Jump to content

Archived

This topic is now archived and is closed to further replies.

Tatave

Auto FMC setting?

Recommended Posts

Hello,

 

I just heard from someone that there are advances in FMC technology and they can now be set by Wi-fi and Bluetooth. Is this true?

 

Thanks in advance.

Share this post


Link to post

Company remotley programming Routes into the FMS via ACARS has been around for over a decade.

 

Bluetooth and Wifi?... no.

 

Trent Hopkinson

Share this post


Link to post

Ok, I was wondering about this, I hadn't heard about any bluetooth or wi-fi in the FMC before. Thanks.

Share this post


Link to post

Captain: "Do you have our Flightplan???"

1st: "Yes i got it on my ipad and a security Backup on my Blackberry. Just let me start Bluetooth "

Share this post


Link to post

Technically, I see no reason why it wouldnt work... but I dont see how it would be more useful than, say, ACARS.

Share this post


Link to post

Technically, I see no reason why it wouldnt work... but I dont see how it would be more useful than, say, ACARS.

 

That and I can certainly see how it could pose a much greater security risk than ACARS.

Share this post


Link to post

That and I can certainly see how it could pose a much greater security risk than ACARS.

 

I was about to say that, but I was wondering if it was just the Security+ instructor side of me...glad someone else picked up on that.

 

*Simmer/Hacker Dude stands up in 4th row, whispering to the people around him*

Hey everyone, I just saved us 40 minutes by putting us direct from DEN to ESL! I had to hack in on my cell phone, but I did it!!!

Share this post


Link to post

A lot of larger tube liners actually use some sort of WiFi (different frequencies, same protocol in general) at the gate to send and receive data to and from dispatch. These could be flight logs,engine parameters recorded throughout the flight,... Thinking about it, the extremely short range that Bluetooth has, would render it useless in this case.

Why would you prefer WiFi over ACARS? Easy, WiFi has a lot more bandwidth.

Kyle, the scenario you propose isn't that far fetched. In the more current generations of aircrafts, everything is connected with everything. I wouldn't be surprised if it was possible to control the entire aircraft from a laptop. It would take time and rather specific hardware though.

Share this post


Link to post

Right, but with text-based data like that, there's no real huge need for a lot of bandwidth. We're not streaming live video to the planes. It's simple data in the transactions.

 

Beyond that, the claim I could hack into an aircraft's network to control it is very far fetched, as the aircraft network infrastructure is separate for the passenger entertainment and aircraft systems.. The only one that had a mention of a single network issue was the 787, but I can't remember if that one's been resolved. There was mention of air gapped portions of that network (meaning no network access between the passengers and the secure systems), but the spokesperson also remained very vague and said "in some parts they're touching, in other parts they're not."

 

To me, it seems that there's an allusion to an interconnection between certain portions of the network (tail/nose/etc cams, and other non-essential systems), where there's no connection between the flight deck controls and the passengers.

Share this post


Link to post

Sending text won't take a lot of bandwidth... Sending a lot of text over a short amount of time will. Which is exactly what the WiFi(I believe the term is GateLink) is used for.

I'm not talking about using the Passenger entertainment systems, I'm talking about using radio signals.

Keep in mind, technology has changed, you used to listen to your VHF radio straight from the air. These days, the signal is processed first.(Not only in Long Haulers like the 777 with CPDLC capabilities, but pretty much in any modern aircraft.) it's possible these signals and the processors behind them are vulnerable to injections.

A few months ago, some guys had a proof of concept where they could start, stop and control cars just by using a laptop and a simple FM transmitter. Airplanes will be a LOT tougher to crack, but nothing's impossible.

Think of it like this... The Atlantikwall was designed to completely stop an invasion... It held up just a few hours. If it can be built, it can be taken down.

Share this post


Link to post

Sending text won't take a lot of bandwidth... Sending a lot of text over a short amount of time will. Which is exactly what the WiFi(I believe the term is GateLink) is used for.

I'm not talking about using the Passenger entertainment systems, I'm talking about using radio signals.

Keep in mind, technology has changed, you used to listen to your VHF radio straight from the air. These days, the signal is processed first.(Not only in Long Haulers like the 777 with CPDLC capabilities, but pretty much in any modern aircraft.) it's possible these signals and the processors behind them are vulnerable to injections.

A few months ago, some guys had a proof of concept where they could start, stop and control cars just by using a laptop and a simple FM transmitter. Airplanes will be a LOT tougher to crack, but nothing's impossible.

Think of it like this... The Atlantikwall was designed to completely stop an invasion... It held up just a few hours. If it can be built, it can be taken down.

 

Right, but if a network is physically isolated without wireless (airgapped is the term I used above), it cannot be attacked using wireless or any other device. Other than creating a ton of interference and affecting network communication (in the case of Ether or some other metal-wire cabling), short of a direct tap you're not going to actually take control of communication on the network. That's nearly impossible in a plane unless you pull up the flooring, or find some wiring in a closet. In the case of fiber, as an attacker you're veritably screwed. EMI/RFI have no affect, and there's no easy way to tap it without being discovered (taps on Ether allow the original parties to continue to communicate; taps on Fiber often end up in nobody communicating, but if done right the attacker can communicate with the target, while the other party is cut out).

 

Security is never about impossible (if someone believes it is, they're lying to you), it's about creating a situation of improbability.

 

AES-256 isn't impossible to crack, it's improbable that you will be able to crack it within your lifetime, however.

Julian Assange's thermonuclear file is out on the internet, freely available on torrent sites. It's encrypted with AES-256. Still hasn't been decrypted.

Share this post


Link to post

Since there is communication (VHF, HF, ACARS, CPDLC in some cases), the plane is not wirelessly isolated.

In the old days, you used to control the radios directly. In modern airplanes, with modern radios, you don't. You tell a microprocessor what you want it to do, and it tries to comply or gives you an error. The incoming transmissions are decoded and sent to the right channels (might be an audio channel or a data bus.). In most modern flightdecks, a lot of systems are interconnected, the radios could be attached to the FMC, which is part of the FMS. I'm not saying there is a flaw or gap in there, I'm just portraying a hypothetical situation.

But, let's say there actually is a flaw somewhere in the code. And, lets say this flaw is something critical(or gives access to something critical). It will take a lot of time, and probably some sort of reverse engineering, but it COULD be done. Would it be a viable option? Of course not, it's much easier to get in physical control of the plane, even these days.

Would we ever know about this flaw? No, we probably wouldn't since it would not be discovered (unless the manufacturer discovers it, in which case I bet they're not going to announce it to the public).

But what you were saying really wasn't that far fetched, improbable as you said, but not unthinkable. The more computers you put in something, the more vulnerable it is to a cyber attack, this always has been and probably always will be true. Does that mean a cyber attack is imminent or will ever happen? Probably not, taking physical control or just shooting a plane down is a lot easier and doesn't take nearly the amount of brainpower.

 

Now, about AES-256. Has AES-256 been cracked? Not that we know and probably not. But making it public would be the dumbest thing to do. Keeping information on your side of the fence is an effective way to encrypt something. If somebody else uses the same form of encryption, and trusts it, without knowing you have what it takes to easily intercept that data, you have an immense advantage.

Share this post


Link to post

Isn't Bluetooth unsecure and unreliable? It's slow too...

Share this post


Link to post

Since there is communication (VHF, HF, ACARS, CPDLC in some cases), the plane is not wirelessly isolated.

In the old days, you used to control the radios directly. In modern airplanes, with modern radios, you don't. You tell a microprocessor what you want it to do, and it tries to comply or gives you an error. The incoming transmissions are decoded and sent to the right channels (might be an audio channel or a data bus.). In most modern flightdecks, a lot of systems are interconnected, the radios could be attached to the FMC, which is part of the FMS. I'm not saying there is a flaw or gap in there, I'm just portraying a hypothetical situation.

But, let's say there actually is a flaw somewhere in the code. And, lets say this flaw is something critical(or gives access to something critical). It will take a lot of time, and probably some sort of reverse engineering, but it COULD be done. Would it be a viable option? Of course not, it's much easier to get in physical control of the plane, even these days.

Would we ever know about this flaw? No, we probably wouldn't since it would not be discovered (unless the manufacturer discovers it, in which case I bet they're not going to announce it to the public).

But what you were saying really wasn't that far fetched, improbable as you said, but not unthinkable. The more computers you put in something, the more vulnerable it is to a cyber attack, this always has been and probably always will be true. Does that mean a cyber attack is imminent or will ever happen? Probably not, taking physical control or just shooting a plane down is a lot easier and doesn't take nearly the amount of brainpower.

 

It seems there's a fundamental misunderstanding here. Because communication exists does not make a system vulnerable. Sending a whole bunch of malicious traffic at something doesn't necessarily mean you can get it to do anything you want. I can't send a whole bunch of network traffic at my sim rig and make it print paper out of it because it's not a printer. Similarly, I can't send a whole bunch of malicious traffic at an aircraft's radios (despite the modern automation of the radios) and gain access to its flight controls, assuming the people who designed the systems wasn't a complete idiot. Just because the computers control a system that communicates doesn't necessarily mean that it's possible for you to attack it via that communication device.

 

Adding security to a system isn't very hard at all. The issue is that most people don't have it.

 

Example: If you have a wireless card, bust open the available networks window and let me know if you see "Belkin," "Netgear," or "Linksys." Further, how many of those main names are unsecured? Beyond that, jump onto one of those networks and go to the router config page (http://192.168.1.1 for Linksys at the very least, and admin/admin, or [blank]/admin). Guaranteed it's left at the defaults and you're right in (and can kick the legitimate users out).

 

It's not that hackers are necessarily smart, it's that they know how people are lacking in specific areas.

 

The more computers does not necessarily mean there are more chances for cyber attacks. The more computers means there's more targets, not that it's more likely, or easier (depending on your architecture and settings). If we have more tanks in the military does that make us a larger target? Sure, there are more targets, but it doesn't mean said targets are easy picking.

 

Further, again, the systems are air gapped, meaning there's no way packets can hop from one network onto the other network of computers. As an example, if I have a computer in a room, isolated from the external network (internet) both by lack of ether cable and wireless, there's no way to attack it via network connections, even if it has its own cabling between it and a couple other computers in its local network (provided those computer also do not have access to the network). Even if I add in an aviation radio transceiver that's controlled by my computer, there's no way to hack into the air gapped network because the transceiver doesn't have a path back to control the computer.

 

I see where you're coming from in that it is true, if the system was set up without any security, there would be risks involved. It's not as easy as most people make it out to be, however. Just because certain things have been cracked, it doesn't mean the average kid in his basement with an Alienware can do it.

 

Now, about AES-256. Has AES-256 been cracked? Not that we know and probably not. But making it public would be the dumbest thing to do. Keeping information on your side of the fence is an effective way to encrypt something. If somebody else uses the same form of encryption, and trusts it, without knowing you have what it takes to easily intercept that data, you have an immense advantage.

 

Certain weaker levels of AES have been cracked through some inventive attacks.

Bruce Schneier (one of the more well-known cryptographers) outlines it here: http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

Share this post


Link to post

What of this sort of technology was integrated with the virtual FMC in say the NGX so that I could program my flight management computer without having to boot up the PC?

Share this post


Link to post

If it can be built, it can be taken down.

 

I think (and it scares me) that this is true. Somebody (somebod-ies) will always find a way to get into something. Especially if that person(s) has an understanding of how that system works. With enough pressure and time, anything can be broken/overcome. <~~~isn't that basically one of the ending lines of "Shawshank Redemption? Crap, I love that movie...... But the statement is true regardless.

Share this post


Link to post

What of this sort of technology was integrated with the virtual FMC in say the NGX so that I could program my flight management computer without having to boot up the PC?

 

There are add-ons that will allow you to create a route file that can be loaded by the NGX FMC right? Just run one of those on a different computer.

Share this post


Link to post

 

 

There are add-ons that will allow you to create a route file that can be loaded by the NGX FMC right? Just run one of those on a different computer.

Was thinking of something more practical like an iphone or iPad. Just imagine getting your flight ready during breakfast! At the moment I find FS2 Kneeboard of good use but has nothing to do with the FMC.

Share this post


Link to post

I think (and it scares me) that this is true. Somebody (somebod-ies) will always find a way to get into something. Especially if that person(s) has an understanding of how that system works. With enough pressure and time, anything can be broken/overcome. <~~~isn't that basically one of the ending lines of "Shawshank Redemption? Crap, I love that movie...... But the statement is true regardless.

 

Good movie, for sure, but there's no need to get agoraphobic about life because of the potential for attack (I'm not saying you are, I'm just saying life isn't all as scary as tech news makes it out to be).

 

Cyber security is a bit like life in general:

How do I not get hurt/robbed (personally)?

Don't provoke people to do harm. Don't walk into the bad sections of town. Don't put valuables in plain sight. Put measures in place as deterrents (doors, locks, fences, blinds - as appropriate).

 

How do I not get attacked/compromised (computing)?

Don't provoke people to attack. Don't browse to sites that look sketchy. Don't put valuable information in plain sight (on public networks). Put measurements in place as deterrents (firewalls, passwords, hide network infrastructure - as appropriate).

 

Like I said before. Hacking isn't all about being a genius with great computing power. It's knowing most people don't secure themselves. Hacking isn't like running up against Fort Knox all day. Hacking is more like the thief on the streets that knows where to find the tourists, what they look like, and knowing generally where they keep their wallet. That is to say, people make it easy because they use "password" as a password, use default firewall and network settings, and hardly put up a fight. Sure, some hackers are geniuses with awesome computing power at their finger tips.

 

By and large, though, the issue is that people are essentially still leaving their "doors" unlocked.

Share this post


Link to post

Captain: "Do you have our Flightplan???"

1st: "Yes i got it on my ipad and a security Backup on my Blackberry. Just let me start Bluetooth "

 

:LMAO: :LMAO: :LMAO:

Share this post


Link to post

Once again,

I'm not saying it's probable, I'm just saying it's possible with enough time and knowledge.

The systems of a modern tubeliner consist of millions of lines of code. The chances of not having a single fault in there are zero (not even nearly zero). Is it likely those systems will ever be hacked? Nope, not at all, because it's not nearly the most effective way to bring an aircraft down (or make it do what you want.), the weakest link is not in the systems, not even close.

BUT, the way everything is interconnected these days, means that more possible ways of entry become available. You seem to know quite a bit about ICT too, so I don't have to tell you this means there will be more unexpected behavior. This in turn means more debugging needs to take place.

Protocols like CPDLC or even ACARS are an ideal way for hackers to gain entry to the systems.

Airgapping systems was surely used on older aircraft, but is becoming less and less common on newer models. Especially since it's a lot easier for maintenance, dispatching(troubleshooting in the air, sending flightplans straight to the aircraft,...) and of course it will save a lot of fuel over the lifespan of the aircraft (databus systems like FBW are becoming common in other places too), which is still one of the main goals of the customers.

Of course these systems are going to be secured, but as with everything, there's a limit to the funding. Also, there's a limit to how extensive the security has to be. The maximum someone with bad intentions is going to be on the plane, will be about 20 hours. (Passengers on a 777-200LR, with a couple of hours delay). If you can make sure you can keep somebody out for about 30 hours, you're going to be safe.

In this case, it's going to be highly improbable anyone will ever gain unauthorized access to the system. BUT, let's say a hacker thinks about a point of entry and a way nobody considered before, and he can reduce the time to access the systems from 30 hours to 15 or even 10... Now you're got yourself a problem.

 

You say your computer will not be able to print... It will not. But if one can access your computer, they can also make it send commands to the printer which is attached to it. This is how real hacking works. You don't try to take down the reinforced gate, you try to find a door which is less secure and gives access to the gate's control panel. What you were explaining is pure guesswork and trial and error. (the second is involved in decent hacking, the first is frowned upon.)

Share this post


Link to post

You say your computer will not be able to print... It will not. But if one can access your computer, they can also make it send commands to the printer which is attached to it. This is how real hacking works. You don't try to take down the reinforced gate, you try to find a door which is less secure and gives access to the gate's control panel. What you were explaining is pure guesswork and trial and error. (the second is involved in decent hacking, the first is frowned upon.)

 

Right, but my point was the exact opposite, in order to mirror your radio argument. Of course I can make my computer print. Heck, I can make my computer at home print from my office, but that's not the point. My point is the inverse: that I can't gain access to my printer and take over my computer (or even the network). I'm sure if I were clever, I could use the networked printer as part of a bot in a DDoS, but that's not gaining control; that's preventing access. Similarly, I can't gain access to an aircraft's radios (from the radio frequency side, not through the physical radio unit), and have access to the entire aircraft (unless whoever made the radio is a complete idiot).

 

Sure, any time a computer is made to communicate, it becomes more susceptible to attack. The difference is in how the computer is set up to communicate. As I pointed out, the new 787 had issues pointed out to it where the systems were not as gapped as people would have liked. Nobody actually knows how the network is set up (external to Boeing or their NDA'd contractors anyway) and what parts are not gapped that, in theory, should be. That being said, yes, in theory, it's easier to attack seeing that more components are becoming networked, but none of us know any security that's likely being implemented in parallel.

 

I'm not sure what hacker class you took, but I'm not sure you have an accurate view of what hacking is. Sure, part of hacking is knowing the weak points of systems (as in my example earlier where I asked someone to find open wireless and enter that way, and then prevent access by reaching the wireless config page using the default passwords, which, given the default SSID, the router password is likely still at the default). Knowing weak aspects of systems is hacking 101, but advanced hacking is where you go in blind. In order to execute an attack that even you used the terms "nobody considered before," you have to operate on pure guesswork and trial and error. If you look in any textbook on the matter, or take a class on it, part of the process is footprinting and scanning. This first phase is not about gaining access, it's about finding weak spots in an act of trial. From there, you know open ports, or weak spots, but exploiting them may still be unknown.

 

For the record, cracking passwords is truly guesswork and trial and error. Even most password cracking software runs it against "most used" passwords and hashes, which is still guessing.

 

I see your point that there's concern, but what I don't agree with is that there needs to be more concern simply because there may be less gapping. Just because the diagnostics may be on the same network as ACARS for maintenance purposes, it doesn't mean that this is tied into the FBW. Look at a car: OBD-II allows reporting on the engine diagnostics, but is most cars today, the ECU is still airgapped. The same goes for aircraft in that the FADEC is still primarilly gapped.

Share this post


Link to post

I'm not saying there needs to be more concern, simply because there's a dozen of easier methods to gain control of an aircraft. I'm just saying that chances of a cyber attack are increasing exponentially.

Also, the more systems become interlaced, the more parameters influence each other. This calls for unexpected behaviour, especially since its going to be harder and harder to test for each possible scenario.

Think of it like this, to expand on our little computer-printer scenario. Your let's say your printer is connected through USB with your computer, but is also a WiFi printer.(Your computer could be the FMC, the printer the radio and the USB would be the databus.) While this specific system was designed to receive files and print them, and has been tested to make sure it is secure, chances are not every single scenario (packets and frames, but even hardware combinations make a lot of differences) was tested. Of course a plane will be a lot more secure, but that doesn't completely rule out every single chance of a cyber attack, which is what you're getting at. The chances of winning every single lottery at the same time, in every country worldwide are probably higher than finding that one little gap, but that doesn't mean the gap isn't there.

The number one mistake you can make in security, is thinking you're safe.

I may have wrongly explained myself in saying that hacking isn't just guesswork. Of course it is, but that's not the initial phase of it. At first you just sit, watch and inspect.

If my point came over differently, I guess I'll have to blame English not being my native language.

 

To expand on your car theory... I can't seem to find the source, but a couple of months ago a group of students made a proof of concept where they could actually take over a car by using the FM radio, and nothing more. A car isn't a plane, that much is obvious, but the same principle applies.

Once again, I'm not saying this is probable, just that it's probably possible (note the difference here.) with enough time and brainpower.

Share this post


Link to post

Makes sense.

 

As far as the car thing goes, I think that it may still be that the ECU is airgapped, but that doesn't mean that someone can't take advantage of it through a side-channel attack. If you can hack the channel for a remote start and get the car going, you've got that much. After that, if it has park assist, you'd have to find a way into that channel, but from there you have steering and throttle. With that, you've gotten the car started, and you have throttle and steering control. So, you never really attacked the ECU, but you're taking advantage of it because despite the air gap, it's meant to respond to throttle input, which you attacked through another channel.

Share this post


Link to post
×
×
  • Create New...