You are correct.. They maintain LOGICAL separation very well. Most people confuse the LOGICAL separation issue with PHYSICAL separation and think that you need to have the latter or you don't have the former. But even with physical separation, you don't have logical separation all the time.
Security requires LOGICAL separation, but that does not require physical separation.
If you can maintain logical network separation, you have all you need for security. Physical separation is NOT required if logical separation is maintained.
For instance, Assuming my switches are properly implemented, I can maintain multiple VLans that flow over the same link and they are logically separate. One Vlan does not communicate with another Vlan. I have this very thing in my home, where I keep multiple logical networks. One Vlan that is my ISP's network segment (because where they enter my home is NOT where I wanted my router to live), one for my DMZ, and a couple for my equipment. All this is though my three managed switches which are trunked together. Doing this kind of thing on an aircraft would save weight (less wires and switches) power and a whole host of other benefits afforded you by being more free to put equipment where you wanted without much concern for how the wiring would need to change..
poorly implemented In-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation
There fixed that for them.
Running them on entirely separate IP-based networks would prevent it being a possibility. Coupled with secure software and firewalls for good measure, just in case.
There's a risk if everything is on the same network, but there's absolutely no reason it would need to be.
You'd think Boeing doesn't know how to do networking or something. Come on, who thinks the network in a 787 looks anything like what you have a home?
OF COURSE the flight controls are on separate NETWORKS from the in-flight entertainment systems. However, they do have equipment that is on multiple networks and I'm pretty sure there are places where separate networks may flow over the same physical connections.
What you need for security is LOGICAL separation between these networks, NOT PHYSICAL separation. Where physical separation does make logical separation a given, logical is all you need for security.
Do the two networks share a piece of networking equipment at any point on the plane? Is it just two subnets with a [buggy] firewall between them?
On the 787, the answers are NO, and NO. The aircraft has more than two subnets, but does have equipment that spans more than one subnet.... Don't know about the buggy firewalls though, but I assume the firewalls are not that buggy. This was all well understood before the FAA issued the type certification and the FAA required additional work by Boeing (beyond what the existing regulations required) before they would issue the certification. The GAO is nuts.
No, the most important part of a business is (1) to make enough money to stay in business, followed by (2) which is to manage the cash flow so you can pay your bills when you need to.
If you don't get 1 and 2 right, nothing else matters, not even your employee's happiness, because you will go broke and they will be unemployed which is decidedly NOT a happy place.
This most certainly IS a PR stunt. As I understand it, this guy's salary is only capped at $70K until the company grows to a predetermined point, at which time HE gets a raise, presumably to a salary north of what he used to make. Not to mention that he OWNS at least part of the company, so even if he's not collecting a salary he can still collect on the stock dividends if he wants..
Businesses don't run an a vacuum. The issue is that if other businesses can do the same thing significantly cheaper or better, your business isn't as efficient as it should be. Inefficiency, if not controlled, will eventually kill a business. This guy has higher than average labor costs now.... That's not efficient.
The owner is still making a lot of money, but I don't think this gesture should be written off as a publicity stunt.
IMHO it is just hat, a PR stunt and not much more. If it does anything, it's going to kill his business. At the very least, it will limit the business's expansion by making his labor costs unnecessarily high.
The company will be out of business in short order. And that's a GOOD thing, the idea that a janitor should make the same wage as a skilled employee is utter horse shit.
Unless you are the janitor of course.
Labor should be priced by the market, not some nut job's idea of fairness, or this "living wage" nonsense. Want to live better? Work hard, get a better education and then get a better job...
By my math, this is temporally good for the few employees he has, but is going to kill his company and dump the employees onto the unemployment line in the long run. The market says that he's paying too much for labor so he will go out of business. In the end, it's really the accounting that matters, the dollars and cents, not your variables.
I agree, this guy is a weasel. He OWNS the company, so if he doesn't pay himself, the company increases in value by what he didn't already take out of the company, either directly by making the company's checking account bigger, or indirectly if the company can then spend that on resources to do more business and grow.
There are tax free retirement benefits which are not "income" today, but taxed later. There's stock options and a whole host of ways to add to one's compensation with out calling it salary. Then there are all the things he can legally have the company pay for too. Transportation, food, entertainment all can be expensed if you know what you are doing.
Rest assured, this guy won't miss that $1 Million in salary all that much...
Let's suppose Wal-mart started a floor at something reasonable, say 20$ an hour. This would attract a much better class of employee and in turn customers. They wouldn't spend nearly as much on shrinkage and retention as they do now... I think it would transform the entire company.
I'd think Wal-Mart has considered all this and compensates their employees to maximize their return. I trust their judgment over yours..
Because every example you just posted could be completed with a 4 ounces and $20 of electronics or less.
This is aircraft parts we are talking about you know, they are hugely expensive. There isn't ANYTHING that draws electrical power and costs $20 on an airplane. Not to mention that the wiring, connectors, and lacing alone would be more than 4 ounces.
I once knew an FBO where I flew private aircraft that got caught using automobile parts (a voltage regulator I believe) on one of their aircraft. It was exactly the same in every way to the aircraft part, likely they came from the same assembly line, but the aircraft part cost a few hundred dollars and the car part was one tenth the cost. The difference? That pesky yellow tag which indicated that THIS part was of known origin, made from known materials and had known performance so it was approved by the aircraft manufacturer for use in their aircraft. Other than the paperwork, the part worked just fine and everybody was happy until the FAA caught up with them...
What you suggest is more in the neighborhood of millions of dollars worth of NRE to get the design certified and the parts for each aircraft would be in the tens of thousands plus about double that to install the parts, wires and connectors required. The weight is going to be a LOT more than 4 ounces, just one connector and back shell would weigh more.
Then there is the question of power consumption. It may not sound like much to you if the thing draws a few watts, but in modern aircraft the power budgets are extremely tight for a number of reasons. Generators cost fuel to run, wires to carry the power weigh a lot and heaver aircraft carry less cargo/passengers for the same amount of fuel burned. So you go out of your way to lower power consumption, put everything on the fewest wires you can etc to lower operating costs as much as possible. After-all it's the operating costs savings that drives sales of new aircraft, not the shiny new paint.
>> Simple, The graphics card GPU is faster than the main CPU can shovel data for it to process
So, basically to use a common example, the GPU is kicking out bitcoin so fast that the CPU can't keep it saturated? Would you care to rethink your claim?
Did you even read my post? I was paraphrasing what I understood somebody else to say, then disagreeing with them.
Most GPU's are not used for graphics processing alone anymore. If they where just for graphics, most game programs would saturate the CPU and the data buss to the GPU before the GPU processor would run out of free cycles. They are WAY more powerful than is needed just for graphics...
Your BitCoin example is a classic illustration of what GPU's are really doing these days.
IMHO the GAO is patently wrong about this. Where I share the concern that the FAA's regulations may be lacking, I don't believe that any type certifications the FAA has issued for any aircraft include any significant risk like the ones the GAO is concerned about.
This was discussed in great detail with the certification of the 787 which has extensive and intermingled networks that includes the in-flight entertainment systems which are passenger accessible as well as the flight controls (fly by wire) networks. Both the FAA and Boeing worked this out and I have no reason to believe that their determinations where not accurate. The FAA indicated that their regulations where incomplete and inadequate to address this kind of thing at the type certification time, and required Boeing to do additional demonstrations (beyond what the regulations required) of the resistance of the system to hacking.
Now, if the GAO wanted to say the regulations where inadequate, fine, the FAA admitted as much. But that doesn't mean the FAA is just letting unsafe aircraft into the air. It also doesn't mean that the GAO is correct in it's instance of an "air gap" between the flight controls and everything else. I think they are nuts myself.
In the grand scheme of things, who is responsible for passenger safety? Is it the GAO? Is it the FAA? Is it aircraft manufacturers who design inflight entertainment systems? Is it the airlines that purchase said systems?
Yes.
GAO? They have no mandate that says they are responsible for aircraft safety, their mandate is about accountability (if you believe their name).
But the point I'm trying to make (and you seem to be missing) is that this report is about the FAA's regulations and the GAO's opinions that say they don't do enough for safety in aviation, specifically as the regulations address the connections between passenger accessible systems and the flight controls.
IMHO the GAO's position is crap and is based on network security "rules of thumb" that may not fully apply in all cases. I don't believe the current crop of interconnected systems in airliners open them up to hacking attacks that would do anything more than crash the in-flight entertainment systems. Air gaps are not necessary, IF you are careful to do the right things to eliminate the risks.
Um, excuse me but the systems are not air gapped at this time and are currently flying.
The cost to validate avionics packages already has a lot of effort built into the NRE. There is a LOT of stuff to validate and prove to the FAA you did right or you don't get your type certification for the aircraft. No type certification, no flying it commercially, no airline will buy the aircraft and you go broke, so manufacturers don't skimp on this part.
So, obviously it's not cheaper or they'd have done it already.
Because they have TRADE SECRETS to protect. Secretes which are both theirs and ones that they have licensed and contractually are bound to protect.
I don't think they are anti-open source, they are just trying to protect their intellectual property. They are still releasing drivers for these devices and although you may not be entitled to see the source, you can still use that open source operating system with that shiny new video card.
Simple, The graphics card GPU is faster than the main CPU can shovel data for it to process.
Not that I agree with the statement though. I think we are seeing a lot of processing being off loaded from the CPU and pushed onto the GPU. There is a lot of stuff a GPU can do much faster than the CPU, especially when doing modeling and rendering of physical objects or other math that lends itself to being done on GPUs.
Yes, and you can bet they do stuff like this. I've seen situations where a single fiber connection just sends Ethernet packets in the blind to do stuff like this over a one way network connection (where the RX fiber is never connected and the firmware just ignores the link status).
These are not "air gapped" but entirely safe from hacking attempts...
However, if the systems are properly designed and firewalled and the software properly vetted, I believe that you can eliminate the chances of having a successful attack vector. The problem though is how to write regulations that can assure something doesn't get overlooked and how you could prove that to the GAO so they will get off the FAA's back...
Lots of companies have gotten hacked through their properly designed and firewalled network -- every software product (even firewalls) has security holes. The only sure way to isolate the avionics from the passenger network is to air gap it. Don't rely on a firewall - I really can't believe that an airgapped network is not standard practice.
Not exactly true. IF you have fully defined all the possible traffic that goes though your firewall, down to the exact bytes you allow though and what you don't, you can write effective filters and verify that nothing else gets though, then you can have confidence that your firewall will work as expected. But this implies that your firewall does full packet inspection all the way up though the application layer. You CAN do that, it's just a lot of work to specify and verify everything to that much detail.
The problem for most commercial firewalls that are used in corporate networks is that you simply cannot fully define what you allow though and what you don't. Even if you could define that well enough, no firewall could do the necessary processing to dive deep into the packet content and filter out all possible exploits as it would take too much processing power and time. It's just not practical do it at this level.
However, if you have tight controls on your avionics interfaces (and they do) and can construct a safe way to supply the information needed, there are very safe ways to avoid hacking yet have connections. It's a pain to do, and even a bigger pain to verify you actually did it, but it's possible.
There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system. I can imagine that it might be important to change how the data systems connect to the internet based on where the aircraft is (choosing the cheaper data path when it is in range) or use that data connection to report maintenance information to the airline's mechanics.
There are plenty of reasons the flight controls might not be totally air gapped from the in-flight entertainment systems.
You are correct.. They maintain LOGICAL separation very well. Most people confuse the LOGICAL separation issue with PHYSICAL separation and think that you need to have the latter or you don't have the former. But even with physical separation, you don't have logical separation all the time.
Security requires LOGICAL separation, but that does not require physical separation.
If you can maintain logical network separation, you have all you need for security. Physical separation is NOT required if logical separation is maintained.
For instance, Assuming my switches are properly implemented, I can maintain multiple VLans that flow over the same link and they are logically separate. One Vlan does not communicate with another Vlan. I have this very thing in my home, where I keep multiple logical networks. One Vlan that is my ISP's network segment (because where they enter my home is NOT where I wanted my router to live), one for my DMZ, and a couple for my equipment. All this is though my three managed switches which are trunked together. Doing this kind of thing on an aircraft would save weight (less wires and switches) power and a whole host of other benefits afforded you by being more free to put equipment where you wanted without much concern for how the wiring would need to change..
poorly implemented In-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation
There fixed that for them.
Running them on entirely separate IP-based networks would prevent it being a possibility. Coupled with secure software and firewalls for good measure, just in case.
There's a risk if everything is on the same network, but there's absolutely no reason it would need to be.
You'd think Boeing doesn't know how to do networking or something. Come on, who thinks the network in a 787 looks anything like what you have a home?
OF COURSE the flight controls are on separate NETWORKS from the in-flight entertainment systems. However, they do have equipment that is on multiple networks and I'm pretty sure there are places where separate networks may flow over the same physical connections.
What you need for security is LOGICAL separation between these networks, NOT PHYSICAL separation. Where physical separation does make logical separation a given, logical is all you need for security.
Do the two networks share a piece of networking equipment at any point on the plane? Is it just two subnets with a [buggy] firewall between them?
On the 787, the answers are NO, and NO. The aircraft has more than two subnets, but does have equipment that spans more than one subnet.... Don't know about the buggy firewalls though, but I assume the firewalls are not that buggy. This was all well understood before the FAA issued the type certification and the FAA required additional work by Boeing (beyond what the existing regulations required) before they would issue the certification. The GAO is nuts.
No, the most important part of a business is (1) to make enough money to stay in business, followed by (2) which is to manage the cash flow so you can pay your bills when you need to.
If you don't get 1 and 2 right, nothing else matters, not even your employee's happiness, because you will go broke and they will be unemployed which is decidedly NOT a happy place.
This most certainly IS a PR stunt. As I understand it, this guy's salary is only capped at $70K until the company grows to a predetermined point, at which time HE gets a raise, presumably to a salary north of what he used to make. Not to mention that he OWNS at least part of the company, so even if he's not collecting a salary he can still collect on the stock dividends if he wants..
Businesses don't run an a vacuum. The issue is that if other businesses can do the same thing significantly cheaper or better, your business isn't as efficient as it should be. Inefficiency, if not controlled, will eventually kill a business. This guy has higher than average labor costs now.... That's not efficient.
Detection error.... Please check your hardware...
The owner is still making a lot of money, but I don't think this gesture should be written off as a publicity stunt.
IMHO it is just hat, a PR stunt and not much more. If it does anything, it's going to kill his business. At the very least, it will limit the business's expansion by making his labor costs unnecessarily high.
The company will be out of business in short order. And that's a GOOD thing, the idea that a janitor should make the same wage as a skilled employee is utter horse shit.
Unless you are the janitor of course.
Labor should be priced by the market, not some nut job's idea of fairness, or this "living wage" nonsense. Want to live better? Work hard, get a better education and then get a better job...
By my math, this is temporally good for the few employees he has, but is going to kill his company and dump the employees onto the unemployment line in the long run. The market says that he's paying too much for labor so he will go out of business. In the end, it's really the accounting that matters, the dollars and cents, not your variables.
I agree, this guy is a weasel. He OWNS the company, so if he doesn't pay himself, the company increases in value by what he didn't already take out of the company, either directly by making the company's checking account bigger, or indirectly if the company can then spend that on resources to do more business and grow.
There are tax free retirement benefits which are not "income" today, but taxed later. There's stock options and a whole host of ways to add to one's compensation with out calling it salary. Then there are all the things he can legally have the company pay for too. Transportation, food, entertainment all can be expensed if you know what you are doing.
Rest assured, this guy won't miss that $1 Million in salary all that much...
Let's suppose Wal-mart started a floor at something reasonable, say 20$ an hour. This would attract a much better class of employee and in turn customers. They wouldn't spend nearly as much on shrinkage and retention as they do now... I think it would transform the entire company.
I'd think Wal-Mart has considered all this and compensates their employees to maximize their return. I trust their judgment over yours..
Because every example you just posted could be completed with a 4 ounces and $20 of electronics or less.
This is aircraft parts we are talking about you know, they are hugely expensive. There isn't ANYTHING that draws electrical power and costs $20 on an airplane. Not to mention that the wiring, connectors, and lacing alone would be more than 4 ounces.
I once knew an FBO where I flew private aircraft that got caught using automobile parts (a voltage regulator I believe) on one of their aircraft. It was exactly the same in every way to the aircraft part, likely they came from the same assembly line, but the aircraft part cost a few hundred dollars and the car part was one tenth the cost. The difference? That pesky yellow tag which indicated that THIS part was of known origin, made from known materials and had known performance so it was approved by the aircraft manufacturer for use in their aircraft. Other than the paperwork, the part worked just fine and everybody was happy until the FAA caught up with them...
What you suggest is more in the neighborhood of millions of dollars worth of NRE to get the design certified and the parts for each aircraft would be in the tens of thousands plus about double that to install the parts, wires and connectors required. The weight is going to be a LOT more than 4 ounces, just one connector and back shell would weigh more.
Then there is the question of power consumption. It may not sound like much to you if the thing draws a few watts, but in modern aircraft the power budgets are extremely tight for a number of reasons. Generators cost fuel to run, wires to carry the power weigh a lot and heaver aircraft carry less cargo/passengers for the same amount of fuel burned. So you go out of your way to lower power consumption, put everything on the fewest wires you can etc to lower operating costs as much as possible. After-all it's the operating costs savings that drives sales of new aircraft, not the shiny new paint.
>> Simple, The graphics card GPU is faster than the main CPU can shovel data for it to process
So, basically to use a common example, the GPU is kicking out bitcoin so fast that the CPU can't keep it saturated? Would you care to rethink your claim?
Did you even read my post? I was paraphrasing what I understood somebody else to say, then disagreeing with them.
Most GPU's are not used for graphics processing alone anymore. If they where just for graphics, most game programs would saturate the CPU and the data buss to the GPU before the GPU processor would run out of free cycles. They are WAY more powerful than is needed just for graphics...
Your BitCoin example is a classic illustration of what GPU's are really doing these days.
IMHO the GAO is patently wrong about this. Where I share the concern that the FAA's regulations may be lacking, I don't believe that any type certifications the FAA has issued for any aircraft include any significant risk like the ones the GAO is concerned about.
This was discussed in great detail with the certification of the 787 which has extensive and intermingled networks that includes the in-flight entertainment systems which are passenger accessible as well as the flight controls (fly by wire) networks. Both the FAA and Boeing worked this out and I have no reason to believe that their determinations where not accurate. The FAA indicated that their regulations where incomplete and inadequate to address this kind of thing at the type certification time, and required Boeing to do additional demonstrations (beyond what the regulations required) of the resistance of the system to hacking.
Now, if the GAO wanted to say the regulations where inadequate, fine, the FAA admitted as much. But that doesn't mean the FAA is just letting unsafe aircraft into the air. It also doesn't mean that the GAO is correct in it's instance of an "air gap" between the flight controls and everything else. I think they are nuts myself.
A bit slow on the uptake, ain't 'cha?
In the grand scheme of things, who is responsible for passenger safety? Is it the GAO? Is it the FAA? Is it aircraft manufacturers who design inflight entertainment systems? Is it the airlines that purchase said systems?
Yes.
GAO? They have no mandate that says they are responsible for aircraft safety, their mandate is about accountability (if you believe their name).
But the point I'm trying to make (and you seem to be missing) is that this report is about the FAA's regulations and the GAO's opinions that say they don't do enough for safety in aviation, specifically as the regulations address the connections between passenger accessible systems and the flight controls.
IMHO the GAO's position is crap and is based on network security "rules of thumb" that may not fully apply in all cases. I don't believe the current crop of interconnected systems in airliners open them up to hacking attacks that would do anything more than crash the in-flight entertainment systems. Air gaps are not necessary, IF you are careful to do the right things to eliminate the risks.
Um, excuse me but the systems are not air gapped at this time and are currently flying.
The cost to validate avionics packages already has a lot of effort built into the NRE. There is a LOT of stuff to validate and prove to the FAA you did right or you don't get your type certification for the aircraft. No type certification, no flying it commercially, no airline will buy the aircraft and you go broke, so manufacturers don't skimp on this part.
So, obviously it's not cheaper or they'd have done it already.
Magician Turned Professor
...into a frog.
If kissed he's a prince too...
This is about the FAA and the regulations they enforce when certifying aircraft are safe to fly, not about
Um, no,.
Garbage clipped...
From the fine article you didn't read....
A report from the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing...
So what was this about again? The GAO going after the FAA....
Because they have TRADE SECRETS to protect. Secretes which are both theirs and ones that they have licensed and contractually are bound to protect.
I don't think they are anti-open source, they are just trying to protect their intellectual property. They are still releasing drivers for these devices and although you may not be entitled to see the source, you can still use that open source operating system with that shiny new video card.
wat
WTF is this post supposed to mean?
Simple, The graphics card GPU is faster than the main CPU can shovel data for it to process.
Not that I agree with the statement though. I think we are seeing a lot of processing being off loaded from the CPU and pushed onto the GPU. There is a lot of stuff a GPU can do much faster than the CPU, especially when doing modeling and rendering of physical objects or other math that lends itself to being done on GPUs.
Haha, linux will deprecate embedded devices when it integrates systemd into the kernel, and requires glibc.
It will still be Linux even with systemd....
Yes, and you can bet they do stuff like this. I've seen situations where a single fiber connection just sends Ethernet packets in the blind to do stuff like this over a one way network connection (where the RX fiber is never connected and the firmware just ignores the link status).
These are not "air gapped" but entirely safe from hacking attempts...
However, if the systems are properly designed and firewalled and the software properly vetted, I believe that you can eliminate the chances of having a successful attack vector. The problem though is how to write regulations that can assure something doesn't get overlooked and how you could prove that to the GAO so they will get off the FAA's back...
Lots of companies have gotten hacked through their properly designed and firewalled network -- every software product (even firewalls) has security holes. The only sure way to isolate the avionics from the passenger network is to air gap it. Don't rely on a firewall - I really can't believe that an airgapped network is not standard practice.
Not exactly true. IF you have fully defined all the possible traffic that goes though your firewall, down to the exact bytes you allow though and what you don't, you can write effective filters and verify that nothing else gets though, then you can have confidence that your firewall will work as expected. But this implies that your firewall does full packet inspection all the way up though the application layer. You CAN do that, it's just a lot of work to specify and verify everything to that much detail.
The problem for most commercial firewalls that are used in corporate networks is that you simply cannot fully define what you allow though and what you don't. Even if you could define that well enough, no firewall could do the necessary processing to dive deep into the packet content and filter out all possible exploits as it would take too much processing power and time. It's just not practical do it at this level.
However, if you have tight controls on your avionics interfaces (and they do) and can construct a safe way to supply the information needed, there are very safe ways to avoid hacking yet have connections. It's a pain to do, and even a bigger pain to verify you actually did it, but it's possible.
There are reasons they get connected. Many times the in-flight entertainment systems need to know things like the position, speed, altitude and heading to perform their assigned tasks. You want the entertainment system to be turned off below 10,000 feet AGL, or if you want the system to supply your customers a graphic that gives the position, speed, heading and accurate ETA then you need to get that information from the flight management system. I can imagine that it might be important to change how the data systems connect to the internet based on where the aircraft is (choosing the cheaper data path when it is in range) or use that data connection to report maintenance information to the airline's mechanics.
There are plenty of reasons the flight controls might not be totally air gapped from the in-flight entertainment systems.