FAA warns of Boeing 787 hacker vulnerability
Boeing's still in the final stages of production on its 787 Dreamliner mid-sized jet, but the FAA has already spotted what looks to be a serious security vulnerability in the plane's IT infrastructure. Apparently the computers that provide the 787's passenger area with in-flight internet access and other amenities are physically networked with the main plane computers, including control, navigation and communication systems, which could theoretically provide a path for a hacker to screw with the plane, and even go as far as take full control of the 787. Boeing says that it's aware of the issue and is prepping a solution that will be tested shortly, but we're not sure what sort of "solution" can beat separating the two systems entirely -- which seems like what should've been done in the first place. Boeing has more than 800 advance orders for the plane, and should start delivering in November of 2008, but the FAA is requiring that the company demonstrate a fix for this issue before the planes hit the skies.
Filed under: Transportation, Networking
Reader Comments (Page 1 of 1)
pquistgard @ Jan 6th 2008 2:04AM
What idiots.
John B @ Jan 6th 2008 2:22AM
"Physically connected" is not automatically synonymous with "dangerous risk". In the IT world we have these little things called "firewalls" to protect physically connected networks. You might have heard of them. It's completely possible that (and, I would hope, likely) that Boeing had the same kind of precautions but that the FAA wants them tightened up as much as is possible.
So, what are *your* aircraft design qualifications?
RikF @ Jan 6th 2008 2:32AM
John, whilst there are security measures that can be put in place, none of them are entirely secure and certainly none are as secure as not physically connecting the two systems. What possible reason could there be for having such critical systems tied into non secure ones. Perhaps you think it would be perfectly alright to have the systems which control nuclear power stations tied to the internet as well? After all, we can put a firewall in between them...
I tell you what, given your level of confidence in such systems, why don't we give you a fly by wire, computer controlled car with the drive systems connected to the internet to drive on the freeway and let it be known that you are doing so and have *total* faith in the firewall to prevent hackers from taking over your car. Game for that? Game for us to put your family in that car?
Scptt Davidson @ Jan 6th 2008 2:33AM
John B, in the IT world the presence of a firewall is not in the least bit synonymous with hack-proof. If there is no need at all for the customer network to communication with the plane's operations network, why in the world would anyone want to trust an application (firewall) sitting on an operating system, sitting on some piece of hardware to protect one network from another when packets have a phenominally hard time aerisolizing and jumping from one network to another? TRUE AIR GAP!
todd @ Jan 6th 2008 3:03AM
I don't have any aircraft design qualifications, but I do have enough common sense (and a Cisco certification, but common sense is all you really need) to know that no firewall is fool-proof, and given enough time and effort, someone possibly could penetrate it. With the lives of a few hundred people on the plane, and possibly thousands more on the ground at stake, why not just be safe than sorry and have the 2 networks completely separate and independent of each other.
And it may not even take a hacker. Maybe some innocent, computer illiterate person is just browsing the web, and the system doesn't like some website and crashes the entire network, and the pilots lose control of the plane? If I'm going to die in a plane crash, I'd rather it be from something a bit more serious than grandma checking her e-mail.
Goatee Man @ Jan 6th 2008 2:57AM
John, do you even know what "IT" stands for?
Craig B. @ Jan 6th 2008 3:43AM
It was said the NYC cab systems were completely protected. That fiasco reminds us that even with all the protections in place, all you need is 1 human error. The best solution: seperation.
Being that the repair cost will ultimately either 1) be charged to purchasers and then passed through as a cost on airline ticket costs, probably to the tune of $.37 per person, or 2) Boeing stock drops roughly that same amount because of higher production costs / 1 time charge for a retooling, both seem to me like a cost of insurance that most people would be willing to pay for. Insurance against what? Against the 14 year old, as well as the thousands of people that really really really want to take my plane down. That being the case, I'll opt for the insurance.
mike_p @ Jan 6th 2008 4:25AM
Jesus Christ!!! What kind of idiot skipped his Software Engineering classes in University and created this appalling concept?!?
I just don't understand. Do you WANT to give terrorists another route (one in which they don't have to physically BE on the plane at all)???
MegaZone @ Jan 6th 2008 4:27AM
They're not idiots. Paul is just selectively reporting what Wired already selectively reported and is making a mountain out of a molehill. This is a non-issue. Boeing and the FAA already have agreed to what tests need to be performed, and the publication of the FAA document is a standard part of the certification. That's all. There is no issue, no problem, and not new threat. The aviation press (like Aviation Week, which I subscribe to) has covered this and other issues. The 787 breaks a lot of new ground, and when that happens the FAA always requires additional testing and proof of the new concepts. That's standard practice.
MegaZone @ Jan 6th 2008 4:35AM
Rikf: I'd do it, with my family, if the system were designed to the same requirements as the 787. Without even blinking.
And, just so you all know, the 787 is not the first airliner with flight control systems and non-critical systems interconnected. Most modern airliners, most of the Airbus product line, newer Boeings, etc, have different tiers of systems that interconnect. There are a number of requirements that must be met to allow this. Including RTOS systems which hard partition applications from each other. This is all designed to much higher levels of reliability than anything in the commercial computing realm, even telco systems which are five-nines. The 787 is another step forward with integration and the FAA is reasonably requiring additional testing as with any other innovation. The 787 is also the first largely composite commercial airliner, and the FAA also required more airframe testing that normal to be satisfied that the new materials will perform as required.
Rocketboy @ Jan 6th 2008 11:16AM
In the real world, we have self-obsessed dolts in IT who think that they know everything. Meanwhile, they make life hell for everyone who has to use the crap that they set up.
nikster @ Jan 7th 2008 9:35AM
MegaZone - that's just really dumb. If a lot of earlier planes linked in-flight entertainment systems with navigation systems, then that was really dumb, there, too.
I am sure Al Quaeda is excited to hear about this. All they need to do is find one weakness, then exploit it in 100 planes simultaneously. 100 planes down, no box cutters needed. It's a terrorist's dream.
Aaron @ Jan 6th 2008 2:19AM
I enjoyed how you snuck "mid-sized" in there for the 787...brought me a wee bit of a chuckle.
Paul Barwick @ Jan 6th 2008 2:20AM
Just what we need. Some bored 14 year old tapping into the plane's flight computer. Thanks Boeing. Hope that decision to tie the computers together saved you a couple of bucks on each plane.
West Hubbard @ Jan 6th 2008 2:24AM
Now its the guy with the laptop who is the terrorist...not the guy with the bottle of water.
Denver_80203 @ Jan 6th 2008 2:36AM
Unless your plan was to pour water on the internet jack, short circuiting the plane.
AJ in the East Bay @ Jan 6th 2008 3:29AM
The guy with the laptop has been the terrorist all along with the guy with the bottled water.
Flashpoint @ Jan 6th 2008 8:31AM
If you see someone come through airport security with a laptop and a SAITEK X-45 joystick - with the Throttle attachment, it is likely, HE INTENDS TO STEAL THE PLANE.
miko34 @ Jan 6th 2008 2:29AM
Just put Zone Alarm on them. The pilots would at least get pop up messages every few minutes instructing them to select Allow or Deny of a hijacking.
SSS @ Jan 6th 2008 2:36AM
Isn't there a similar issue with the Cylons and the newer ships in the new Battlestar Galactica series? Something about the Cylons being able to cripple entire ships because everything is networked together?
ColonelSmith @ Jan 6th 2008 3:41AM
And you sir just made my night. Battlestar Galactica FTW!
Juaquin @ Jan 6th 2008 4:17AM
Yeah, geez. Haven't we learned anything from TV?
Earl Jr. @ Jan 6th 2008 2:37AM
so why not go for the obvious solution and separate the two systems? It seems like the extra cost would be worth the extra security.
AJ in the East Bay @ Jan 6th 2008 3:30AM
Dang it, you and SSS beat me to the BG pun. I guess great minds kid alike.
AJ in the East Bay @ Jan 6th 2008 3:32AM
Sorry, Earl. That comment was meant for wellsley.
wellsley @ Jan 6th 2008 2:47AM
Didn't we learn anything from the new Battle Star Galactica? Fully networked mission critical systems, however convenient they may be, is a really, really bad idea. Anything can be hacked. Don't be dumb about it. Remind me not to fly on the 787.
AJ in the East Bay @ Jan 6th 2008 3:31AM
Dang it, you and SSS beat me to the BG pun. I guess great minds kid alike.
richardf @ Jan 6th 2008 2:55AM
Now maybe I can get a second bag of peanuts.
TheCanadianGeek @ Jan 6th 2008 3:13AM
Surely, you must be joking.
BobTurbo @ Jan 6th 2008 3:18AM
This is insane. I would love to know the true and detailed story behind this and how such thing can occur.
fitinferno @ Jan 6th 2008 3:53AM
I think I saw this in Independence Day once...something about a mothership...and a virus...
Jetmech96 @ Jan 6th 2008 3:54AM
This article is totally wrong in stating there is a vunerability in the 787. If you read the FAA document, the FAA is just updating the requirements and certification testing to ensure that the vunerability does not exist. This is new to the 787, becase it is one of the first aircraft to use AFDX (ethernet) as a backbone versus ARINC-429. By the way, the passenger systems and fligh deck have been connect for quite some time, this is just the first time they wre connected using the same physical link layer.
Also just because they are connected using an ethernet based backbone, trust me the flight deck does not communicate using the ethernet standard. So even if you could get the two systems to physically talk, the communications protocals are totaly diferrent and unique to aviation. So no 14 year old hacker, unless he has extensive knowledge of the ARINC standards, is going to be able to hack into the airplane.
This is just the FAA siding on safety, so that "we avionics engineers" don't end up looking like idiots. I am having similar problems with cockpit systems that interact with the cabin in a few corporate aircraft that I am designing.
The FAA is doing the same thing with portable electronic devices and cell phones unless they can conclusivley prove that it will NOT have negative effects on the aircraft, they will not allow it. Trust me the problem does not exist, I sit in cockpit simulators all day long talking on my cell phone, working on my laptop, PPC, blue tooth head set and Ipod and have never seen a glitch in the avionics from these devices. Again if it the FAA erroring on the side of safety.
Matt @ Jan 6th 2008 4:00AM
Damn... you beat me by ONE MINUTE :D
Excellent information. I'll bet ARINC doesn't like Boeing's decision one bit, either, and I'm sure they've let the FAA know just how happy they aren't.
At any rate, you're right... it's a new technology, and the FAA's gonna want it to be put through its paces before it's in their sky. I'm sure this won't be the last B787 innovation we see discussed in this fashion.
Anon @ Jan 6th 2008 12:32PM
The flight control system on the 787 does indeed use ARINC 429 for communication. AFDX is just used between the cabinets, but many of the systems still communicate with the flight controls via A429.
steve @ Jan 7th 2008 9:27PM
the 14 year old might not. but the seasoned hacker might do it and post his exploits to show off and all the 14 y.o script kiddies will be able to do it
Matt @ Jan 6th 2008 3:55AM
I know we hear "connected", and assume it's an Ethernet connection using TCP/IP, with requests and responses flowing in both directions. Heck, that might not be the case at all.
What if it's just a one-way feed of data so that passengers can see speed, heading, and other trivial information on their screens? A system has to be listening in some way to be remotely hacked, right?
You can, indeed, "connect" two systems, and even send data from one to the other, without necessarily introducing vulnerability.
SonyPS3Sucks @ Jan 6th 2008 4:24AM
That default picture reminds me of "Snakes on a plane" movie. Don't ask me why? Just look.
MegaZone @ Jan 6th 2008 4:38AM
It is actually from the movie "Airplane!"
Rob Longhurst @ Jan 6th 2008 6:54AM
Lets suppose that remote control of the aircraft is actually the designed purpose of having the systems the way they are. It is not beyond reason that the US government has demanded the capability to remotely take control of an aircraft which it sees as a threat. Now who wants to be a pilot?
Bernhard @ Jan 6th 2008 7:23AM
Captain to passengers: Ladies and gentlemen, we are currently experiencing some BSODs. Please be patient while we restart our computers. This is nothing to worry about, but if you wish, you may leave a note to loved ones on pamphlets that are currently being handed out.
Co-pilot to Captain: Damn it, I knew we should have taken the one with Linux. Because of your desire for a stupid GUI we are going down!
Graham McLeod @ Jan 6th 2008 8:51AM
All I need now is Microsoft Flight Simulator and I can finally go to where I want, not some pesky airport a few miles away from my actual destination
Mitch @ Jan 6th 2008 9:48AM
Instantly reminded of:
http://www.triv.org.uk/~danny/images/bluetooth_airbus.jpg
Andy @ Jan 6th 2008 12:28PM
or this
http://www.flighthumor.com/funnypics/l1iL0eO.jpg
Boynamedsue @ Jan 6th 2008 11:58AM
Anyone remember the pilot episode of the lone gunmen (only one i watched)
the nerds from the x-files have to hack into a plane that has already been hacked into and heading straight toward the WTC. they narrowly avoid a collision.
This was only 3 or 4 months before the real thing. Terrorists hate our freedom... and crappy spin offs.
Matt @ Jan 6th 2008 12:44PM
I just hope that this thing will not run on Vista and that the software and firmware updates won't be pushed automatically. The last thing we need is for the whole system to freeze while in flight. The captain will have to send the purser under the main deck to do a cold reset :-) Or maybe it will be a big mainframe pc running in a huge open space like it was portrayed in the the movie "Flight Plan" with Jodie Foster..all lit up with neon lights and UV beams
anon @ Jan 7th 2008 6:05PM
Glass cockpit? VNC cockpit!
egotman @ Feb 28th 2008 11:17AM
They should separate the network! That way they cant shut it off when me and ten other bored schmucks decide to throw a LAN party and play Unreal Tournament hogging all the bandwidth at 35000 feet =)