Print from Airliners.net discussion forum
http://www.airliners.net/aviation-forums/general_aviation/read.main/5736139/

Topic: Hacker Says Phone App Could Hijack Plane
Username: concentriq
Posted 2013-04-11 10:06:12 and read 12638 times.

Just like the headline says, and here is a link:

http://www.cnn.com/2013/04/11/tech/m...-hijack-plane/index.html?hpt=hp_t2

this is most prolific source, but others out there go into more detail.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: incitatus
Posted 2013-04-11 10:08:05 and read 12622 times.

Did this conference happen 11 days ago?

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: tugger
Posted 2013-04-11 10:17:45 and read 12565 times.

I was just reading this. I am sure it will be addressed pretty quickly and of course as many here point out, the human pilot of course is the controlling authority in the plane.

Quote:
With these vulnerabilities in mind, he used virtual planes in a lab to demonstrate his ability to hijack a plane rather than attempting to take over a real flight as that was “too dangerous and unethical.” He used ACARS to gain access to the plane’s onboard computer system and uploaded Flight Management System data.

Once in, he demonstrated how it was possible to manipulate the steering of a Boeing jet while it was in autopilot mode. The security consultant said he could cause a crash by setting the aircraft on a collision course with another jet or even give passengers a scare by dropping down the emergency oxygen masks without warning.

A pilot could thwart an attack by taking the plane out of autopilot although he pointed out that several newer systems no longer include manual controls. Some systems could be updated to patch the vulnerabilities but many legacy systems would be difficult, if not impossible, to update.
http://www.techspot.com/news/52211-h...airplane-using-an-android-app.html

Tugg

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: 0NEWAIR0
Posted 2013-04-11 10:39:43 and read 12448 times.

I don't know if I believe in the legitamacy of his conclusions resulting from the tests. Yes, he has proven that the app can control the equipment he used in his test but he has not controlled a real airplane with it.

It reminds me of the tap-and-go credit card security issues. Various people have proven that special devices can pull your credit card number and expiration date by being in close proximity to the card; however, this has failed to present as a real and substantial risk in real world use.

[Edited 2013-04-11 10:40:50]

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: Speedbird128
Posted 2013-04-11 10:49:22 and read 12398 times.

Aren't cockpit lights physical switches with dimmer knobs? I'd like to see an android app to do that for my household lighting.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: glbltrvlr
Posted 2013-04-11 11:14:40 and read 12273 times.

Very old news, rehashed as some new crisis.

No secret that ACARs traffic is open to monitor. You've been able to read that traffic on web sites if you don't have the radio for years. Nobody is using ACARS for ATC over domestic US airspace. In the EU, they use a newer version of ACARS called ATN for which you could uplink flight plan change requests, but it isn't automatic. Yes, it is possible to uplink a message to a specific aircraft, if you knew they were equipped to receive it and you knew which provider frequency to use.

His demo was stupid because he would have had to authorize the FMS to accept the plan change, but no real pilot is going to respond to an ACARS message that shows up at random with a flight plan change. Nothing he could do would cause the masks to deploy or turn off any lighting systems.

In short, the guy is trying to make a name for himself.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: ouboy79
Posted 2013-04-11 11:17:30 and read 12252 times.

Quoting 0NEWAIR0 (Reply 3):
I don't know if I believe in the legitamacy of his conclusions resulting from the tests. Yes, he has proven that the app can control the equipment he used in his test but he has not controlled a real airplane with it.

Do you really want to see a real world test of a phone app taking over a 737? No thanks.

I don't think we are talking about someone with an iPhone flying an aircraft per se, more like interrupting commands being sent to the controls that can cause it to depart normal flight. Getting the patches deployed to the software packages on the aircraft will likely be rushed out and keep this from being an issue. Thankfully we had people like this that push technology to find faults to safeguard against those that aren't as noble.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: Speedbird128
Posted 2013-04-11 11:36:43 and read 12143 times.

Quoting ouboy79 (Reply 6):
that can cause it to depart normal flight

I'd debate the legitimacy of that... I would be interested to see exactly how he manages to insert messages in the CPDLC system...

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: tugger
Posted 2013-04-11 12:03:51 and read 12003 times.

Quoting Speedbird128 (Reply 7):

I'd debate the legitimacy of that... I would be interested to see exactly how he manages to insert messages in the CPDLC system...

I guarantee you that there are industry personnel right now looking into that with him (probably at whatever hourly rate he charges...). If the issue is real then it will be addressed.

Tugg

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: glbltrvlr
Posted 2013-04-11 12:20:17 and read 11916 times.

Quoting tugger (Reply 8):
I guarantee you that there are industry personnel right now looking into that with him

I seriously doubt it. The industry (airlines, ANSPs, airframers and avionics manufacturers) are very aware of the open nature of air-ground datalink and how messages can be spoofed. There's also been a significant amount of non-public analysis performed on what the safety implications are of having such a system currently as well as what needs to be done in followon systems like NextGen and SESAR. While I'm willing to make allowances for stupid reporters, much of what appears in that article is complete tosh.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: lightsaber
Posted 2013-04-11 12:34:26 and read 11840 times.

Quoting tugger (Reply 2):
He used ACARS to gain access to the plane’s onboard computer system and uploaded Flight Management System data.

How to do that on a real airplane? We control software tightly and the new software *must* match the bit check or the old software is kept by default.

Quoting glbltrvlr (Reply 9):
The industry (airlines, ANSPs, airframers and avionics manufacturers) are very aware of the open nature of air-ground datalink and how messages can be spoofed.

   Those messages are firewalled from the flight control boxes.

Quoting glbltrvlr (Reply 9):
While I'm willing to make allowances for stupid reporters, much of what appears in that article is complete tosh.

   Or else what I learned in system center labs is 'tosh.' I just do not see how this gets past the protocols...

Lightsaber

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: chuchoteur
Posted 2013-04-11 12:40:22 and read 11791 times.

Quoting tugger (Reply 8):
I guarantee you that there are industry personnel right now looking into that with him (probably at whatever hourly rate he charges...). If the issue is real then it will be addressed.

I don't think anyone wants to work on security issues with a guy who's gone up on stage and told the whole world about such topics...

I'm given to understand that he has developed a software that scans code for vulnerabilities, and he's trying to push that product. Nice commercial pitch, shame it won't work out.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: 0NEWAIR0
Posted 2013-04-11 12:46:34 and read 11755 times.

Quoting ouboy79 (Reply 6):
Do you really want to see a real world test of a phone app taking over a 737? No thanks.

Why not? It wouldn't have to be in the air. The plane could be on the ground in a controlled environment.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: airmagnac
Posted 2013-04-11 12:54:32 and read 11707 times.

Quoting glbltrvlr (Reply 9):
much of what appears in that article is complete tosh.

  
Although I would not be so harsh, generally speaking I agree. The story disregards completely any notions of critical system design, with integrity checks, redundancies and airplane-level back-ups. And as all these features would be the first to be removed from a commercial PC simulation, his demo is meaningless.

Even assuming he did manage to upload his garbage data to the FMS, then what would happen ? The FM is a long-term control, so it won't make the airplane do aerobatics, just change direction. If he gets too close to the edges of the envelope, the AP should switch off and eliminate the problem. And newer aircraft have envelope protections.
If he makes the plane head towards the ground or another plane, GPWS or TCAS will pop up and say hello.
And any indirect control on other systems (lights, oxygen) is heavily dependant on aircraft architecture, so you can't make general conclusions.

So not very worrying. Certainly not terrifying.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: glbltrvlr
Posted 2013-04-11 14:15:42 and read 11459 times.

Quoting lightsaber (Reply 10):
How to do that on a real airplane? We control software tightly and the new software *must* match the bit check or the old software is kept by default.

He's not claiming to have modified the FMS code itself, only to have uplinked messages that modified the FMS flight plan, caused the cabin to decompress and turn off all the lights. Of those three, only the first one is technically possible even by an authorized message. For the aircraft that even have that capability (which is by no means the majority of aircraft flying today), there are procedures and other means of ensuring that the message is legitimate.

He's also conflating ACARS and ADS-B. ADS-B is a surveillance system. It is not a control system and cannot be used to modify anything in the FMS, or anything else on the aircraft. While it is possible to spoof ADS-B messages and create ghost aircraft, there are other systems in place to identify spoofed aircraft and unauthorized transmissions of ADS-B messages.

In effect, he has discovered the digital equivalent of purchasing a voice radio and pretending to be a controller.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: Speedbird128
Posted 2013-04-11 14:24:44 and read 11423 times.

Quoting tugger (Reply 8):
I guarantee you that there are industry personnel right now looking into that with him

I doubt that everybody will be hopping to his tune. In my not so big understanding of the onboard systems design, I don't see what he says as remotely feasible... The messaging system between atc and pilot is a secure closed loop with sender and recipient "addresses" required for authentication of the instruction. It's not just a case of sending an email to tell the plane to dive into the ground.

I still don't believe him - you cannot manipulate a physical switch with an android phone. But that's my opinion.

Quoting glbltrvlr (Reply 9):
I seriously doubt it. The industry (airlines, ANSPs, airframers and avionics manufacturers) are very aware of the open nature of air-ground datalink and how messages can be spoofed. There's also been a significant amount of non-public analysis performed on what the safety implications are of having such a system currently as well as what needs to be done in followon systems like NextGen and SESAR. While I'm willing to make allowances for stupid reporters, much of what appears in that article is complete tosh.

   Kind of agree with that.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: qualitydr
Posted 2013-04-11 19:52:17 and read 9672 times.

I believe I could cobble together an app that would break into Microsoft's Flight Simulator X remotely, and do everything he claimed to a sophisticated airframe model (such as the PMDG 744, for instance). I don't see getting any of that done on an operational flight...

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: cornutt
Posted 2013-04-11 20:19:37 and read 8573 times.

Quoting airmagnac (Reply 13):
Although I would not be so harsh, generally speaking I agree. The story disregards completely any notions of critical system design, with integrity checks, redundancies and airplane-level back-ups.

What he said. These things aren't running WIndows.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: lightsaber
Posted 2013-04-11 21:24:14 and read 8104 times.

Quoting glbltrvlr (Reply 14):
For the aircraft that even have that capability (which is by no means the majority of aircraft flying today), there are procedures and other means of ensuring that the message is legitimate.

Exactly. Something isn't adding up. Normal protocols would have to be bypassed.

Lightsaber

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: winstonlegthigh
Posted 2013-04-11 21:54:42 and read 7894 times.

Quoting chuchoteur (Reply 11):
I don't think anyone wants to work on security issues with a guy who's gone up on stage and told the whole world about such topics...

Obviously I can't say for sure whether they are or aren't, but McAfee and Symantec, for example, have all relied on characters such as Hugo Teso to improve their product. Who better to help plug the holes than the very people that make it their hobby to squeeze through them? IIRC, that's exactly how Symantec was able to understand and appreciate the complexity of what Stuxnet was.

[Edited 2013-04-11 21:55:47]

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: francoflier
Posted 2013-04-12 01:52:52 and read 6589 times.

I wouldn't completely dismiss this as a trivial issue, as many seem to do...

While you can't 'take over' an aircraft from the ground, it remains that if the ACARS coms can be hacked, then fake ATC or company messages can be sent to aircrafts.

It could lead to potentially unsafe scenarios where an aircraft was instructed by a fake ATC message to climb, descend or turn into the path of traffic. By the time the real ATC figured it out, the maneuver would have long been initiated.

There are several lines of defense to cross before a disaster occured, one of which would be basic airmanship, common sense, and that eternal defiance and distrust of anyone on the ground that pilots have.

It's still a hole in one of the cheese slices and I'm hoping someone's working on it.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: r2rho
Posted 2013-04-12 05:24:15 and read 5438 times.

Quoting glbltrvlr (Reply 5):
no real pilot is going to respond to an ACARS message that shows up at random with a flight plan change

even then, upon acceptance, IIRC the new uploaded flight plan is routed to the secondary flight plan, it does not simply replace the active flight plan.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: thrufru
Posted 2013-04-12 07:37:31 and read 4324 times.

Oh for goodness sake, just click off the freakin' automation and fly the damned plane.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: kazim786
Posted 2013-04-12 09:38:50 and read 3336 times.

Quoting Speedbird128 (Reply 4):

I think there is an app for that!   

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: IBOAviator
Posted 2013-04-12 10:04:48 and read 3122 times.

Quoting francoflier (Reply 20):
It could lead to potentially unsafe scenarios where an aircraft was instructed by a fake ATC message to climb, descend or turn into the path of traffic. By the time the real ATC figured it out, the maneuver would have long been initiated.

TCAS? Assuming airliners having the FMS would have an operational TCAS, the possibility of instructing an aircraft to "turn" into another is highly unlikely. It's still the pilot's call to make the turn, etc.

Quoting thrufru (Reply 22):
Oh for goodness sake, just click off the freakin' automation and fly the damned plane.

Ahha Yes! But I think in today's world, automation onboard modern airliners will always be a necessity.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: chuchoteur
Posted 2013-04-12 12:28:47 and read 2925 times.

Quoting winstonlegthigh (Reply 19):
Obviously I can't say for sure whether they are or aren't, but McAfee and Symantec, for example, have all relied on characters such as Hugo Teso to improve their product. Who better to help plug the holes than the very people that make it their hobby to squeeze through them? IIRC, that's exactly how Symantec was able to understand and appreciate the complexity of what Stuxnet was.


I think that in most cases, those people used to test systems for sensitive industries are very much required to maintain confidentiality, and I believe that in some cases this is done via the suspended sentences that they are under for some of their previous actions.

[Edited 2013-04-12 12:35:01]

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: SKC
Posted 2013-04-14 05:36:08 and read 2424 times.

Quoting IBOAviator (Reply 24):
Ahha Yes! But I think in today's world, automation onboard modern airliners will always be a necessity.


A convenience and a means for fuel efficient flight, sure, but certainly not a necessity.

Topic: RE: Hacker Says Phone App Could Hijack Plane
Username: nightfox365
Posted 2013-04-14 16:49:21 and read 2156 times.

Quoting r2rho (Reply 21):
I wouldn't completely dismiss this as a trivial issue, as many seem to do...

While you can't 'take over' an aircraft from the ground, it remains that if the ACARS coms can be hacked, then fake ATC or company messages can be sent to aircrafts.

It could lead to potentially unsafe scenarios where an aircraft was instructed by a fake ATC message to climb, descend or turn into the path of traffic. By the time the real ATC figured it out, the maneuver would have long been initiated.

There are several lines of defense to cross before a disaster occured, one of which would be basic airmanship, common sense, and that eternal defiance and distrust of anyone on the ground that pilots have.

It's still a hole in one of the cheese slices and I'm hoping someone's working on it.

Problem with what you say is, pilots would check to see if such a change was authorised, secondly, ATC instructs pilots of their intentions to change their flight plan. Then they send the changes. I am also pretty sure, the pilots would realise that the flight plan that was sent to them is odd, and would then confirm it with ATC. So before any change of altitude or direction or speed, they would have gotten the answer they thought and would disregard such messages.


The messages in this discussion express the views of the author of the message, not necessarily the views of Airliners.net or any entity associated with Airliners.net.

Copyright © Lundgren Aerospace. All rights reserved.
http://www.airliners.net/