[Angreifer]

I was browsing around, and reading about the new Boeing 787 (what a beautiful aircraft, might I say), and discovered that there was a concern about the plane that strikes close to home for us BSG fans. Namely, the FAA is concerned that the plane's computer network is vulnerable to hackers. The 787 utilizes a new system that networks the passenger compartments with the flight cabin, in order to allow passengers to have internet access in the air. However, this means that the passenger's network is tied directly into the computer systems that control such mundane things as the flight controls. Clearly, some engineers at Boeing didn't watch the miniseries.

Here's an article to that talks specifically about this issue.

http://www.wired.com/politics/security/news/2008/01/dreamliner_security

[The E]

Aaaaaaaargh, the stupidity! One would think that the people at Boeing know better than to do this....

[Narvi]

It's probably just an oversight. They probably thought that hackers wouldn't want to turn off the plane that they're flying in.

Anyway, until they build wireless networks that can be used to turn the plane off mid-flight, they're still more secure than the Colonies.

[Flipside]

You don't need to turn the plane off, you just need to set it a new destination, which is a scary thought. Hopefully this will get fixed.

[Angreifer]

People also thought hijackers would never crash a plane into a building, but that got proved wrong too. Boeing claims they have sufficient securities in place, such as physical separation as well as firewalls. However, we all know how determined and resourceful hackers can be; I'd feel safer if the passenger compartment wasn't directly networked to the plane's flight systems.

[The E]

It's probably just an oversight. They probably thought that hackers wouldn't want to turn off the plane that they're flying in.

Anyway, until they build wireless networks that can be used to turn the plane off mid-flight, they're still more secure than the Colonies.

ISTR that there are people out there who don't much care for their own survival when hijacking planes...Oh, and why should a wired network be more secure? If I can hook my Laptop up to the planes internal network, and take control over (or compromise) things like the navigation software, or the fly-by-wire system, it doesn't matter wether I do it wirelessly or while being hooked up to some wall wart. The point is that there is no intuitively obvious reason why the plane should be wired up that way, and several highly obvious reasons why it shouldn't.

[Flipside]

The concept of a fundamentalist on a plane with access to the flight controls and Google Earth is not a comforting thought...

[karajorma]

It's probably just an oversight. They probably thought that hackers wouldn't want to turn off the plane that they're flying in.

On a plane designed after 9/11? That's monumentally stupid.

[Snagger]

Who amongst you think that autpilot, fly-by-wire, FADEC or navigational systems need to be connected to passenger and cabin systems, or need internet access?  Their operating systems are not going to be compatible with PCs, for a start.  Boeing do what I consider to be some pretty odd things in designing their aeroplanes, and I think Airbus are even worse, but they're not stupid.

Stop fretting - it's all a wind up or, commercial competition mud slinging or misinterpetation by someone who doesn't understand the system architecture.  Any connection between cabin or passenger operated controls and aircraft systems would be limited to items like inflight entertainment and information displays.  At a push, they may allow the cabin temperature to be controlled by the cabin crew from tha galleys.  There is no way that they would make an aircraft that could have its controls tampered with from outside the cockpit.

[Mobius]

I'd really like to go OT instead and say this:

May I know why all off-topic (read: "Not related to FS Universe/gaming/modding") posts don't contribute to post count, all except BSG-related ones (and even pseudo-BSG-related, like thins one)? No offense, but this board should be used to discuss the Diaspora game.

I guess I'll be flame-stormed, but I don't care.

[The E]

No, this is not an April Fools thing. According to Wikipedia, the vulnerabilities came to light in January 2008. While this should be taken with a ton of salt (The wiki entry references the same sources the Wired article used), it also hasn't been debunked yet.

Now, who amongst you think that autpilot, fly-by-wire, FADEC or navigational systems need to be connected to passenger and cabin systems, or need internet access?  Their operating systems are not going to be compatible with PCs, for a start.  Boeing do what I consider to be some pretty odd things in designing their aeroplanes, and I think Airbus are even worse, but they're not stupid.

well, I don't know about Boeing, but airbus uses a set of industry-standard control interfaces for their fly-by-wire. Since those are hooked up to a standard industrial PC, I don't think manipulating them once you get access is that hard. (Fortunately, this isn't possible from the passenger cabin...)

Stop fretting - it's all a wind up.  Any connection between cabin or passenger operated controls and aircraft systems would be limited to items like inflight entertainment and information displays.  At a push, they may allow the cabin temperature to be controlled by the cabin crew from tha galleys.  there is no way that they would make an aircraft that could have its controls tampered with from outside the cockpit.

Yet apparently, they did. Look, there is no such thing as a secure network. Separating the passenger entertainment and the flight control systems physically is the only way of making sure that no tampering occurs.

I'd really like to go OT instead and say this:

May I know why all off-topic (read: "Not related to FS Universe/gaming/modding") posts don't contribute to post count, all except BSG-related ones (and even pseudo-BSG-related, like thins one)? No offense, but this board should be used to discuss the Diaspora game.

I guess I'll be flame-stormed, but I don't care.

Mobius is right. This should be moved.

[Angreifer]

Just to clarify, here's the report from the Federal Register. It's real.

http://frwebgate4.access.gpo.gov/cgi-bin/TEXTgate.cgi?WAISdocID=295266170789+13+1+0&WAISaction=retrieve

Also, I don't see what's wrong with discussing an item that relates to BSG; this is a forum community, and I'd think anything that promotes discussion within that community is a good thing. The episode discussion threads did the same thing. Personally, I find correlations between the real world and BSG fascinating. Apparently RDM and his writing team were eerily prescient about some dangers of technology that were right around the corner. This is exactly the type of thing BSG was warning us against.

[karajorma]

To be honest, I think this should be in gen disc too. So moved.

As for the post count argument, I could make the claim that all post counts except internals and forums like support shouldn't count and then go and enforce that. I won't cause it's stupid and I have a life other than my post count.

[Snagger]

The reports may be real, but there is still no suggestion of the risk being real.  Fine, there are three computer networks on the aircraft - one operational, one administrative and one for passenger use/entertainment, and Boeing state there are some areas of connectivity, but that is alreadyt he case in many existing aircraft.  Passenger communications systems may share antennas with aircraft systems, and the moving maps displayed on some airlines' cabin IFE systems are connected tot he aircraft navigational system.  Some airlines even have audio and camera feeds from various parts of the aeroplane including the cockpit and comms radios.  The type of connectivity may be little different from the nature of the interconnectivity between existing systems.

It's apparent that the two main protagonists in the debate are IALPA (iternational pilots' union) and Airbus.  IALPA will be trying to gain concrete assurances that their members can't be jeopardised by electronic sabotage (which is an already tangible threat anyway, especially considering the history of electrical sabotage by Boeing employees), while Airbus is simply trying to further delay the 787's certification and delivery in the hope of causing financial damage to Boeing and hoping to cause customers to cancel 787 orders and buy Airbus instead.  It's corporate war.

For what it's worth, I think that Boeing are far more pragmatic and practical in their design philosophies than Airbus.  Airbus are extremely inventive and technologically advanced, but Boeing tend to be better at deciding what's too complex, too vulnerable or unimportant to be worth installing in the aircraft.  I'd be very surprised, even after reading those reports, if Boeing had designed a flight control system that was open to hacking.

[The E]

The point is that Boeing put themselves in a position where their onboard computer systems could be compromised by someone sitting in a passenger seat with a laptop. Keeping those systems separated isn't rocket science, people. As for the IFE systems: They could be, but do not need to be connected to the nav systems. In fact, a single, one-way readout would be sufficient for those informations (as for the cameras, again, there is no reason for them to be connected to flight-critical systems.).

[Angreifer]

The point is that Boeing put themselves in a position where their onboard computer systems could be compromised by someone sitting in a passenger seat with a laptop. Keeping those systems separated isn't rocket science, people. As for the IFE systems: They could be, but do not need to be connected to the nav systems. In fact, a single, one-way readout would be sufficient for those informations (as for the cameras, again, there is no reason for them to be connected to flight-critical systems.).

This. Why they designed a unified network for the flight systems as well as the passenger amenities is beyond me; I have to guess it's part of cost cutting. But there's really no good reason why the critical systems should be separated from passenger tampering just by firewalls; it makes it too easy.

[Snagger]

You misunderstood me.  We don't know if those systems could be compromised by a passenger, just because they share some components with the passenger systems.  The passenegrs' IFE gets its power from the same generators on existing aircraft as the flight control and nave systems, but that doesn't allow the pax to interfere with the flight, does it?  Current IFEs with moving maps and flight data for the passenegers to read are connected to the aircraft nav and air data systems, but the pax can't interfere through that either, so why should the new system be any different?  ALL of the aircraft systems are eventually connected to eachother in some way, mainly through sharing electrical sources, data input sources or antennae.  Current systems that are interconnected to passenger services have a "one-way" communication architecture.  There is no specific information in the reports that points to the 787 being any different.  Apart from transmitters and recievers enabling phone and computer connection to the ground, I can't see any reason that the passenger systems would have any connection to the aircrafts administration system.  The aircraft navigational recievers use completely different frequencies than satcomms, so could not share the passengers trancievers.  Apart from periodic software updates by engineers on the ground, the FCS and FMC would not need any connection to external sources, so it seems unlikely that they're connected to anything the passengers use.

I don't know what the Boeing design is, but since there would be no advantages to cross connecting everything and numerous serious disadvantages, I just can't see Boeing having made such an error.  I'm not saying it's impossible - I'm just saying that I think this report has been blown out of proportion, especially by Boeing's main competitor.

[The E]

From the FAA report:

Code: [Select]

Novel or Unusual Design Features

    The digital systems architecture for the 787 consists of several
networks connected by electronics and embedded software. This proposed
network architecture is used for a diverse set of functions, including
the following:
    1. Flight-safety-related control and navigation and required
systems (Aircraft Control Domain).
    2. Airline business and administrative support (Airline Information
Domain).
    3. Passenger entertainment, information, and Internet services
(Passenger Information and Entertainment Domain).
    The proposed architecture of the 787 is different from that of
existing production (and retrofitted) airplanes. It allows new kinds of
passenger connectivity to previously isolated data networks connected
to systems that perform functions required for the safe operation of
the airplane. Because of this new passenger connectivity, the proposed
data network design and integration may result in security
vulnerabilities from intentional or unintentional corruption of data
and systems critical to the safety and maintenance of the airplane. The
existing regulations and guidance material did not anticipate this type
of system architecture or electronic access to aircraft systems that
provide flight critical functions. Furthermore, 14 CFR regulations and
current system safety assessment policy and techniques do not address
potential security vulnerabilities that could be caused by unauthorized
access to aircraft data buses and servers. Therefore, special
conditions are imposed to ensure that security, integrity, and
availability of the aircraft systems and data networks are not
compromised by certain wired or wireless electronic connections between
airplane data buses and networks.
Unless I'm reading it wrong, it pretty much states outright that the 787's network infrastructure could be vulnerable to an attacker inside the plane. While these things can be firewalled, and breaking into them may be hard to do, it isn't impossible. Bruce Schneier once said that everyone can design a security system that the designer himself can't defeat, but that isn't enough in this case. Especially when the solution seems to be pretty straightforward. And if you read the FAA report, Airbus' interference seems to concentrate on nailing down the exact interpretation of the applicable regulations.

[Snagger]

Well, I absolutely agree that there is no way a passenger or ground based computer hacker should be able to access any aircraft operational or flight systems, and that dependence on firewalls is utterly insufficient.  Any critical systems should be isolated from any method of corruption.  I will not fly any aeroplane which has its FCS, FADEC, nav, fuel, hydraulic, electrical or pressurisation systems connected to any kind of hard wire or wireless network that can be accessed by anyone other than a pilot, or an engineer when on the ground, and I don't think many other pilots would fly it either.  I can't see many airlines wanting it either, if it was a real possibility, and the airline insurers wouldn't cover the airlines if they did buy it with such a flaw, so it'd never fly in service.

However, while the report states that the 787 architecture differs from current designs, it doesn't give any details of how or why critical systems will be hackable.  It merely states that as a new, complex system, it could potentially be hackable.  This is something that will require rigourous investigation and testing, and if it is found that the syatems are at risk of hacking, then the architecture must be changed.  As i said, I think IALPA's stance is one of wanting reassurance of the unknown, while Airbus may be stirring up trouble for commercial reasons - both manufacturers have a long history of corporate espionage, under-table deals, mud slinging and so on (just look at the USAF tanker contract for an example).

On the plus side, there are many novel design features of the 787 which I hope will eventually become standard, like electric motors in the wheels to allow "push back" without tugs and taxi with only the APU running, electric compressors to replace engine bleed air for the cockpit and cabin pressurisation and air con, just for starters.  It looks like a great aircraft, assuming it doesn't have any critical "bugs" like the one under suspicion in this thread.

[The E]

Umm...the report doesn't give those details because it's more about policy than actual hardware. Boeing implemented the 787's network in a way that wasn't covered by existing regulations, so the FAA issued a request for Boeing to address those issues. Airbus then commented that that request was not specific enough, and asked for more strictness. If you read the document, it becomes clear that the FAA actually denied Airbus' request for a stricter wording of it's recommendations to Boeing. The final wording was:

Code: [Select]

The Special Conditions

    Accordingly, pursuant to the authority delegated to me by the
Administrator, the following special conditions are issued as part of
the type certification basis for the Boeing Model 787-8 airplane.

    The design shall prevent all inadvertent or malicious changes
to, and all adverse impacts upon, all systems, networks, hardware,
software, and data in the Aircraft Control Domain and in the Airline
Information Domain from all points within the Passenger Information
and Entertainment Domain.

Translated from bureaucratic, this means that Boeing has to ensure that the essential systems, like flight control and telemetry, have to be totally inaccessible from passenger country. I guess that, while Airbus tried to get the FAA to issue a stricter version of the same memo, the underlying reasons for it are still valid, meaning that people at the FAA noticed some vulnerabilities in the 787's design and decided that Boeing would need to address these issues.