FlyerTalk Forums - View Single Post - Boeing 787 to link flight systems and passenger data networks!!
Thread: Boeing 787 to link flight systems and passenger data networks!!
View Single Post
Old Jan 8, 2008 | 8:19 am
  #1  
stimpy
FlyerTalk Evangelist
25 Years on Site
 
Join Date: Feb 1999
Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques
Posts: 34,337
Exclamation Boeing 787 to link flight systems and passenger data networks!!
From the venerable Risks Digest....

The FAA has issued "special conditions" for certification of the Boeing 787.
(mirrored at http://cryptome.org/faa010208.htm).


In part, these state:


"Novel or Unusual Design Features


The digital systems architecture for the 787 consists of several
networks connected by electronics and embedded software. This proposed
network architecture is used for a diverse set of functions, including the
following: 1. Flight-safety-related control and navigation and required
systems (Aircraft Control Domain). 2. Airline business and administrative
support (Airline Information Domain). 3. Passenger entertainment,
information, and Internet services (Passenger Information and Entertainment
Domain). The proposed architecture of the 787 is different from that of
existing production (and retrofitted) airplanes. It allows new kinds of
passenger connectivity to previously isolated data networks connected to
systems that perform functions required for the safe operation of the
airplane. Because of this new passenger connectivity, the proposed data
network design and integration may result in security vulnerabilities from
intentional or unintentional corruption of data and systems critical to the
safety and maintenance of the airplane. The existing regulations and
guidance material did not anticipate this type of system architecture or
electronic access to aircraft systems that provide flight critical
functions. Furthermore, 14 CFR regulations and current system safety
assessment policy and techniques do not address potential security
vulnerabilities that could be caused by unauthorized access to aircraft data
buses and servers. Therefore, special conditions are imposed to ensure that
security, integrity, and availability of the aircraft systems and data
networks are not compromised by certain wired or wireless electronic
connections between airplane data buses and networks."


According the the story in Wired
(http://www.wired.com/politics/securi...liner_security)


"Boeing spokeswoman Lori Gunter said the wording of the FAA document is
misleading, and that the plane's networks don't completely connect. Gunter
wouldn't go into detail about how Boeing is tackling the issue but says it
is employing a combination of solutions that involves some physical
separation of the networks, known as "air gaps," and software
firewalls. Gunter also mentioned other technical solutions, which she said
are proprietary and didn't want to discuss in public. "There are places
where the networks are not touching, and there are places where they are,"
she said. Gunter added that although data can pass between the networks,
"there are protections in place" to ensure that the passenger Internet
service doesn't access the maintenance data or the navigation system "under
any circumstance." She said the safeguards protect the critical networks
from unauthorized access, but the company still needs to conduct lab and
in-flight testing to ensure that they work. This will occur in March when
the first Dreamliner is ready for a test flight."


So that's all right, then. After all, no security problem has ever shown up
after testing, has it?


[The planned test flight should be interesting. Where can you get a
plane-load of suicide hackers at short notice? MT]
stimpy is offline  
Reply