A Remedy for Bad Altitude
January 3, 2017 | Raytheon CompanyEstimated reading time: 3 minutes
How can an airplane be hacked? The answer, say experts, may be to confuse the pilot instead.
"Taking control over an airplane isn't as easy as flying a drone; an attack is more likely going to be simulating malfunctions so a pilot loses trust in his or her aircraft," said Mike Worden, a Raytheon engineering fellow and the company's principal investigator for cyber hardening projects.
Raytheon is working on a company-funded research and development project to provide commercial and military pilots a cyber attack warning system within the next year. The company is developing two products: a software-only technology and a hardware-deployable module. Software will provide a quick and easy fix should the need arise, while the hardware is designed to give airlines and the military a resilient, persistent solution for aircraft cyber protection.
“Think of it as the cyber equivalent of a missile warning system," Worden said. "When an enemy missile locks onto an aircraft, the pilot gets alerted so he or she can take evasive action, popping off flares and chaff to avoid getting shot down. With a cyber warning system, pilots will also be able to tell if anything on the aircraft has been hacked and performing actions that it shouldn’t."
Worden has assembled a team of cyber vulnerability experts and engineers led by Greg Ladd, an engineering fellow and cyber mitigation principal investigator, to prevent the five Ds of non-kinetic warfare – denial, disruption, degradation, destruction and deception.
“The team has developed software that looks for anomalies on the aircraft buses — the communication systems that control, monitor and transfer data between different electronic components in the aircraft —and remote terminals, which could be any device connected to the buses, such as annunciators, flaps, lights and landing gear," Ladd said.
Those systems are often based on 1970s technology, according to Worden, designed before the need for cyber defenses.
“In today’s Internet of Things, we think about cyber threats a lot," he said. "The consequences of a compromised aircraft could be catastrophic.”
According to Worden, the greatest cybersecurity threat facing aircraft is introduction of malware through the supply chain, since aircraft parts are manufactured all over the world.
“Malicious code could remain dormant until specific conditions are met before it’s triggered, such as, for example, reaching an altitude of 10,000 feet on its 30th flight,” Worden said. “Talk like this gets pilots hyperventilating, and I can tell you I get a little more nervous when I hit turbulence these days.”
Worden said that a single compromised component or “bad actor” could take advantage of the entire system. The exploit could deceive the pilot into thinking the aircraft was doing something that it shouldn't, such as losing fuel or having an engine fire, or it could actually take control of it remotely.
The cyber warning system would detect if a component aboard is “misbehaving” or suddenly appears when it shouldn’t an issue alert.
During military operations, a cyber attack on an aircraft could trick pilots into not trusting their instruments and aircraft. If they don’t trust their aircraft, then their mission fails.
“Today, our system lets pilots know of cyber intrusions, allowing them time to react and switch over to alternate systems,” Ladd said. “It lets them know ‘My engine really isn’t on fire; it’s a cyber issue.’”
Both Worden and Ladd said that the October, 2016 distributed denial of service cyber attacks against the internet provider Dyn, which blocked major websites from users across Europe and North America, annoyed and inconvenienced many across the globe, but they weren’t life threatening.
“Nobody died during the recent DDOS attacks — at worst, you weren’t able to stream a movie or post where you ate dinner that night,” Worden said. “A denial of service attack on aircraft could quickly turn into a tragedy. The pilot needs to be notified because immediate action is warranted. That’s the scenario that we’re looking to protect against.”
Suggested Items
Arlon EMC Receives IPC-4101 QPL Recertification
03/20/2024 | Arlon Electronic MaterialsArlon Electronic Materials has successfully completed an intensive two-day recertification audit by IPC Validation Services that examined Arlon’s manufacturing processes and testing procedures to assure that they are in conformance to the requirements of IPC-4101E-WAM1, the Specification for Base Materials for Rigid and Multilayer Printed Boards.
Orbit International Electronics Group Reports Bookings for February 2024 in Excess of $2,000,000
03/14/2024 | Globe NewswireOrbit International Corp., an electronics manufacturer and software solution provider, announced that its Electronics Group (OEG) reported bookings for the month of February 2024 in excess of $2,000,000.
U.S. Space Force Awards Boeing WGS-12 Communications Satellite Production Contract
03/07/2024 | BoeingBoeing received a $439.6 million contract to build the 12th Wideband Global SATCOM (WGS) communications satellite for U.S. Space Force's Space Systems Command.
IPC Releases Newest List of Standards Updates, Revisions
02/20/2024 | IPCEach quarter, IPC releases a list of standards that are new or have been updated. To view a complete list of newly published standards and standards revisions, translations, proposed standards for ballot, final drafts for industry review, working drafts, and project approvals, visit ipc.org/status.
Triumph Wins Contract To Upgrade U.S. Army Chinook Helicopters
02/07/2024 | PRNewswireTriumph Group, Inc. announced that its Systems, Electronics and Controls business in West Hartford, Connecticut has been awarded a five-year contract with the United States Army to provide an upgrade of the EMC32T Hydraulic Metering Assembly (HMA) fuel control on the T55 engines, supporting the CH-47 Chinook helicopter fleet.