Last month a security researcher Chris Roberts tweeted from his seat on a United flight that he thought it might be possible to gain access to an airplane’s flight computer through its inflight entertainment system. When he stepped off the plane the FBI was there to take him into custody for questioning. His equipment was confiscated and he was either prevented from flying on a subsequent flight or completely banned from flying on United ever again (it’s not clear which).
Roberts was questioned, his gear was analyzed and he was released.
From there the story gets a bit convoluted.
Numerous engineers and security experts came forward to say that it would be impossible to get into a plane’s vital computer systems by hacking the inflight entertainment system (IFE) because they are two, completely separate systems and the only communication possible between the two is strictly a one-way street. In other words the systems controlling the plane can send data to the IFE but the IFE can’t send data back.
However, one of Boeing’s own backgrounder papers published in December 2012 states, “A key part of the 777 systems is a Boeing-patented two-way digital data bus, which has been adopted as a new industry standard: ARINC 629. It permits airplane systems and associated computers to communicate with one another through a common wire path (a twisted pair of wires) instead of through separate one-way wire connections. This further simplifies assembly and saves weight, while increasing reliability through a reduction in the amount of wires and connectors. There are 11 of these ARINC 629 pathways in the 777.”
That doesn’t sound like a one-way connection to me, but maybe the IFE isn’t one of the systems on one of those 11 ARINC 629 busses.
And besides, a Boeing engineer has said that it doesn’t matter if the IFE (or any other system) tries to send info back because there are filters in place that would recognize any suspicious data as invalid since it came from the wrong place or came at the wrong time. I guess they’ve never heard of a SQL injection attack.
But if it isn’t a two-way communication channel then why build in those types of filters in the first place?
The FBI didn’t charge Roberts with any crime but a few days after the event they issued a bulletin advising airline personnel to watch out for anyone using the IFE in a suspicious manner – for example by trying to remove the cases protecting the IFE controllers under their seats and connecting their own cables.
And a few weeks later the FBI filed an affidavit in order to get a warrant to do a more thorough forensic study of Roberts’ computers. The justification? The FBI contended that they believe Roberts may have indeed hacked a plane’s computers.
Just to add a bit more confusion, it has since come out that the FAA warned the airlines about potential problems sharing communication between systems years ago and issued new rules. And oh yea, United got a special exemption from implementing those new rules on some of their planes.
People who have spoken to Roberts say that it could have been a joke, it could have been idle speculation, he might have done it to gain attention, he may have done it in a simulation or he might have actually done it for real. It has also been speculated that because Roberts is a rather cynical, sarcastic and sometimes flippant kind of guy his statements to the FBI were misconstrued.
Do I think Roberts actually hacked the critical systems on the plane he was riding on? Probably not. But I bet he spent those long hours sitting on airplanes thinking about how one might do it – that is, after all, his job.
Do I think the IFE systems are completely isolated from the other systems? No. I believe Boeing and the airlines wanted to save a few bucks by using standard, off-the-shelf two-way Ethernet components and tried to implement a kind of internal network permissions system to prevent the IFE from accessing other systems or sending the wrong kind of data to them (and I bet that most systems are still using the default settings).
I think the airlines and Boeing are in a bit of a panic mode. On the one hand they want to reassure people that this could never happen and on the other hand they are desperately looking for a solution to this type of problem.
I also believe that they won’t make any changes until after someone actually does hack an airplane’s critical systems and terrorists begin crashing multiple planes into large cities. After all, that’s how airlines work. Find a problem, wait until it kills a few hundred people and then spend months or even years to fix it.