IT IS one thing to possess the ability to interfere with the avionic systems onboard an aircraft. It is quite another to announce to the world the intention of practicing such capabilities. But it takes a galactic level of stupidity, hubris or, perhaps, courage to tweet that you are going to do it when you are in seat 3A of United Airlines flight 1607, about to depart from Denver to Chicago. That is exactly what Chris Roberts, a security researcher with One World Labs, did last month:
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? 🙂
The tweet in question (above) suggests Mr Roberts intended to interfere with the Engine Indication Crew Alerting System (EICAS), which informs crew when something goes amiss with a plane’s engine. Or perhaps he wanted to deploy the passenger oxygen masks. Unsurprisingly, he is now helping the FBI with their enquiries. His actions have animated the debate about so-called “cyberjacking”—the ability to take control of aircraft remotely, or at least interfere with aircraft systems for malicious gain. How seriously should such claims be taken?
Mr Roberts maintains his intention was to raise awareness of security vulnerabilities. The FBI says Mr Roberts had identified a weakness with the in-flight entertainment (IFE) systems on Boeing 737-800, 737-900, 757-200 and Airbus A-320 aircraft. It is thought he accessed the systems by plugging a laptop into one of the electronic boxes usually found under the seats either side of the aisle. Once connected, Mr Roberts claims to have accessed other systems on the aircraft. He admits to having issued a “CLB”, or climb command, to the thrust management computer on a previous flight, resulting in a “lateral or sideways movement of the plane”.
Industry experts are sceptical of such claims but admit it is theoretically possible. As the data bus for the IFE is not also used for communications or flight systems, at best Mr Roberts may have seen interference between the two systems, says David Stupples, professor of electronics and radio systems at City University in London. Data packets travelling on copper wires (common in older aircraft) may allow some messages to be seen, but probably only the meta-data, such as the origin and destination of the message, rather than the content itself, which is encrypted. The fibre optic architecture of modern aircraft will not suffer similarly. And anyway, to change an aircraft’s direction Mr Roberts would have had to persuade it that he was the satellite navigation system. That entails spoofing the signals from up to 16 satellites at a time; a tall order suggests Mr Stupples.
There is no room for complacency, however. Last month, the United States Government Accountability Office (GAO) raised concerns over plans to replace the current radar-based air-traffic control with one based on satellite navigation and automation. In a report, it warned that with increased reliance on the internet “unauthorised individuals might access and compromise aircraft avionics systems” and that cyber-based threats present “significant security control weaknesses”.
The industry is acting. Airbus, for example, is working with Cranfield University in Britain to mitigate the risk. One idea is to have a preset “safe state” for each stage of flight, which the aircraft will adopt in the event of system anomalies being discovered. (In the recent Germanwings tragedy, such a system might have decided that descending over mountainous terrain with no immediate airfield available was so odd as to be countermanded.) Another solution is for all flight safety systems to be triplicated and operated on a “voting” system, meaning any malicious software would need to affect at least two systems.
All of which points to how difficult the concept of cyberjacking is. Industry experts and the GAO report suggest the threat of a disgruntled employee infecting the aircraft systems prior to flight (say, during routine maintenance) is more likely. The possibility of hackers taking control of aircraft, while real, should not be overblown. But for one man it has already been costly. Twelve days after his initial tweet, Mr Roberts followed it with one reading:
United have cancelled ALL my trips…and my daughters…and no refund on the Air Miles..goodbye 100,000 Miles so it seems…
This post was commissioned by The Economist