Sponsor Message:
Civil Aviation Forum
My Starred Topics | Profile | New Topic | Forum Index | Help | Search 
Trojan-Ridden Software Implicated In Air Crash  
User currently offlinePart147 From Ireland, joined Dec 2008, 510 posts, RR: 0
Posted (4 years 2 months 2 days 6 hours ago) and read 21249 times:

The Spanair MD-82 crash back in 2008 may may have had a virus-infected computer warning system which may have been a factor in the crash itself!!!!

http://www.theregister.co.uk/2010/08/20/spanair_malware/

"The airline's central computer which registered technical problems on planes was infected by Trojans at the time of the fatal crash and this resulted in a failure to raise an alarm over multiple problems with the plane..."

That is a scary thought! I wonder from where the viruses could have entered the aircraft computer system???


It's better to ask a stupid question during training, rather than make a REALLY stupid mistake later on!
28 replies: All unread, showing first 25:
 
User currently offlinemestrugo From Chile, joined Apr 2007, 237 posts, RR: 0
Reply 1, posted (4 years 2 months 2 days 6 hours ago) and read 21209 times:

Quoting Part147 (Thread starter):
The airline's central computer

... is not the AIRPLANE's central computer.


User currently offlinestevenlee505 From United States of America, joined Dec 2009, 69 posts, RR: 0
Reply 2, posted (4 years 2 months 2 days 5 hours ago) and read 21022 times:

Now the big question is how the trojan got onto the plane's systems in the first place... and who would code something like this to run on the software in the plane? Unless it was running Windows or something?

User currently offlineMauriceB From Netherlands, joined Aug 2004, 2490 posts, RR: 25
Reply 3, posted (4 years 2 months 2 days 5 hours ago) and read 21005 times:

Quoting stevenlee505 (Reply 2):
Now the big question is how the trojan got onto the plane's systems in the first place... and who would code something like this to run on the software in the plane? Unless it was running Windows or something?

Read again, there wasn't any trojan at the planes computer itself...


User currently offlinegarnetpalmetto From United States of America, joined exactly 11 years ago today! , 5404 posts, RR: 53
Reply 4, posted (4 years 2 months 2 days 5 hours ago) and read 20949 times:

Quoting stevenlee505 (Reply 2):


Now the big question is how the trojan got onto the plane's systems in the first place...

It didn't - as the user above pointed out, the virus was in the airline's central computer, not the aircraft's central computer. The cause of the crash was still the failure of the crew to deploy flaps and slats on takeoff, not any computer gremlin. Had the computer gremlin not been there, Spanair would have known the aircraft was trying to take off without flaps and slats, but the virus didn't directly cause the crash.



South Carolina - too small to be its own country, too big to be a mental asylum.
User currently offlinerottenray From United States of America, joined Jun 2010, 279 posts, RR: 0
Reply 5, posted (4 years 2 months 2 days 4 hours ago) and read 20478 times:

Quoting garnetpalmetto (Reply 4):
Spanair would have known the aircraft was trying to take off without flaps and slats, but the virus didn't directly cause the crash.


Exactly.

Most trojans are designed to take over an internet-connected computer's comm ports (called sockets) for the purpose of propagating the payload (the "guts" of the infection) to other computers.

This infection probably simply slowed down the system enough to prevent the Spanair staff from receiving timely notification of the flight's configuration.

Would the absence of the trojan have saved the flight?

Doubtful - I don't think anyone on-staff could have notified the flight deck in time.

As far as the statement in the article, "If the airlines' central computer was working properly a take-off after three warnings would not have been allowed, thereby averting the tragedy," well, that's prolly just journalistic flair or perhaps bad information. Those 3 warnings would have occurred during the takeoff roll.



RR


User currently offlineAeolus From Mexico, joined Aug 2007, 374 posts, RR: 0
Reply 6, posted (4 years 2 months 2 days 3 hours ago) and read 19581 times:

Quoting garnetpalmetto (Reply 4):
The cause of the crash was still the failure of the crew to deploy flaps and slats on takeoff

Was this the cause? Really? I've been missing something. Someone a link?

Thanks,
-Aeolus



Flying under the clouds above!
User currently offlineWNwatcher From United States of America, joined Mar 2010, 275 posts, RR: 0
Reply 7, posted (4 years 2 months 2 days 3 hours ago) and read 19508 times:

Quoting stevenlee505 (Reply 2):
Unless it was running Windows or something?

If that was the case, the plane would have probably crashed from a blue screen..................  



meepmeep
User currently offlineIndy From United States of America, joined Jan 2005, 4570 posts, RR: 18
Reply 8, posted (4 years 2 months 2 days 2 hours ago) and read 19114 times:

I was flying NW into MSP (I forget the origination airport) and we had landed and just turned off and the plane comes to a stop in a less than usual location. We sit there for a while when the pilot comes over the intercom and had stated something to the effect that the computer system had basically failed and they were restarting the systems and until they came back up the pilots had no control of the systems and were unable to move. The flaps were left fully deployed from the landing until everything came back up. Once we started to move the flaps were raised again. It makes me wonder what would have happened had those computer systems failed just 60 to 90 seconds earlier.


Indy = Indianapolis and not Independence Air
User currently offlineFly2HMO From , joined Dec 1969, posts, RR:
Reply 9, posted (4 years 2 months 2 days 2 hours ago) and read 18616 times:

I just love the sensationalist title of the news report   

And it's pretty much impossible for a plane to have a computer virus. All planes have proprietary software and no operating systems per se.

Quoting Indy (Reply 8):
It makes me wonder what would have happened had those computer systems failed just 60 to 90 seconds earlier.

Nothing, the plane keeps flying. As a pax you most likely wouldn't have even noticed.


User currently offlinePanman From Trinidad and Tobago, joined Aug 1999, 790 posts, RR: 0
Reply 10, posted (4 years 2 months 1 day 21 hours ago) and read 14350 times:

Actually. There is one type of plane, produced by one of the two major manufacturers, that actually can be infected by a virus, just that it would take a hell of a lot of work as it has loads of firewalls and one way routers......

I'll say no more......

pAnmAn


User currently offlinewcs From Canada, joined Apr 2007, 255 posts, RR: 16
Reply 11, posted (4 years 2 months 1 day 21 hours ago) and read 14226 times:

Quoting Fly2HMO (Reply 9):
I just love the sensationalist title of the news report

Indeed.

I highly doubt that the back end of the maintenance software was trojan infected.

To report that aircraft computer was is ridiculous!

These systems are most likely proprietary, very reliable and safe albeit not very strong security wise.
I can barely imagine any malware being coded for the "vintage" onboard computers that we can find on an MD, except if this is made "a la carte" and on purpose.

WCS



FLY SKYTEAM JETS
User currently offlinehomsar From United States of America, joined Jan 2010, 1185 posts, RR: 0
Reply 12, posted (4 years 2 months 1 day 21 hours ago) and read 13900 times:

I'm a little confused.

Is the article saying that a plane trying to takeoff without its flaps extended would have sent a warning to the airline's central computer?

Or is it saying that once the pilot abandoned the first takeoff, they would report such to the computer, which would have noted other reported problems, and therefore alerted the dispatchers to the need to cancel the flight?



I was raised by a cup of coffee.
User currently offlinetdscanuck From Canada, joined Jan 2006, 12709 posts, RR: 80
Reply 13, posted (4 years 2 months 1 day 21 hours ago) and read 13870 times:

Quoting Fly2HMO (Reply 9):
And it's pretty much impossible for a plane to have a computer virus. All planes have proprietary software and no operating systems per se.

The newest ones do have operating systems (typically Wind River's VxWorks or Green Hill's Integrity), but those are functionally immune to viruses and, even if you could write a virus for one, getting on to the plane would be nearly impossible.

Quoting Panman (Reply 10):
There is one type of plane, produced by one of the two major manufacturers, that actually can be infected by a virus, just that it would take a hell of a lot of work as it has loads of firewalls and one way routers......

I'll say no more......

I know the plane, the the route, you're talking about. Even if you could write a virus that would run successfully, and even if you could get it past the firewalls and routers, it *still* wouldn't be able to impact the operation of any of the systems. So you could infect it with a virus, but nobody would notice.

Tom.


User currently offlinejeb94 From United States of America, joined Oct 2004, 603 posts, RR: 5
Reply 14, posted (4 years 2 months 1 day 21 hours ago) and read 13741 times:

Guys, we are talking about an MD80 here. They are not computerized airplanes. An airbus, maybe. An MD80, no way. It has guidance computers for the autopilot and navigation but it can be flown if these fail just fine. What you have here is pilots trying to take off with the aircraft not configured for takeoff. They either ignored the takeoff warning or the takeoff warning system wasn't functional either by being disabled or through a malfunction. I doubt the airline's computer system would've prevented anything. Typical sensationalism that you get from today's media. They can't just report things anymore.

User currently offlineFly2HMO From , joined Dec 1969, posts, RR:
Reply 15, posted (4 years 2 months 1 day 21 hours ago) and read 13707 times:

Quoting tdscanuck (Reply 13):

The newest ones do have operating systems (typically Wind River's VxWorks or Green Hill's Integrity), but those are functionally immune to viruses and, even if you could write a virus for one, getting on to the plane would be nearly impossible.

Ah yes. I recall hearing about those extremely obscure OS's.

Realistically however, programming a virus for any sort of embedded software would be extremely impractical and would require extremely intimate knowledge of the program and hardware in question. And then you somehow have to upload it into the plane's systems without getting caught.

If I was a terrorist I think I much rather grab a RPG from the black market and just point it at something with wings   

Quoting jeb94 (Reply 14):
Guys, we are talking about an MD80 here. They are not computerized airplanes. An airbus, maybe. An MD80, no way. It has guidance computers for the autopilot and navigation but it can be flown if these fail just fine. What you have here is pilots trying to take off with the aircraft not configured for takeoff. They either ignored the takeoff warning or the takeoff warning system wasn't functional either by being disabled or through a malfunction. I doubt the airline's computer system would've prevented anything. Typical sensationalism that you get from today's media. They can't just report things anymore.

Well said. This topic can end now  Wink

[Edited 2010-08-20 19:19:12]

User currently offlineokie From United States of America, joined Jul 2003, 3099 posts, RR: 3
Reply 16, posted (4 years 2 months 1 day 20 hours ago) and read 13555 times:

Quoting homsar (Reply 12):
Or is it saying that once the pilot abandoned the first takeoff, they would report such to the computer, which would have noted other reported problems, and therefore alerted the dispatchers to the need to cancel the flight?


That is what they are trying to say. There were previous instances of this problem in proceeding flights archived in the mainframe/maintenance computer which would have flagged the aircraft to further inspections. They did not come up on the computer and a MEL procedure was put in place to pass the rectification of the problem to another MX station.

The temporary procedure left the configuration warning horn inoperative. The pilots missed the flaps and slats on their check list which was interrupted by a radio call. When they picked back up on the check list they started after the flaps and slats auctioning. When they applied take off power the warning horn did not sound to indicate improper configuration because the circuit breaker was pulled. The rest is history.

Okie


User currently offline413X3 From United States of America, joined Jul 2008, 1983 posts, RR: 0
Reply 17, posted (4 years 2 months 1 day 16 hours ago) and read 11276 times:

Unbelievable that such a mistake could be made with pilots who have thousands of hours of total time.

User currently offlinePanman From Trinidad and Tobago, joined Aug 1999, 790 posts, RR: 0
Reply 18, posted (4 years 2 months 1 day 13 hours ago) and read 9837 times:

The one I'm talking about uses Windows!! A heavily modified version, but windows nevertheless!! I couldn't believe it when I saw it!! It also uses Linux though.

tdscanuck - As much as I would like to agree with you that it wouldn't impact the systems, I always remember that they said the titanic couldn't sink. Maybe I'm just too cynical/pessimistic.

pAnmAn


User currently offlinetdscanuck From Canada, joined Jan 2006, 12709 posts, RR: 80
Reply 19, posted (4 years 2 months 1 day 9 hours ago) and read 7789 times:

Quoting Panman (Reply 18):
The one I'm talking about uses Windows!! A heavily modified version, but windows nevertheless!! I couldn't believe it when I saw it!! It also uses Linux though.

OK, now I know exactly which system on which aircraft you're talking about and, in that particular case, it's even more impossible to create a virus that would actually impact the safe operation of the aircraft. There are a couple of systems running Windows in that plane and they're unique in one primary regard...the Windows partitions are all doing things that have nothing to do with safe operation of the aircraft.

Quoting Panman (Reply 18):
tdscanuck - As much as I would like to agree with you that it wouldn't impact the systems, I always remember that they said the titanic couldn't sink. Maybe I'm just too cynical/pessimistic.

It never hurts to be too cynical/pessimistic in cases like this...that's why the OEM's test this stuff out the wazoo and think *very* hard about systems architecture and security.

Tom.


User currently offlinePanman From Trinidad and Tobago, joined Aug 1999, 790 posts, RR: 0
Reply 20, posted (4 years 2 months 1 day 9 hours ago) and read 7270 times:

Well to tell you the truth tdscanuck, on the type course, when they went into all the architecture of the aircraft's network, I just glazed over!! All I know is when I run the system tests they either pass or fail and I am told what is most likely wrong.

I just remembered some discussion during the course about the one way routers never allowing access to more critical areas of the aircraft's systems and thinking to myself - never say never. Someone may take that as a challenge.....

pAnmAn

[Edited 2010-08-21 07:15:16]

User currently offlineAesma From France, joined Nov 2009, 6722 posts, RR: 12
Reply 21, posted (4 years 2 months 1 day 7 hours ago) and read 6422 times:

As others have pointed out, the virus could be implicated in the fact that the plane was allowed to fly when it shouldn't have been (per company policy, I'm guessing).

Not a direct cause, but still an aligned cheese hole without which the crash wouldn't have happened, interesting.



New Technology is the name we give to stuff that doesn't work yet. Douglas Adams
User currently offlinegarnetpalmetto From United States of America, joined exactly 11 years ago today! , 5404 posts, RR: 53
Reply 22, posted (4 years 2 months 1 day 6 hours ago) and read 5749 times:

Quoting Aeolus (Reply 6):

Was this the cause? Really? I've been missing something. Someone a link?

Here's the CIAIAC's most recent Progress Note:

http://www.fomento.es/NR/rdonlyres/0...76745/2008_032_A_PROGRESO_ENG1.pdf

The investigation has determined that the takeoff was attempted while in an inappropriate and unapproved configuration, since the flaps and slats were fully retracted. The system outfitted on the airplane to warn of an inadequate takeoff configuration (TOWS) also failed to activate.

Also going back to this time last year you have the CIAIAC's Interim Report

http://www.fomento.es/NR/rdonlyres/A...736/2008_032_A_INTERINO_01_ENG.pdf

Key points from there - . The aircraft only reached an altitude of about 40' AGL before crashing and the stick shaker and aural stall warnings are heard on the CVR starting just after they rotated. The flaps were at 0° the entire time. Similar conditions occurred in NW 255's crash.

Quoting rottenray (Reply 5):

This infection probably simply slowed down the system enough to prevent the Spanair staff from receiving timely notification of the flight's configuration.

Would the absence of the trojan have saved the flight?

Doubtful - I don't think anyone on-staff could have notified the flight deck in time.

As far as the statement in the article, "If the airlines' central computer was working properly a take-off after three warnings would not have been allowed, thereby averting the tragedy," well, that's prolly just journalistic flair or perhaps bad information. Those 3 warnings would have occurred during the takeoff roll.

Exactly my thoughts too. The absence of the trojan MAY have saved the flight, but it seems like a very slim chance that would have been contingent on somebody on Spanair's staff notifying the crew sometime between when the takeoff roll started and Vr



South Carolina - too small to be its own country, too big to be a mental asylum.
User currently offlineboeingfixer From Canada, joined Jul 2005, 534 posts, RR: 0
Reply 23, posted (4 years 2 months 1 day 6 hours ago) and read 5723 times:

Quoting okie (Reply 16):
There were previous instances of this problem in proceeding flights archived in the mainframe/maintenance computer which would have flagged the aircraft to further inspections. They did not come up on the computer and a MEL procedure was put in place to pass the rectification of the problem to another MX station.

Do you have access to a report saying that the Takeoff Warning Horn was placed on an MEL? This is not allowed to be MEL'd and if it actually was I would hate to be the maintenance tech that did itor the supervisor that ordered it to be done.

Quoting okie (Reply 16):
The temporary procedure left the configuration warning horn inoperative.

As said above the Takeoff Warning Horn cannot be placed on an MEL and must work at all times. There is no way around this and the aircraft is to remain out of service until repaired. My question would be, did the flight crew even know of this supposed MEL? If so they are as complicit in the accident as the maintenance personnel who signed off on a non existing MEL.

Cheers,

John



Cheers, John YYC
User currently offlineAesma From France, joined Nov 2009, 6722 posts, RR: 12
Reply 24, posted (4 years 2 months 19 hours ago) and read 4970 times:

It was not done on purpose, supposedly. There was a problem on another system (the RAT) and the mechanics MELed that, but the way they did it, it deactivated the TOWS. Anyway the mechanics are indeed in trouble.

edit : in fact it's not even that, it's a faulty relay that was causing both the RAT and the TOWS problems, and the mechanics didn't realize that, so they just MELed the RAT, not knowing the TOWS was not working.

[Edited 2010-08-21 21:06:37]


New Technology is the name we give to stuff that doesn't work yet. Douglas Adams
25 boeingfixer : Thanks for the insight but I'd really like to see a direct link to a report with these facts. Regardless the MD MEL for a RAT heater failure should n
26 Aesma : I haven't read the reports (skimming through them proved unsuccessful to provide a clear but concise picture) so I'll rely on wikipedia till the final
27 okie : TAT heater was the CB that was pulled. Speculation is that the R5 relay had failed or what ever causes the R5 to change state. The circuits for the T
28 jeb94 : Seems like maybe a procedural issue here somewhere besides the MEL. If the R2-5 ground control relay is stuck in the flight mode, then it deactivates
Top Of Page
Forum Index

This topic is archived and can not be replied to any more.

Printer friendly format

Similar topics:More similar topics...
Two Pilots Die In Mid-air Crash At Polish Air Show posted Sat Sep 1 2007 18:32:28 by Bofredrik
King Air Crash In Lake Pleasant, Outside PHX posted Sun May 13 2007 01:18:00 by Crjflyer35
117 Die In Air India 707 Crash 31 Years Ago Today. posted Wed Jan 24 2007 10:08:41 by Cumulus
Air Crash Total Fell In 2006 posted Tue Jan 2 2007 23:20:22 by CPH813
Arrow Air Crash At YQX In 1985 posted Sat Jul 15 2006 04:51:41 by BA84
Toronto Man Killed In Jet Crash At Ottawa Air Show posted Fri Jun 16 2006 22:52:28 by Irobertson
Two Killed In Republic Of Ireland Air Crash posted Thu May 25 2006 17:01:43 by AMSMAN
Air Crash In Afghanistan... Many Victims posted Mon Apr 24 2006 10:44:43 by Lospaziale
'No Survivors' In Sudan Air Crash posted Sun Feb 12 2006 03:33:58 by El Al 001
Mid Air Crash In New Zealand Around Palmerston Nth posted Wed Feb 8 2006 22:55:27 by 777ER