland
Posts: 39
Likes: 0
Received 0 Likes on 0 Posts
Before you react to this topic, I would caution anybody whose knowledge of computer networks and the capabilities of 'hackers' is largely derived from the media and entertainment industries that they present the 'facts' with as much care and accuracy as they treat aviation!
For those with a working IT knowledge, feel free to tear the FAA a new one as you see fit
cormacshaw is offline  
Old 6th Jan 2008, 03:23
  #11 (permalink)  
 
Join Date: Jun 2001
Location: Fragrant Harbour
Posts: 4,787
Received 7 Likes on 3 Posts
I positioned in First class a few months ago. The American lady sitting the other side of the aisle was suprised to see two pilots in uniform sitting in the cabin. She was even more suprised when we convinced her we were flying the aircraft from those seats using the screen and the IFE controller. We managed to keep straight faces all the way down the approach, landing and while 'vacating' the runway - then we had to come clean!

She was blonde too!
Dan Winterland is offline  
Old 6th Jan 2008, 04:02
  #12 (permalink)  
 
Join Date: Mar 2004
Location: Baltimore, MD
Posts: 273
Likes: 0
Received 5 Likes on 1 Post
- sigh -

Sometimes I think if atoms had ethernet in them IT people would think they're all smarter than Einstein.

The best explanation on the net so far: a system totally unrelated to anything seriously important can communicate with the passenger network. Not a great idea, but no hacking the altimeter.
FakePilot is offline  
Old 6th Jan 2008, 05:51
  #13 (permalink)  
 
Join Date: Nov 2003
Location: Amsterdam
Age: 70
Posts: 159
Likes: 0
Received 0 Likes on 0 Posts
Doesn't the A380 have the same setup - all aircraft data goes around on an ethernet bus, with ops and pax data separated by a firewall?
Capt. Inop is offline  
Old 6th Jan 2008, 16:17
  #14 (permalink)  
 
Join Date: Jan 2002
Location: Europe
Posts: 1,200
Received 0 Likes on 0 Posts
34K

With all due respect to your collective intelligence and despite my vivid interest to the aviation I still consider 34G to be more important in another sense.

Sorry for the drift but I could not resist.

Rwy in Sight
Rwy in Sight is offline  
Old 6th Jan 2008, 16:17
  #15 (permalink)  
Paxing All Over The World
 
Join Date: May 2001
Location: Hertfordshire, UK.
Age: 67
Posts: 10,145
Received 62 Likes on 50 Posts
One physical network for the PAX and one for the A/c. No physical link between means that there is no electronic link between. It really is that simple.

Should any crew member need access to the PAX system, then they cross plug their terminal/PC into it. The PAX never need to go the other way.

After 27+ years in telecommunications, I can say that the only way to prevent any networking accident is to not have a network. If you have vital data, then do not provide network connectivity - irrespective of the firewalls in place. Simple. The FAA just need to state that there is no physical link on pain of death and they have proved that they understand the risk and have protected the pax. Job done.
PAXboy is offline  
Old 6th Jan 2008, 17:20
  #16 (permalink)  
 
Join Date: May 2004
Location: Москва/Ташкент
Age: 54
Posts: 922
Received 3 Likes on 3 Posts
Using VPN's networks can be isolated on the same media.

Even classified information is transferred this way over the Internet by Governments when the National Networks are unavailable or cannot reach certain areas.

However, the Internet is rarely if ever compromised at a major data pipe and this cannot be said for any LAN.

FADEC failure anyone
flash8 is offline  
Old 6th Jan 2008, 21:24
  #17 (permalink)  
 
Join Date: Jan 2005
Location: France
Posts: 2,315
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by flash8
FADEC failure anyone
Especially with the FADEC "integrated" in the CCS (or whatever?).
ChristiaanJ is offline  
Old 6th Jan 2008, 22:15
  #18 (permalink)  
 
Join Date: Aug 2006
Location: Newcastle
Posts: 2
Likes: 0
Received 0 Likes on 0 Posts
Using VPN's networks can be isolated on the same media.

Even classified information is transferred this way over the Internet by Governments when the National Networks are unavailable or cannot reach certain areas.
VLANs, together with firewalls, can indeed be used to segrate multiple network on the same cabling media, and this is more than enough for most company networks and low level "classified" data.

But note that all but the lowest level "classified" data CANNOT be shared on the same cabling backbone - they must be physically separated. In fact standard ethernet cable is in most cases not good enough due to possibilities of wire taps and signal leakage - fibre optic is therefore the defacto standard. And "classified" data is not transferred over the Internet as a rule. Low level data may be securely transferred if heavily encrypted, but anything more restricted cannot go via the Internet at all.

The simple fact is, if two networks are sharing the same backbone, there is a real risk of comprising the security separating the two. The only accepted way to guarantee proper segregation is physical separation.

The articles don't really elaborate on the extent of the cross connection - I'd certainly hope the fly-by-wire system is independant! - but surely with a blank paper design, building in a real risk that the passenger network may affect any part of the flight system network is unacceptable.
EspritS3 is offline  
Old 6th Jan 2008, 22:34
  #19 (permalink)  
 
Join Date: Dec 2006
Location: canberra
Posts: 11
Likes: 0
Received 0 Likes on 0 Posts
There is also the possibility of "Denial of Service" problems. If the communications channel becomes constantly "busy" through failure of part of a system, or through malicious intent, then legitimate traffic has no way to travel through the channel and has to wait, or -worse- it may be lost completely.
blakkekatte is offline  
Old 7th Jan 2008, 06:42
  #20 (permalink)  
Hippopotomonstrosesquipidelian title
 
Join Date: Oct 2006
Location: is everything
Posts: 1,826
Likes: 0
Received 0 Likes on 0 Posts
There is also the possibility of "Denial of Service" problems
Exactly. Any time there's a bit of wire between two computing devices, someone, somewhere, has the skill to use one device to access the other, overload the other, corrupt it or otherwise compromise or render it incapable of providing the service it is supposed to provide. You've got to be barking mad to have a wired link between 400 people with their entertainment systems and randomly-hosed PCs, and bits of the aircraft that are trying to do something important. Does make me want to fire up Ethereal and friends the next time I'm on a flight.
Bushfiva is offline  

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.