FAA: Boeing's New 787 May Be Vulnerable to Hacker Attack

wrote in message


While physical separation of systems is one of the better deterents to
hacking, it isn't the only method to prevent it.

Systems that are interconnected can be designed to be secure.

Agreed.

--
John T
http://sage1solutions.com/blogs/TknoFlyer
http://sage1solutions.com/products
NEW! FlyteBalance v2.0 (W&B); FlyteLog v2.0 (Logbook)
____________________

Bob Noel writes:
1) Exactly what is the extent of the connection (physical and logical) between
cabin systems and cockpit systems? Unfortunately, the specifics are likely
to be considered proprietary and not in the public domain.

2) Why have any connection at all?

Top 10 reasons why there is a connection between the entertainment and
flight control system:

10. Each seatback computer has a CPU and RAM in it. Can you imagine
a Beowulf cluster of all of these computers? What a powerful machine!
This cluster soaks up spare machine cycles predict the weather that
the plane is about to encounter.

9. Counter-terrorism. Each seatback can run a flight simulator
program. To increase realism, it gets real data from the flight deck,
making the simulation more entertaining. If a passenger has the magic
unlock code, they can enable the reverse connection -- taking control
of the plane. Normally only the undercover air marshals have the
codes, but if hijackers enter the flight deck then the codes are
broadcast to all of the passengers in the plane.

8. Cool screen savers. In addition to the "plane's current position
on a map" display, you can watch the fuel levels, control surface
deflections, autopilot programming, and current radio frequencies.
The plane compares the pilot's performance to an internal model of an
idealized pilot, and shows the passengers what the pilot is doing
right or wrong. A special game mode lets you pilot a simulated plane
and see if you can out-score the real pilot.

7. Surveilance cams. Each tray table has a built in webcam which
lets passengers videoconference from the comfort of their own chair!
From the flight deck pilots can also turn on any camera they please to
check out suspicious passengers, or to relieve boredom. This data is
also interleved on an uplink to ATC so they can keep an eye on the
sky.

6. More efficient multicast. What if a passenger is downloading a
GPS firmware update, and the flight deck is downloading the same
update at the same time? You wouldn't want to transmit those bits
twice -- if they share a common network multicast can be used to
improve performance.

Okay, I ran out of ideas. Perhaps you can help finish this list?

Chris

Christopher Brian Colohan schrieb:

7. Surveilance cams. Each tray table has a built in webcam which
lets passengers videoconference from the comfort of their own chair!
From the flight deck pilots can also turn on any camera they please to
check out suspicious passengers, or to relieve boredom. This data is
also interleved on an uplink to ATC so they can keep an eye on the
sky.

you meant the DHS.

but maybe one can vote the "chick of the flight"?

6. More efficient multicast. What if a passenger is downloading a
GPS firmware update, and the flight deck is downloading the same
update at the same time? You wouldn't want to transmit those bits
twice -- if they share a common network multicast can be used to
improve performance.

multicast ... my ass. you mean they start useful and working multicast
first on planes (before they do so IRL)?

#m
--
beware of the .sig-monster!

Martin Hotze writes:
6. More efficient multicast. What if a passenger is downloading a
GPS firmware update, and the flight deck is downloading the same
update at the same time? You wouldn't want to transmit those bits
twice -- if they share a common network multicast can be used to
improve performance.

multicast ... my ass. you mean they start useful and working multicast
first on planes (before they do so IRL)?

Are you saying that, given my example, if this worked well it would be
_useful_?

Hmmm. I have to recalibrate here...

Chris

Christopher Brian Colohan wrote in
:

Bob Noel writes:
1) Exactly what is the extent of the connection (physical and
logical) between cabin systems and cockpit systems? Unfortunately,
the specifics are likely to be considered proprietary and not in the
public domain.

2) Why have any connection at all?

Top 10 reasons why there is a connection between the entertainment and
flight control system:

10. Each seatback computer has a CPU and RAM in it. Can you imagine
a Beowulf cluster of all of these computers? What a powerful machine!
This cluster soaks up spare machine cycles predict the weather that
the plane is about to encounter.

9. Counter-terrorism. Each seatback can run a flight simulator
program. To increase realism, it gets real data from the flight deck,
making the simulation more entertaining. If a passenger has the magic
unlock code, they can enable the reverse connection -- taking control
of the plane. Normally only the undercover air marshals have the
codes, but if hijackers enter the flight deck then the codes are
broadcast to all of the passengers in the plane.

8. Cool screen savers. In addition to the "plane's current position
on a map" display, you can watch the fuel levels, control surface
deflections, autopilot programming, and current radio frequencies.
The plane compares the pilot's performance to an internal model of an
idealized pilot, and shows the passengers what the pilot is doing
right or wrong. A special game mode lets you pilot a simulated plane
and see if you can out-score the real pilot.

7. Surveilance cams. Each tray table has a built in webcam which
lets passengers videoconference from the comfort of their own chair!
From the flight deck pilots can also turn on any camera they please to
check out suspicious passengers, or to relieve boredom. This data is
also interleved on an uplink to ATC so they can keep an eye on the
sky.

6. More efficient multicast. What if a passenger is downloading a
GPS firmware update, and the flight deck is downloading the same
update at the same time? You wouldn't want to transmit those bits
twice -- if they share a common network multicast can be used to
improve performance.

Okay, I ran out of ideas. Perhaps you can help finish this list?

Chris

5. Immedate posting to YouTube of any Mile High Club activity caught
on the concealed video cameras.

--
Marty Shapiro
Silicon Rallye Inc.

(remove SPAMNOT to email me)

On Jan 5, 1:55 pm, Larry Dighera wrote:

As a professional in the computer business, you should know that there
are virtually no computer systems that are not vulnerable to security
compromise. Connecting the cabin entertainment computer system to the
flight control computer is just plane ignorant. It's akin to the
residents of Iowa choosing a candidate that rejects Darwin's theory of
evolution to lead our country. Please cite a credible reason why the
in-flight entertainment computer system can't be isolated, and not
connected to other systems aboard the aircraft. There is none.

IFE's gotta have power, no? What if they hack the flight controls
through that? (Hey, I personally *saw* it happen in a movie)

george writes:

The regs ban certain electronic devices from being used during climb
and descend

If you mean the FARs, that's not true. There is a blanket ban, with certain
explicit exceptions, as well as exceptions that may be provided by operators.
See FAR 91.21.

Mxsmanic wrote in
:

george writes:

The regs ban certain electronic devices from being used during climb
and descend

If you mean the FARs, that's not true. There is a blanket ban, with
certain explicit exceptions, as well as exceptions that may be
provided by operators. See FAR 91.21.


Nope


Bertie

On Jan 9, 5:34 am, Mxsmanic wrote:

Sec. 91.21 Portable electronic devices.

(a) Except as provided in paragraph (b) of this section, no
person
may operate, nor may any operator or pilot in command of an aircraft
allow the operation of, any portable electronic device on any of the
following U.S.-registered civil aircraft:
(1) Aircraft operated by a holder of an air carrier operating
certificate or an operating certificate; or
(2) Any other aircraft while it is operated under IFR.
(b) Paragraph (a) of this section does not apply to--
(1) Portable voice recorders;
(2) Hearing aids;
(3) Heart pacemakers;
(4) Electric shavers; or
(5) Any other portable electronic device that the operator of the
aircraft has determined will not cause interference with the
navigation
or communication system of the aircraft on which it is to be used.
(c) In the case of an aircraft operated by a holder of an air
carrier operating certificate or an operating certificate, the
determination required by paragraph (b)(5) of this section shall be
made
by that operator of the aircraft on which the particular device is to
be
used. In the case of other aircraft, the determination may be made by
the pilot in command or other operator of the aircraft.

That is the Reg.
Self explanatory

george wrote:
On Jan 9, 5:34 am, Mxsmanic wrote:

Sec. 91.21 Portable electronic devices.

(a) Except as provided in paragraph (b) of this section, no
person
may operate, nor may any operator or pilot in command of an aircraft
allow the operation of, any portable electronic device on any of the
following U.S.-registered civil aircraft:
(1) Aircraft operated by a holder of an air carrier operating
certificate or an operating certificate; or
(2) Any other aircraft while it is operated under IFR.
(b) Paragraph (a) of this section does not apply to--
(1) Portable voice recorders;
(2) Hearing aids;
(3) Heart pacemakers;
(4) Electric shavers; or
(5) Any other portable electronic device that the operator of the
aircraft has determined will not cause interference with the
navigation
or communication system of the aircraft on which it is to be used.
(c) In the case of an aircraft operated by a holder of an air
carrier operating certificate or an operating certificate, the
determination required by paragraph (b)(5) of this section shall be
made
by that operator of the aircraft on which the particular device is to
be
used. In the case of other aircraft, the determination may be made by
the pilot in command or other operator of the aircraft.

That is the Reg.
Self explanatory

(1) Portable voice recorders;

Is an iPod not a personal voice recorder? Yet all the airlines I've been
on recently include it in the don't turn on until we say so list.