Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Securing the friendly skies

Securing the friendly skies 

Roberts, founder and CEO of One World Labs, has researched security vulnerabilities in transportation systems for more than a decade. According to Roberts, he first met with the FBI in 2011 to discuss his concerns regarding commercial aircraft. He thought he was making progress with aircraft manufacturers in 2013, but one company suggested a meeting at their headquarters that never happened, and the other “decided he was a threat.” Approximately 4 months ago, Roberts met with the FBI and turned over full details of his research.

“We have demonstrated the access paths possible from the seats to the avionics systems,” Roberts explained during a telephone interview. While he did not want to divulge technical details, he did convey that accessing aircraft flight systems from a passenger’s seat requires research and specific tools. It is possible, but it is not simply a matter of plugging a laptop into a network jack.

According to a Boeing spokesman, “IFE (in-flight entertainment) systems on commercial airplanes are isolated from flight and navigation systems. While these systems receive position data and have communication links, the design isolates them from the other systems on airplanes performing critical and essential functions.”

Statements by Roberts and Boeing are difficult to reconcile. It would be difficult to envision any major aircraft manufacturer not taking security seriously. Boeing must conduct penetration testing. But if aircraft location data is available in the in-flight entertainment system and there are “communication links”, the systems are obviously not completely isolated and security vulnerabilities may exist. Boeing declined to provide further information, stating that “for security reasons, we do not discuss specific airplane design features.”

A United States Government Accountability Office (GAO) report released in April 2015 discussed network connectivity between aircraft systems: “Historically, aircraft in flight and their avionics systems used for flight guidance and control functioned as isolated and self-contained units, which protected their avionics systems from remote attack. However, according to FAA and experts we spoke to, IP networking may allow an attacker to gain remote access to avionics systems and compromise them. Firewalls protect avionics systems located in the cockpit from intrusion by cabin-system users, such as passengers who use in-flight entertainment services onboard.”

A diagram included in the report indicates that the wireless bridge and communication link used by passengers is on the same network as the in-flight entertainment system and avionics, separated by a firewall and other “cybersecurity controls.” It is therefore possible that the right combination of vulnerabilities could enable a passenger, or even a ground-based attacker, to access avionic systems.

According to Roberts, an aircraft manufacturer’s claim that this was “impossible” prompted his now-infamous tweet from a United flight: “Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? ‘PASS OXYGEN ON’ Anyone ? :)”

United Airlines was not impressed. Roberts was detained by the FBI upon landing and has subsequently been banned from United flights. A statement from the airline read, “Given Mr. Roberts’ claims that he has manipulated aircraft systems while inflight, a clear violation of United policy, we’ve decided it’s in the best interest of our customers and crew members that he not be allowed to fly United. Notwithstanding his attempts, we are confident our flight control systems could not be accessed through techniques he described.”

From a security architecture perspective, it is difficult to understand why an aircraft manufacturer would connect the entertainment system or passenger Wi-Fi service to any flight systems. Firewalls are frequently defeated by sophisticated threat agents. Position data is easy to acquire with a stand-alone GPS. Using a firewall or other security control doesn’t make sense if an air gap is an option.

This debate extends far beyond aircraft. Security research is important, but ground rules are clearly required, along with a collaborative relationship between security researchers, manufacturers, and government agencies.

Since the incident, Roberts has gained both supporters and critics. Many find it difficult to understand why a security researcher would allegedly connect to aircraft systems during flight. Were passengers, crew, and people on the ground put at risk by research?

Roberts argues that multiple levels of redundancy would prevent someone from inadvertently doing anything catastrophic. It is unclear what a malicious attack could achieve, but further investigation is clearly required.

Related posts