Hacking airplanes: Overcoming key security challenges that could ground the aviation industry

Hacking airplanes: Overcoming key security challenges that could ground the aviation industry

This is a contributed article by Nitha Rachel Suresh, Cyber Security Consultant at Synopsys

The aviation industry is no more immune to critical cyber security risks than any other industry. That's quite unsettling when you consider what the implications of a malicious attack on an airplane full of people could mean. While it's far-fetched to imagine an airplane's highly complex systems being hacked all at once, an attacker with deep knowledge of aviation systems could intentionally cause serious issues with the intended, standard operations. So, what are the key aviation security challenges and how can they be addressed?

Due to the complexity of aircraft systems, over the years, the size of the software supporting those systems has grown exponentially. The millions of lines of code involved in avionics systems, if not regularly tested for vulnerabilities, can pose a severe security threat. That's easier said than done when considering that the complexity of these systems often lowers the testability of software—leaving behind many vulnerabilities that could potentially be exploited.

Over the lifecycle of an aircraft, it will go through multiple phases of overhaul and updates. Consequently, the associated software must also undergo changes. Unless this job is carried out with extreme caution, there is a great deal of potential for security bugs to creep in to the software.

When considering the attack surface, modern avionics software development often uses commercial off-the-shelf (COTS) components to some extent. An attacker could, in theory, tunnel through such components to enter the heart of the system—a key consideration in terms of security.

The utilization of COTS technologies has also brought about more software exposure within the public domain. The aviation industry is an excellent example of how security through obscurity is becoming an increasingly passé concept. Traditionally, avionics software relied heavily on the secrecy of its development process—COTS has ensured that this is no longer the case. As such, software vendors must plug loopholes as they would with any other open architecture.

And then there is the array of hardware and software components implemented from various sources. Conducting the appropriate level of vetting for each for security threats is a massive task. Currently, third-party vulnerability assessments aren't a common practice in the realm of aviation security. To ensure secure development, this gap must be filled.

Lastly, major development standards don't have detailed cyber security policies as of now. However, the ASISP 2015 initiative by the FAA is a move in the right direction.


Real-world catalysts for change

In the 2008 crash of Spanair flight 5022, it was discovered that a central computer system used to monitor technical problems in the aircraft was infected with malware. An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if revealed, may have prevented the plane from taking off.

In 2010, the FAA published a notice indicating that some computer systems on the Boeing 747-8 and 747-8F may be vulnerable to outside attacks due to the nature of their connectivity.

In 2016, Reuben Santamarta demonstrated that attacks such as bypassing the credit card check and SQL injection can be conducted on an in-flight entertainment system.

These are only three examples illustrating what could happen when software vulnerabilities go un-resolved. So, how do we fix the problem?


Overcoming aviation security challenges

To overcome the widespread challenges, the industry must understand the attack surface. There should be a common repository of threats to both hardware and software detected by the developers and/or assessors. This needs to be maintained by regulatory agencies like the FAA and should also be available across different development platforms.

Next, the development team should be able to compile all known threats to build a threat model. Within this threat model, there should be information about threats that exclusively affect the product or piece of software at hand. A security risk assessment model should be built to effectively prevent, identify, detect, respond, and recover from the security challenges that the aviation industry is facing.

Every failure is a lesson to be learned and we should not waste those lessons by forgetting them. Threats and attacks should be logged and made available to all avionics security personnel. A-ISAC is one such organization which can provide intelligence on aviation security threats.

Ideally, security considerations should be built into the earliest phases of design, even before requirements analysis. Software architecture teams should consider the potential threats faced during the software life cycle. This will help in providing reliable and robust software.

It's becoming ever-more critical to have a well-established cyber security policy accepted by all leading manufacturers in place along with the accepted avionics standards. The observance of such policy should be mandatory for all civil aircrafts.


« Hired or fired? How data is helping to define the future of work


Eastern European startups take on India's outsourcing stronghold »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?