GAO Warns FAA of Hacking Threat To Airliners

chicksdaddy writes: A report from the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing to address cyber security vulnerabilities that could allow remote attacks on avionics systems needed to keep the plane airborne. In a report issued Tuesday (PDF), the GAO said, "significant security-control weaknesses remain that threaten the agency's ability to ensure the safe and uninterrupted operation of the national airspace system." Among those: a lack of clear certification for aircraft airworthy readiness that encompasses cyber security protections. That lapse could allow planes to fly with remotely exploitable vulnerabilities that could affect aircraft controls and guidance systems.

The GAO report did not provide details of any specific vulnerability affecting any specific aircraft. Rather, GAO cited FAA personnel and experts, saying that the possibility exists that "unauthorized individuals might access and compromise aircraft avionics systems," in part by moving between Internet-connected in-flight entertainment systems and critical avionics systems in the aircraft cabin.

Security researchers have long warned that hackers could jump from in-flight entertainment systems in the passenger cabin to cockpit avionics systems if airlines did not take proper precautions, such as so-called "air gapping" the networks. At last year's Black Hat Briefings, researcher Ruben Santamarta of IOActive demonstrated a method of hacking the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems.

Of Course It Is

[Greyfox]

And they're not going to do anything about it until it actually happens, because that would cost money and some douchebag CEO wants a fat bonus this quarter. There could be a law if you could get Congress to cooperate. And if they weren't all old and actually understood anything about computers. You'd think as much as most of them fly, they'd be worried about that. I'd guess if you ask any given one, it wouldn't even be on their top 100 list of things to be worried about. Probably not even on their top 100 list of things to be worried about while flying.

Re:Of Course It Is

[g0bshiTe]

I suspect it is number one, I mean they probably get paid for forgetting about it.

Re:Of Course It Is

[bobbied]

Look, don't be so jaded about the aircraft industry... They are not the ones the GAO is going after...

This is about the FAA and the regulations they enforce when certifying aircraft are safe to fly, not about Boeing's CEO making more money or shareholders getting their profits by cutting safety corners. Where it MIGHT be a political issue, where Boeing hires lobbyists to try and get the rules the FAA enforces changed, it's not directly related to cutting corners for profits.

Of course the GAO is right, sort of.. The possibility exists for someone to hack the flight controls from the entertainment systems if they are connected in some way. However, if the systems are properly designed and firewalled and the software properly vetted, I believe that you can eliminate the chances of having a successful attack vector. The problem though is how to write regulations that can assure something doesn't get overlooked and how you could prove that to the GAO so they will get off the FAA's back...

Re: Of Course It Is

I would have thought that the entertainment systems were just added on to the plane as an independent system, not that the existing avionic controls were redesigned to integrate with the new shiny. Independent systems would seem cheaper. How did it get to be cheaper to integrate them enough to cause a security problem?

Re: Of Course It Is

[bobbied]

There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system. I can imagine that it might be important to change how the data systems connect to the internet based on where the aircraft is (choosing the cheaper data path when it is in range) or use that data connection to report maintenance information to the airline's mechanics.

There are plenty of reasons the flight controls might not be totally air gapped from the in-flight entertainment systems.

Re:Of Course It Is

[hawguy]

However, if the systems are properly designed and firewalled and the software properly vetted, I believe that you can eliminate the chances of having a successful attack vector. The problem though is how to write regulations that can assure something doesn't get overlooked and how you could prove that to the GAO so they will get off the FAA's back...

Lots of companies have gotten hacked through their properly designed and firewalled network -- every software product (even firewalls) has security holes. The only sure way to isolate the avionics from the passenger network is to air gap it. Don't rely on a firewall - I really can't believe that an airgapped network is not standard practice.

Re: Of Course It Is

[ColdWetDog]

You can do that one-way though. The old 'data diode' approach. IIRC, the FAA was annoyed at Boeing precisely because the 787 really did not separate the essential flight control bus from the non essential parts. Boeing engineers disagreed and it was more of a philosophical difference than anything else.

The plane manufacturers aren't stupid. They understand the risks and tradeoffs. Whether or not the FCC really needs to get involved in that is, again, philosophical.

And to the trolls that want to bring out the 'CEO bonus' approach to everything - could you all please go somewhere else?

Re: Of Course It Is

[hawguy]

There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system. I can imagine that it might be important to change how the data systems connect to the internet based on where the aircraft is (choosing the cheaper data path when it is in range) or use that data connection to report maintenance information to the airline's mechanics.

There are plenty of reasons the flight controls might not be totally air gapped from the in-flight entertainment systems.

RS-232 with the the RX wire clipped on the avionics side would be a good way to pass that information in a one-way direction. Or just use a dedicated GPS receiver for the entertainment system.

Re: Of Course It Is

Wait, the entertainment system is part of the same system as the avionics? No wonder there are never any flight simulator games to play.

Re:Of Course It Is

[gtall]

You don't understand the new libertarian ethos in Congress. Rules and regs stifle creativity. Oversight can be safely left in industry hands. Rand Paul and his fellow travelers are honored to be associated with lax oversight.

Re:Of Course It Is

MSNBC much?

Re:Of Course It Is

[bobbied]

However, if the systems are properly designed and firewalled and the software properly vetted, I believe that you can eliminate the chances of having a successful attack vector. The problem though is how to write regulations that can assure something doesn't get overlooked and how you could prove that to the GAO so they will get off the FAA's back...

Lots of companies have gotten hacked through their properly designed and firewalled network -- every software product (even firewalls) has security holes. The only sure way to isolate the avionics from the passenger network is to air gap it. Don't rely on a firewall - I really can't believe that an airgapped network is not standard practice.

Not exactly true. IF you have fully defined all the possible traffic that goes though your firewall, down to the exact bytes you allow though and what you don't, you can write effective filters and verify that nothing else gets though, then you can have confidence that your firewall will work as expected. But this implies that your firewall does full packet inspection all the way up though the application layer. You CAN do that, it's just a lot of work to specify and verify everything to that much detail.

The problem for most commercial firewalls that are used in corporate networks is that you simply cannot fully define what you allow though and what you don't. Even if you could define that well enough, no firewall could do the necessary processing to dive deep into the packet content and filter out all possible exploits as it would take too much processing power and time. It's just not practical do it at this level.

However, if you have tight controls on your avionics interfaces (and they do) and can construct a safe way to supply the information needed, there are very safe ways to avoid hacking yet have connections. It's a pain to do, and even a bigger pain to verify you actually did it, but it's possible.

Re: Of Course It Is

[bobbied]

Yes, and you can bet they do stuff like this. I've seen situations where a single fiber connection just sends Ethernet packets in the blind to do stuff like this over a one way network connection (where the RX fiber is never connected and the firmware just ignores the link status).

These are not "air gapped" but entirely safe from hacking attempts...

Re:Of Course It Is

[Obfuscant]

Don't rely on a firewall - I really can't believe that an airgapped network is not standard practice.

Where have you seen anything that says it isn't? The GAO is warning about something that might happen if ... The "demonstrated hack" of the 'satellite communications' wasn't the avionics, it was the satellite system used for WiFi and inflight video.

It's not like Die Hard and Scorpion show you. Really.

Re:Of Course It Is

[Sir_Eptishous]

it wouldn't even be on their top 100 list of things to be worried about. Probably not even on their top 100 list of things to be worried about while flying.

100. How many martinis can I drink on this flight?
99. Gin or Vodka?
98. Will Sheila in St. Petersburg still talk to after that incident with the plushie?
97. Why am I waiting so long for my snacks!?!?
96. Will Monsanto quit fucking around and donate to my campaign, I voted down that amendment just like they said!
95. Is that hot new staffer single?
94. Why does my wife still insist on vacationing in Cancun?

Re: Of Course It Is

That seems like a reasonable assumption, but that's exactly what it is: an assumption.

What you don't know you don't know can disappear an entire Malaysian airlines flight.

Re:Of Course It Is

[quintessencesluglord]

This is about the FAA and the regulations they enforce when certifying aircraft are safe to fly, not about

Um, no.

As is the case libertarians make, regulations should be a measure of last resort, when corporations have proven to be too incompetent to address a problem themselves, and require the gentle guiding hand of government to urge them to get their shit together.

If anything, regulations set a standard of a bare minimum, which isn't exactly what you want in this age of TSA gropings, omnibus metadata collection, and meddling government at 40,000 feet in the air.

If libertarian arguments are to be believed, the invisible hand of airlines and aircraft manufacturers would have come up with safety measures through competition and allowing armed passengers to shoot anyone they believed to hacking into flight controls, and yet here we have the GAO, perhaps the least partisan government office, urging the FAA to even further meddle in the affairs of business. It's not like the passengers couldn't have sued after they crashed.

Re: Of Course It Is

There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system.

The in-flight entertainment system does not need to get this info from directly from the flight control systems. The plane is transmitting that kind of info over ADS-B.

Re: Of Course It Is

[Mister+Transistor]

Wouldn't you rather play a nice game of chess?

Re:Of Course It Is

[bobbied]

This is about the FAA and the regulations they enforce when certifying aircraft are safe to fly, not about

Um, no,.

Garbage clipped...

From the fine article you didn't read....

A report from the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing...

So what was this about again? The GAO going after the FAA....

Re:Of Course It Is

[afidel]

There are ways to do formal proofs of correctness, but nobody outside of NASA does it, and it leads to a cost per LOC that's at least 100x what COTS software costs so there's no way that airlines would go for it, it's cheaper to require that the systems be airgapped.

Re: Of Course It Is

There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system. I can imagine that it might be important to change how the data systems connect to the internet based on where the aircraft is (choosing the cheaper data path when it is in range) or use that data connection to report maintenance information to the airline's mechanics.

There are plenty of reasons the flight controls might not be totally air gapped from the in-flight entertainment systems.

You do not need to connect to the flight systems to get any of that; you can use a separate system to provide that data.
What you described can be got from a smartphone.
The needs of the entertainment system ,and customer info are simply Not That Important - they do not require complete accuracy.

Re:Of Course It Is

[quintessencesluglord]

A bit slow on the uptake, ain't 'cha?

In the grand scheme of things, who is responsible for passenger safety? Is it the GAO? Is it the FAA? Is it aircraft manufacturers who design inflight entertainment systems? Is it the airlines that purchase said systems?

Yes.

Re:Of Course It Is

It's the same problem they had with the CAN bus on cars - it seems like a good idea to stick a GSM on the CAN bus until someone turns up and ruins your day. Someone neglected to account for the fact that sticking any boondoggle on the side of the bus is like putting another door on your house. There should probably be locks on it. Heck, there should probably at least be a piece-of-wood door there and not just a big hole.

They won't learn though. It's a few dollars of cost for them to just jack into the existing infrastructure and monetize it. Money is good.

Try to ignore the sound of the jackhammers and falling planes.

Re:Of Course It Is

[bobbied]

Um, excuse me but the systems are not air gapped at this time and are currently flying.

The cost to validate avionics packages already has a lot of effort built into the NRE. There is a LOT of stuff to validate and prove to the FAA you did right or you don't get your type certification for the aircraft. No type certification, no flying it commercially, no airline will buy the aircraft and you go broke, so manufacturers don't skimp on this part.

So, obviously it's not cheaper or they'd have done it already.

Re:Of Course It Is

[radarskiy]

" They are not the ones the GAO is going after...

This is about the FAA and the regulations they enforce when certifying aircraft are safe to fly, not about Boeing's CEO making more money or shareholders getting their profits by cutting safety corners. "

The GAO is not going after the aircraft industry merely because their charter does not permit them to directly go after the aircraft industry.

Nothing is preventing the aircraft industry from meeting these safety concerns ahead of any regulation... except the CEO making more money or the shareholders getting their profits. An explicit claim that current regulation is insufficient is at least an implicit claim that the industry cannot manage without regulation.

Re:Of Course It Is

[bobbied]

A bit slow on the uptake, ain't 'cha?

In the grand scheme of things, who is responsible for passenger safety? Is it the GAO? Is it the FAA? Is it aircraft manufacturers who design inflight entertainment systems? Is it the airlines that purchase said systems?

Yes.

GAO? They have no mandate that says they are responsible for aircraft safety, their mandate is about accountability (if you believe their name).

But the point I'm trying to make (and you seem to be missing) is that this report is about the FAA's regulations and the GAO's opinions that say they don't do enough for safety in aviation, specifically as the regulations address the connections between passenger accessible systems and the flight controls.

IMHO the GAO's position is crap and is based on network security "rules of thumb" that may not fully apply in all cases. I don't believe the current crop of interconnected systems in airliners open them up to hacking attacks that would do anything more than crash the in-flight entertainment systems. Air gaps are not necessary, IF you are careful to do the right things to eliminate the risks.

Re:Of Course It Is

[bobbied]

IMHO the GAO is patently wrong about this. Where I share the concern that the FAA's regulations may be lacking, I don't believe that any type certifications the FAA has issued for any aircraft include any significant risk like the ones the GAO is concerned about.

This was discussed in great detail with the certification of the 787 which has extensive and intermingled networks that includes the in-flight entertainment systems which are passenger accessible as well as the flight controls (fly by wire) networks. Both the FAA and Boeing worked this out and I have no reason to believe that their determinations where not accurate. The FAA indicated that their regulations where incomplete and inadequate to address this kind of thing at the type certification time, and required Boeing to do additional demonstrations (beyond what the regulations required) of the resistance of the system to hacking.

Now, if the GAO wanted to say the regulations where inadequate, fine, the FAA admitted as much. But that doesn't mean the FAA is just letting unsafe aircraft into the air. It also doesn't mean that the GAO is correct in it's instance of an "air gap" between the flight controls and everything else. I think they are nuts myself.

Re:Of Course It Is

[ITRambo]

Some old people understand computers quite well. The problem with Congress is that they're not just old, they're mostly old lawyers.

Re: Of Course It Is

[Libertarian_Geek]

Are you justifying a bad design (connecting critical flights systems to entertainment systems) by taking the route that a $12 GPS chip and supporting circuitry is too expensive or weighs too much to add a dedicated one to the non-critical systems?

Because every example you just posted could be completed with a 4 ounces and $20 of electronics or less.

Re:Of Course It Is

You're assuming that the firewall itself ist not exploitable. With detailed filters such as you described above, the firewall software is likely to be so complex that it is almost inevitably vulnerable.

Re: Of Course It Is

[bobbied]

Because every example you just posted could be completed with a 4 ounces and $20 of electronics or less.

This is aircraft parts we are talking about you know, they are hugely expensive. There isn't ANYTHING that draws electrical power and costs $20 on an airplane. Not to mention that the wiring, connectors, and lacing alone would be more than 4 ounces.

I once knew an FBO where I flew private aircraft that got caught using automobile parts (a voltage regulator I believe) on one of their aircraft. It was exactly the same in every way to the aircraft part, likely they came from the same assembly line, but the aircraft part cost a few hundred dollars and the car part was one tenth the cost. The difference? That pesky yellow tag which indicated that THIS part was of known origin, made from known materials and had known performance so it was approved by the aircraft manufacturer for use in their aircraft. Other than the paperwork, the part worked just fine and everybody was happy until the FAA caught up with them...

What you suggest is more in the neighborhood of millions of dollars worth of NRE to get the design certified and the parts for each aircraft would be in the tens of thousands plus about double that to install the parts, wires and connectors required. The weight is going to be a LOT more than 4 ounces, just one connector and back shell would weigh more.

Then there is the question of power consumption. It may not sound like much to you if the thing draws a few watts, but in modern aircraft the power budgets are extremely tight for a number of reasons. Generators cost fuel to run, wires to carry the power weigh a lot and heaver aircraft carry less cargo/passengers for the same amount of fuel burned. So you go out of your way to lower power consumption, put everything on the fewest wires you can etc to lower operating costs as much as possible. After-all it's the operating costs savings that drives sales of new aircraft, not the shiny new paint.

OH MY!

Oh NO!

Re: OH MY!

The SKY is Falling!!!! HALP?!?!

Pilots will always be needed

[bughunter]

This is why the idea of remote overrides of pilot controls is a particularly BAD idea.

A trained, qualified pilot must always have last resort authority, over any automated system and preferably even over any "assisted" system, whether it be fly by wire, hydraulic, etc. If control can be taken out of his or her hands remotely, because someone (or something) on the ground doesn't agree with the pilot's judgement, I guarantee we'll see more disasters, not fewer.

The instances where intentional pilot misconduct or hijacking occur are few, but notorious. But the instances where human pilots in the cockpit handle minor emergencies that could easily have turned into deadly ones occur regularly and we seldom hear about most of them.

Case in point: Do you think an autopilot on the ground could have heard a stowaway baggage handler?

Re:Pilots will always be needed

[clonehappy]

But self-driving cars? Those are just fine! Maybe if Google made self-flying planes for taking aerial photos on Earth first, all the mindless geeks would be all for it?

Re:Pilots will always be needed

Your ignorance is nicely summarized in your "case in point". Do you think anybody hears a stowaway?
http://en.wikipedia.org/wiki/List_of_wheel-well_stowaway_flights

Full automation with the computers on board is by far safer than anything else. It could be augmented with having the automation request human assistance, which will come remotely and by people who are far more competent than run of the mill pilots. That is, preferably some of the test pilots who have also worked as engineers designing the plane and know it inside out. That way there would never be any accidents in which pilot error causes a perfectly functioning aircraft to crash and whenever there's a technical problem, it would be handled by the most competent pilots in the world.

There are very few benefits in being on board to solve a problem - in past accidents pilots have not known when an engine has literally fallen from the aircraft since they can't see the wings (El Al 1862) and a camera feed could go anywhere. Pilots have even failed to hear that their engines are abnormal when broken instruments have misled them. More information could be delivered through additional instruments and thus also be available remotely just as well and with data gathered from all aircraft of the type, anything abnormal detected sooner than ever before. For instance, accelerometers could detect abnormal vibrations long before any pilots could. Same with sounds, if sound provides anything else useful. Temperatures and pressures. A lot of extra instruments could be added and weight savings would still be made if pilots and their special needs are no longer on board. And flight attendants would still be on board if passengers need to be moved to change the weight distribution due to e.g. a malfunctioning landing gear. If an aircraft gets so badly damaged that a robustly designed multiply redundant automation with remote augmentation system ceases to function, the aircraft is so damaged that nobody on board could do anything either.

old news

[Augmento]

http://www.sans.org/instructor... Mike Poor has been saying this for years

Avoincs design is already robust.

TLDR: The current systems are already very good, but it wouldn't be bad to look at it also from a malicious perspective.

TFS is misleading. The airworthiness criteria currently do not address "hacking" or "malicious data." However, airworthiness criteria do require input validation on all inputs to all flight safety avionics systems. They also require continuous internal consistency checks, to protect from code changes, and strict segregation between all software on a processos and continuous validation of the state of each module. Further, almost all of the software is required to be strictly deterministic, and as such, no dynamic memory allocation occurs in flight critical and safety critical systems. Between this and the design procedures in RTCA DO-178, and the testing requirements, most avionics software is extremely hard to exploit.

Oh, and by the way, the complete lack of all of these is why current UAVs are not airworthy (the large military ones are close) and should not be allowed to fly near or over people. The UAV revolution will implode when they're held to the standards required for digital fly by wire airplanes and start costing as much as real airplanes.

Re:Avoincs design is already robust.

Not true in my experience. I worked on something non-safety related that shared resources with a safety system and, due to a bug (not mine!), was able to turn off those shared resources. The answer from my PHB was not to do it, no changes were made to the safety system as it would cost too much to revalidate.

Re:Avoincs design is already robust.

If this is in certified avionics I'm calling BS unless you name and shame. If it's in a car, there are plenty of examples of you being correct. (yes, this is selfish, as I fly for a living)

Re: Avoincs design is already robust.

Agree it's BS. Most (all?) stuff in cars is mechanically failsafe. Steering, brakes, ignition kill switch. That is why the standards are low in the industry. Planes on the other hand have huge incentives to be reliable, because having a particular model falling from the sky due to software problems will end even a company as large as Boeing or Airbus overnight. Also primary flight controls are dedicated systems and actually quite simple and the notion these are in anyway exploitable from the entertainment system is just silly.

Re: Avoincs design is already robust.

If your ABS brake sw does not work properly, you will see some very funny effects.

Re:Avoincs design is already robust.

You don't know jack-shit about how rigourously some of the software in avionics is tested ,just think about the sub-sub-sub-sub-contractors involved. Notice I didn't say safety critical, DO-178B is not all that and the lower levels are a waste of time!

Haxxxin teh plaens!

Dem haxxorz gittin' fly, bro.

Back door recently discovered on the Boeing 747

Next to the "EXIT" sign.

Talk about an air gap

How much air do we need to make something secure?!

But the Republican-ruled FAA is so stupid...

that they're just not figuring out that computers can be hacked. That is how stupid these people are. It's sad that these stupid people rule the world and make our lives miserable. For non-Republicans, live is shit and not worth living. For most of us, we are literally better off dead. They hate us and want us to die. Ironically, they might be doing us a favor by killing us.

Re: But the Republican-ruled FAA is so stupid...

Get yourself a bottle of your local Schnaps (whatever they call ethanol at your place) and get drunk. It heals your current sickness.

Visiting a girl will also help.

just override the cockpit door code and take it ov

just override the cockpit door code and take it over from there.

Wisdom follows, pay attention!

Hello,

Here is some crushed FUD for thought:

- As long as pilots are in the cockpit, they can pull circuit breakers and then it's game over for Stuxnet worm or whatever e-threat. For example in the Airbus A-320 there are 3 or 4 (3 digital +1 analogue) flight control computers, depending on how old or new make the plane is. Their juice can be denied by breakers on the cockpit overhead panel, one-by-one. This is how the logic works:

- When all 3 digital flight computers run and agree about the situation, it is "normal law": pilot moves joystick, computers decide if it is both absolutely safe and comfortable to do so and when affirmative, execute the manouver.

- When only 2 computers run or 1 cpu has been voted out by the majority, it is "alternate law": pilot moves joystick, computers decide if it is reasonably safe to do so and if yes, execute the manouver (maximum pax comfort be damned and alpha floor stall protection is partially lost).

- When only 1 computer runs, it is "direct law": pilot moves joystick and the computer forwards the instruction to electro-hydraulic actuators, to execute the manouver in a brain-dead manner.
(Passanger comfort be damned and for safety, hope that the pilots are skilled and talented aviators who will keep the plane flying. That is not always a given for the younger generation, e.g. the button-pushers who crashed the AF flight 447. On the other hand, computer circuit breaker pulling, until reaching "direct law" was the very method which Lufthansa pilots followed for rescue when the speedometer of their A-320 froze up and confused computers wanted to send the plane into a never-ending descent under "normal law".)

- When 0 digital computers remain running (e.g. giant EMP from a nuke or nearby supernova) pilots would have somewhat limited tools remaining on the newer model year Airbus-320 planes, such as:

The foot pedals (rudder) are still mechanically connected with steel rope and pulley to the rudder sail in the tail, allowing turn to the left and right.
The trim-wheel is also mechanicall connected to the little adjustment tabs on the horizontal flying tail, allowing limited control of descent and climb.
Jet engines' power can also be controlled manually to allow for descend/climb and near-idle before landing (but without FADEC computerized help the pilots must be careful not to wreck the turbines with sudden moves on the thrust levers)
All this is a very tricky situation, therefore much drilled in flight simulator training!

- Unlike the Airbus A-320, the Boeing's B-737 is not fly-by-wire, as it is derived from an early 1960s design and big fleet customers, like Ryanair are outright banning Boeing from any innovation, not willing to spend a penny on pilot re-training!

This legacy-mania is how Helios airlines' B737 crashed: the pressurization to give breathable air at high altitude is completely under manual control on B-737 and activation is often forgotten. By the time the warning siren sounds at over 3000 meters altitude, pilots can be too mountain-sick to react properly in time and faint. A hungarian Malev airlines B-737 almost crashed under eerily similar circumstances a few years ago, so Helios was not a unique occurance. The landing gear is similarly full manual operation, that's how the polish wrecked a B-767 last year. Yet large fleet customers ban Boeing from improving ergonomy and foolproof-ness, not wanting to spend on any pilot re-training.

If it weren't for Airbus, Boeing would still be making airplanes with "swiss watch filled cockpit dashboards" because they carry a lot of legacy and the existing customer base / operators are very resistant to any change that would mandate personnel re-training. Glass cockpit (LCD screen) displays, electronic flight controls are all thanks to Airbus in the world of civilian aviation and Boeing is slowly following, due to the fuel economy benefits fly-by-wire and FADEC provide.

- The big problem is airlines no longer allow their pilots to fly general aviation (soa

Sounds like one of Schneier's

[wiredog]

Movie-Plot Threat Contest entries.

Oh please

Are you saying the laws against "computer hacking"* were written by democrats?

* Without defining what that is, making for very convenient law for the prosecution.

No worries...

Scorpion will stop the hackers.

Air Gapping won't work and they know it

[WillAffleckUW]

In point of fact, some internal GovSec articles specifically point out that even an air gapped system can't prevent induction wires that run through an airframe within range of seats from being impacted.

Nice try, guys.

That said, paranoia won't help you. Nor will profiling African American citizens. Your real threats are Saudis, Bahrainis, Pakistani and Yemeni citizens and their British relatives you radicalized.

As your own internal NSA data tells you, but you keep ignoring it so that Americans will all live in Fear.

Re: Air Gapping won't work and they know it

The Serbs and the Irish never had a terror problem. Neither did any one of them start a world war using terror. Agreed !

ATC vulnerable too

[pellik]

Brad Haines had a really good presentation at blackhat on another aspect of the vulnerability of the new ATC system in 2012, too. https://www.youtube.com/watch?...

Nothing to do with the subject, but...overreach?

[bradley13]

AFAIK, the GAO was originally supposed to "investigate, at the seat of government or elsewhere, all matters relating to the receipt, disbursement, and application of public funds". In this, they usually do a pretty decent job, and even remain reasonably apolitical. Of course, you can't build an empire while restricted to your original task.

Clearly, it's a logical extension: from accounting expertise to the evaluation of cyber-security in avionics computers. /sarc

Seriously, there really needs to be a mechanism to close down and reboot an agency from scratch every 10 or 20 years. Clear out the deadwood and refocus the agency on its actual mission.

MH370, for instance?

[sgt_doom]

Good-bye, Mr. Chips!

(Or, why that missing Malaysian Airlines MH370 is a really, really big deal --- besides the murder of 239 souls aboard.) Onboard flight MH370 were twenty employees of Freescale Semiconductor, a major microchip producer, owner of major fabrication facilities (referred to as foundries in the industry).

Back in 2012, some researchers at an institute connected with Cambridge University discovered a backdoor, at the hardware level, in the Actel/Microsemi chip used for military purposes, designed and manufactured by the Microsemi Corporation. What the authors didn’t mention in their highly technical paper was that these chips are also to be found in ARINC avionics (ACARS: Aircraft Communications and Addressing Reporting System, formerly known as ARINC Communications and Addressing Report System --- plus other avionics communications systems), transponders and the black boxes (flight data recorders, cockpit voice recorders, crash recorders, etc.).

Microsemi chips are produced at Freescale foundries, as well as Freescale chips are also to be found in ARINC avionics, transponders along with a wide range of other industry applications.

It is important to note that the owners of Freescale Semiconductors are the Blackstone Group, the major private equity/leveraged buyout (PE/LBO) firm, and the majority owner, and the Carlyle Group, another PE/LBO firm and a minority owner.

It is also important to note that ARINC (designer and manufacturer of major avionics systems (fly-by-wire) aboard Boeing and Airbus jets was until recently owned by the Carlyle Group, and a portion of ARINC still is, as they moved ARINC’s DoD division over to Booz Allen, the major government intelligence contractor (where Edward Snowden last worked in America), and also owned by the Carlyle Group.

Malaysian Airlines, which may have figured into it, was at that time partially owned by the hedge fund of Lord Jacob Rothschild, long an advisor to the aforementioned Blackstone Group.

The previously mentioned Microsemi Corporation, whose chips are backdoored, or compromised, is managed by James Peterson, CEO and board member. Peterson is one of the sons of Peter G. Peterson, founding member of the Blackstone Group.

Both the process of chipping (purposely introducing defects into chips for cryptographic penetration) and backdoors in chips, dates back to the late 1950s and 1960s.

When the U-2 spy plane was shot down over the Soviet Union, it contained chipped cryptographic communications gear, developed by the NSA at the instigation of the CIA, which the CIA hoped the Soviets would copy, allowing deep penetration by the NSA. Unfortunately, this was around the time of the real defection of two NSA employees (Martin and Mitchell), so after being given the coordinates of the U-2’s air route by previous “defector” Lee Oswald to allow the Soviets to shoot it down, they were now possibly savvy to the covert operation’s agenda.

The first major successful operation involving backdoored chips was supposed to have occurred in the 1980s, when an American industrial controls computer system (SCADA) was sold illegally through a Swiss firm to the Soviets, and resulted in a series of major explosions at their northern Baltic Sea naval installation (chips set to control maximum temperatures of fuels did the opposite).

When a group is seeking to compromise, and therefore control, both the Internet and a wide spectrum of computer hardware applications (communications, transportation, industrial, financial, etc.) the process of chip access is crucial, and to do that covertly it must be done at the chip fabrication point.

Hence the use of, and subsequent disposal (murder), of those Freescale Semiconductor engineers aboard flight MH370. Below is the youtube link to a video from a SAIConference (SAIC, is one of the two government intelligence contractors, the other being Booz Allen), the expert from University College Londo

Re: MH370, for instance?

[LDAPMAN]

The U2 shot down over the Soviet Union had "chipped" communications gear? Now your in fantasy land. The U2 at that time barely had a radio! What it did have contained 0 chips.

Re: MH370, for instance?

Geez, dipshit, guess you know more than everyone I ever served with in the USAF, huh, sonny? When did you receive your Top Secret Crypto clearance, BTW, dood? --- sgt_doom

Re:MH370 did what they talked about in the lone gu

[Mister+Transistor]

Hey I can't wait for the giant "McAfee certified" stickers on the sides of planes. Watch out for the "My Clean 747" ones though...

not exactly a secret

Balint Seeber gave a talk at DEFCON in 2013 that showed everyone how much is out there to be sniffed using a twenty dollar SDR kit. www.spench.net

Also see DefCon's avionics preso from 2014

[xxxJonBoyxxx]

Also see DefCon 22's avionics preso from 2014:
https://www.defcon.org/images/...

Re:MH370 did what they talked about in the lone gu

[RabidReindeer]

Hey I can't wait for the giant "McAfee certified" stickers on the sides of planes. Watch out for the "My Clean 747" ones though...

Well, it wouldn't be the first time McAfee crashed something.

Re:Nothing to do with the subject, but...overreach

[afidel]

The GAO is Congress's research arm, they were asked to analyze the effectiveness of the FAA's role in assessing cybersecurity risks and they did as requested. This is a role the GAO has played for at least my entire lifetime (born in 1978). In fact this articles says that the research function started to expand in 1967 when Congress asked the GAO to research the effectiveness of the newly enacted anti-poverty programs.

Be scared!

[Chelloveck]

For a chilling documentary of airline hacking you need look no further than the first episode of this.* Watch, and be scared!**

* Hey, if they're going to claim "based on a true story" in the title credits, I'm going to call it a documentary!

** Oh, you'll be scared all right. Not to mention revolted and sickened. Just not necessarily at anything having to do with airline safety.

Re:Nothing to do with the subject, but...overreach

The GAO is Congress's research arm,

Huh, I would have sworn that role belongs to the Congressional Research Service http://www.loc.gov/crsinfo/ since it is their entire damn name!

Remote cyber attacks on avionics systems?

[DougPaulson]

"the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing to address cyber security vulnerabilities that could allow remote attacks on avionics systems needed to keep the plane airborne"

Have they tried not connecting their avionics systems to the Internet?

Re: Remote cyber attacks on avionics systems?

Have they tried to use a parallel universe GPS aether ?

Because me and my buddy have a $500 GPS signal generator hooked to a PC and a directional antenna. Let's see hof far we can get from the GPS chip to the Flight Management Computer. I work for the revolutionary guard electronic warfare corps and we have and A320 on loan for our experiments here.

Well, not really, but MAYBE your little eyes are now opened.

Ryanair banning Boeing innovation?

[DougPaulson]

anon: "Unlike the Airbus A-320, the Boeing's B-737 is not fly-by-wire, as it is derived from an early 1960s design and big fleet customers, like Ryanair are outright banning Boeing from any innovation, not willing to spend a penny on pilot re-training!"

Do please expand, how exactly are Ryanair preventing Boeing innovating, provide references and citations ..

Re: Ryanair banning Boeing innovation?

> how exactly are Ryanair preventing Boeing innovating

Ryanair and the like are willing to buy several hundred new built B-737-800 but only at rock-bottom deep discounted prices. They are low-cost airlines, so they seek the rock bottom everywhere. If Boeing innovates anything, pilots have to be re-trained to be still type rated. Pilot in training doesn't fly routes and the process involves simulator time and education costs a whole lot, so no way it's going to happen!

If Boeing innovates anything on the B-737, the price of planes would also have to rise to recoup r&d investment, thus Ryan could not get rock bottom deal any more. Becasue of this, the infamous scandal hero Ryanair CEO tell Boeing execs in no uncertain terms that changing anything more important than a peripheral item like a winglet, would result in dropped order and the Boeing B-737 assembly line workforce being unemployed. Boeing than complies and sticks with the 1960's architecture.

With long-haul airliner market, the problem is less severe, but many Boeing customers there are still enamoured with e.g. B-757 and want a new batch of that made. Legacy mindset... Airbus has the benefit of late entry in the market, so they are more legacy free and their entire "raison d' etre" is to innovate, else they would have no place under the Sun.

Re: Ryanair banning Boeing innovation?

[DougPaulson]

I thought Boeing’s own Bank a.k.a. the U.S. Export-Import Bank were more than happy to loan the funds to buy Boeing aircraft. Eighty two percent of such loans went to Boeing customers in 2012 ref.

You still haven't provided any reliable sources for your previous posts.

Don't just worry about the planes

TCAS, ACAS and ADSB report aircraft positions, etc., and are easily faked. Air Traffic Control already depends upon these systems as radar gets fazed out (ask Australian ATCs what they thought of planes disappearing from their French-made "radar" screens in poor signal conditions or when the system didn't recognise transponder codes). I'm surprised there haven't been serious issues with this already but when we start seeing ATC remotely flying planes then these will be some of the easiest things to exploit.

GAO

General Accountability Office?

Weird how they have two completely different departments (the other one is the General ACCOUNTING Office), that do completely different things (one does accountability, the other accounting), using the same TLA (Three Letter Acronym). That's just freaky!

Simple Solution, Separate Networks

[verrol]

How hard can it be to have the Wifi network completely separated everything else? The only thing it shares, is electricity. How can anyone go form the WiFi to the plane's network in that case?

Re: Simple Solution, Separate Networks

Just make sure you "isolate" your GPS receiver also.

Please let me know if you get it done. A nobel prize in physics is waiting for you, IF yiu get it done.

It is always funny how myopic computer folks can be.