Hack my plane why don't you!
Thread Starter
Join Date: Jun 2010
Location: Goodwood, Sussex, UK
Age: 70
Posts: 264
Likes: 0
Received 0 Likes
on
0 Posts
Hack my plane why don't you!
Could a vulnerable computer chip allow hackers to down a Boeing 787? 'Back door' could allow cyber-criminals a way in?
A hidden 'back door' in a computer chip could allow cyber-criminals a way to override and control computer systems on Boeing 787s.The vulnerability is in an Actel chip used in their computer systems, and seems to be hard-wired into the devices.This could mean the vulnerability - in chips used in Boeing's flagship Dreamliner - is near-impossible to eradicate.The security researchers who found the vulnerability have alerted governments around the world to the 'back door' - which could leave critical aircraft systems vulnerable.
Boeing 787 vulnerable
This sort of vulnerability is unusual - most hacks use software, but a 'back door' in such a critical system could allow malicious attackers a way 'past' computer protection systems.'Back doors' are commonly built into computer systems by programmers to allow quick and easy access - but on a chip of this sort, represent a dangerous vulnerability.Security researcher Chris Woods of Quo Vadis Labs told The Guardian, 'An attacker can disable all the security on the chip, reprogram cryptographic and access keys or permanently damage the device.
'The real issue is the level of security that can be compromised through any back door, and how easy they are to find and exploit.'Security researchers have previously suggested that Chinese companies build vulnerabilities into chips that are exported to the West for use in military systems.
'Back doors' are commonly built into computer systems by programmers to allow quick and easy access - but on a chip of this sort, represent a dangerous vulnerability
In this case, however, the 'back door' may be innocent - although now it has been discovered, it remains a threat.Rik Ferguson of Trend Micro security, told The Guardian, 'This kind of flaw that gives somebody access right into the device has inherent flaws. The fact that its in the hardware will certainly make it harder if not impossible to eradicate.'
Could a vulnerable computer chip allow hackers to down a Boeing 787? 'Back door' could allow cyber-criminals a way in | Mail Online
A hidden 'back door' in a computer chip could allow cyber-criminals a way to override and control computer systems on Boeing 787s.The vulnerability is in an Actel chip used in their computer systems, and seems to be hard-wired into the devices.This could mean the vulnerability - in chips used in Boeing's flagship Dreamliner - is near-impossible to eradicate.The security researchers who found the vulnerability have alerted governments around the world to the 'back door' - which could leave critical aircraft systems vulnerable.
Boeing 787 vulnerable
This sort of vulnerability is unusual - most hacks use software, but a 'back door' in such a critical system could allow malicious attackers a way 'past' computer protection systems.'Back doors' are commonly built into computer systems by programmers to allow quick and easy access - but on a chip of this sort, represent a dangerous vulnerability.Security researcher Chris Woods of Quo Vadis Labs told The Guardian, 'An attacker can disable all the security on the chip, reprogram cryptographic and access keys or permanently damage the device.
'The real issue is the level of security that can be compromised through any back door, and how easy they are to find and exploit.'Security researchers have previously suggested that Chinese companies build vulnerabilities into chips that are exported to the West for use in military systems.
'Back doors' are commonly built into computer systems by programmers to allow quick and easy access - but on a chip of this sort, represent a dangerous vulnerability
In this case, however, the 'back door' may be innocent - although now it has been discovered, it remains a threat.Rik Ferguson of Trend Micro security, told The Guardian, 'This kind of flaw that gives somebody access right into the device has inherent flaws. The fact that its in the hardware will certainly make it harder if not impossible to eradicate.'
Could a vulnerable computer chip allow hackers to down a Boeing 787? 'Back door' could allow cyber-criminals a way in | Mail Online
Join Date: May 2004
Location: Bear Island
Posts: 598
Likes: 0
Received 0 Likes
on
0 Posts
Ah the Daily Mail ...
Gosh think of the big bucks to be made here erradicating a perceived threat. Am I alone In recalling that Y2K was hailed as cyber-armageddon ? Of course due to the timely and extensive intervention of the IT industry, it never happened. :-)
Gosh think of the big bucks to be made here erradicating a perceived threat. Am I alone In recalling that Y2K was hailed as cyber-armageddon ? Of course due to the timely and extensive intervention of the IT industry, it never happened. :-)
Join Date: Nov 1999
Location: Ireland
Posts: 1,621
Likes: 0
Received 0 Likes
on
0 Posts
And how are these supposed criminals meant to get physical access to the chip (or the LRU it's on) in order to reprogram it? Knock on the cockpit door and pop in for a few minutes?
Happy to be corrected, but I remember reading that Boeing did decide to link at least some of the flight deck IT to the infotainment in the back. How much was never revealed - again, to my knowledge. I was concerned at the time.
Did I read somewhere that the IFE on the 787 shares the same data bus as the FBW system?
Beaten to the punch by above poster.....
Beaten to the punch by above poster.....
Last edited by hunterboy; 30th May 2012 at 20:56.
Join Date: Jan 2006
Location: Between a rock and a hard place
Posts: 1,262
Likes: 0
Received 0 Likes
on
0 Posts
Watch this TED talk, physical possession of the computer that needs a brush up not always needed.
Could someone hack your pacemaker? At TEDxMidAtlantic, Avi Rubin explains how hackers are compromising cars, smartphones and medical devices, and warns us about the dangers of an increasingly hack-able world.
Avi Rubin is a professor of computer science and director of Health and Medical Security Lab at Johns Hopkins University. His current research is focused on the security of electronic medical records.
Could someone hack your pacemaker? At TEDxMidAtlantic, Avi Rubin explains how hackers are compromising cars, smartphones and medical devices, and warns us about the dangers of an increasingly hack-able world.
Avi Rubin is a professor of computer science and director of Health and Medical Security Lab at Johns Hopkins University. His current research is focused on the security of electronic medical records.
Last edited by 172_driver; 30th May 2012 at 21:01.
Join Date: Dec 2005
Location: No. Cal, USA
Age: 72
Posts: 112
Likes: 0
Received 0 Likes
on
0 Posts
I usually keep a low profile here because I'm a lowly private pilot. That said, I've worked on embedded computer systems for the last 20 years and I do know something about them.
The Actel issue revolves around securing the custom programming in their field-programmable gate array chips. These chips are purchased from the manufacturer as blanks and are then programmed to implement complex logic functions. The programming itself requires attached equipment and a development environment of some sort. Although it could be done, reprogramming these parts is virtually never possible through network connections. The real issue here is not the possibility of the chips being maliciously modified, but the possibility of a competitor reading out the programming and duplicating them. The manufacturer claimed that the programmed data was encrypted and impossible to read out and a researcher claims that it is possible to get it out.
I'd also point out that most avionics have flash memory chips that are not encrypted and much easier to read out and reprogram than an Actel FPGA chip. Assuming an intruder had access to the avionics bay and wanted to cause trouble, this would be a much simpler approach.
The Actel issue revolves around securing the custom programming in their field-programmable gate array chips. These chips are purchased from the manufacturer as blanks and are then programmed to implement complex logic functions. The programming itself requires attached equipment and a development environment of some sort. Although it could be done, reprogramming these parts is virtually never possible through network connections. The real issue here is not the possibility of the chips being maliciously modified, but the possibility of a competitor reading out the programming and duplicating them. The manufacturer claimed that the programmed data was encrypted and impossible to read out and a researcher claims that it is possible to get it out.
I'd also point out that most avionics have flash memory chips that are not encrypted and much easier to read out and reprogram than an Actel FPGA chip. Assuming an intruder had access to the avionics bay and wanted to cause trouble, this would be a much simpler approach.
Teddy R
Don't throw in comments irrelevant (about Y2K) to this issue and that you would appear to know from what you read in the newspaper. I can't speak about whether this one is a real threat or not, but Y2K certainly was and took much effort to resolve. Chapter and verse available if you wish to pursue.
Grumpyoldgeek's comments would seem to point to where the security focus should be on this threat.
Don't throw in comments irrelevant (about Y2K) to this issue and that you would appear to know from what you read in the newspaper. I can't speak about whether this one is a real threat or not, but Y2K certainly was and took much effort to resolve. Chapter and verse available if you wish to pursue.
Grumpyoldgeek's comments would seem to point to where the security focus should be on this threat.
Last edited by Jetdriver; 31st May 2012 at 15:47.
i don't think it's something to worry about - i'm sure pretty much all airliners from now will have similar control systems internally. unless someone knows the exact architecture of the systems inside it'll be nigh on impossible to reprogram, let alone decrypt, and recode using similar encryption.
software designers do this kind of coding professionally and thoroughly (one would hope). only the top maybe 1-2% of hacker/programmers in the world would be able to do anything to the system for it to be remotely affected - and the chances of those people getting access to the aircraft for enough time?
software designers do this kind of coding professionally and thoroughly (one would hope). only the top maybe 1-2% of hacker/programmers in the world would be able to do anything to the system for it to be remotely affected - and the chances of those people getting access to the aircraft for enough time?
Last edited by AndoniP; 31st May 2012 at 08:45.
Join Date: Aug 2007
Location: Brazil
Posts: 69
Likes: 0
Received 0 Likes
on
0 Posts
Judging by the original paper, http://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf, you need physical access and quite a bit of time. Not very likely to be possible to connect your notebook into the IFE and access the avionics. Be taking flight-sim to a new level.
It's hard enough to connect the maintenance laptop to the beast when you know what you're doing never mind trying to hack in remotely.
Non-story I'm afraid. Typical Daily Mail tripe. Not that the truth should get in the way of a good story.
Non-story I'm afraid. Typical Daily Mail tripe. Not that the truth should get in the way of a good story.
Join Date: Aug 2007
Location: dBoonies
Posts: 29
Likes: 0
Received 0 Likes
on
0 Posts
The 787 has this chip which has this back door, but the 787 does not have any ability to recieve reprogramming instructions into the FMC while airborne.
Data is transmitted to ground stations for monitoring purposes like ADS/CPDLC etc. but the FMCs do not acccept commands unless the cockpit crew choose to accept it. ie route loading, atc clearances etc.
The chips if hacked may corrupt the software logic of systems but the worst is a systemic shut down of automation.
Those familliar with Boeing system logic will see that when the auto mode is corrupted, it reverts back to primary basic mode; if the system continues to malfunction, the system is isolated!
So the threat may exist, but hackers bringing down a 787 is very isolated.
Data is transmitted to ground stations for monitoring purposes like ADS/CPDLC etc. but the FMCs do not acccept commands unless the cockpit crew choose to accept it. ie route loading, atc clearances etc.
The chips if hacked may corrupt the software logic of systems but the worst is a systemic shut down of automation.
Those familliar with Boeing system logic will see that when the auto mode is corrupted, it reverts back to primary basic mode; if the system continues to malfunction, the system is isolated!
So the threat may exist, but hackers bringing down a 787 is very isolated.
Join Date: Feb 2012
Location: Cape Town / UK / Europe
Posts: 728
Likes: 0
Received 0 Likes
on
0 Posts
By all means knock it as "Typical Daily Mail tripe," but the Guardian, admittedly a lefty rag, but one with a higher credibility rating, ran the same story.
Cyber-attack concerns raised over Boeing 787 chip's 'back door' | Technology | guardian.co.uk
Cyber-attack concerns raised over Boeing 787 chip's 'back door' | Technology | guardian.co.uk
It's hard enough to connect the maintenance laptop to the beast when you know what you're doing never mind trying to hack in remotely.
Back when I was at Boeing, the ATE (Automated Test Equipment) people switched from HP-UX systems to Windows. One of the sales pitches our IT people made was that the shop floor techs could access their Outlook e-mail on the ATE consoles while not running tests. There is no faster way to infect a PC than that.
Join Date: Mar 2011
Location: engineer at large
Posts: 1,409
Likes: 0
Received 0 Likes
on
0 Posts
One of the sales pitches our IT people made was that the shop floor techs could access their Outlook e-mail on the ATE consoles while not running tests.
Last edited by FlightPathOBN; 1st Jun 2012 at 14:02.