Hack airplane anyone?

Recent times there have been two very interesting incidents reported. One was about a seasoned hacker, who was able to change flight path by hacking in to in-fight entertainment system. The other was about a Chrysler Jeep, which was hacked by some one sitting in the comfort of a sofa, remotely. Obviously, any flaw which seems to endanger an airplane grabs more eyeballs and creates more interest. More I researched on the report, more I grew confident that such a hack is not possible. I will write down the report, which came out and also put my arguments against the same.

The report stated that Chris Roberts used a modified Cat6 ethernet cable to connect his laptop to the electronic box under the passenger seats. He then overwrote the code on the airplane’s thrust management computer. After breaching the system, he fired a ‘CLB’ or climb command causing one of the engines to climb and consequently making the airplane go in a sideways or lateral movement.

However, the following counter-arguments make the above implausible.

Argument one: The IFE (in-flight entertainment) system is a data receiver from the flight control systems. It received position data from the flight control systems. However, it does not have any code functionality to allow performing flight control activity. By hacking in to the system, one can at most feed wrong data to all passengers.

Argument two: Secondly, the ‘CLB’ command is an acceptable micro controller command. This is one of the many legitimate instructions, which are fed in to the flight system to enable the auto pilot system. The auto pilot sequence of commands is hard coded before the flight takes off. In most cases, it is hard coded similarly for most planes in the same routes. This code can not be changed from inside the flight.

Argument three: Auto-pilots are like logical railway tracks. All flights in the same route follow the same path. Any deviation - not carried out by pilot’s intervention to move the system from auto-pilot to manual - is designed to raise multiple alarms in the cockpit. In fact, the motion the hacked flight reportedly got into is a recipe for disaster, depending on the degree of latitudinal movement.   

By Indranil Chakravorty

Rate this article: 
0
No votes yet
Article category: 

Comments

Very interesting reading. Did you post these counter argumants on any site / newspaper which initially reported these incidents? I suggest this be done so that we will be able to learn what Chris has to say (and the individual who clams to have hacked the jeep). May be there are some loopholes we aenot awae of!

Thanks Bhushan. The same report came across huge number of websites. I am sure Chris would be least interested to argue on the websites. Also, there are some reports which state that FBI is making over-baked claims so that they could have generated an arrest warrant against Chris. At the same time, Chris is happy to get all the attention from a security hacker point of view. It's a win-win for all :)

HA!HA! Thanks Indranil.

I agree that the claim seems far fetched and fantastical.  If I see someone sitting next to me messing with underseat electronics and plugging stuff in, I will be pushing my flight attendant call button.
The larger concern as posed in an earlier article "Chief Information Security Officer to Chief Cybersecurity Officer, is to what extent the entertainment system may have interconnectivity to flight control systems.  There is no immediate clarity on this subject.  The FAA postured that such connectivity exists.  A learned professional responded that the FAA report was written by people who don't understand how the airplane systems work.  That leaves a big gray area, and such areas become the playground for hackers.
What is certain is that for airplanes and vehicles, the systems will become more sophisticated, more capable, and more internetworked.  Designers need to put on a cybersecurity had and think about the design principles stated in that previous article.

Pages