Aircraft Cyber Vulnerability back on August 21, 2012, Boeing requested permission to make changes to the equipment that had been 
installed as part of 777's series of aircraft onboard data network system upgrade. This request was ruled on November 18, 2013.
Reference:
https://www.federalregister.gov/articles/2013/11/18/2013-27343/special-conditions-boeing-model-777-200–300-and–300er-series-airplanes-aircraft-electronic-system
These special conditions are issued for the Boeing Model 777-200, -300, and -300ER series airplanes. These airplanes, as modified by the Boeing Company, will have novel or unusual design features associated with the architecture and connectivity of the passenger service computer network systems to the airplane critical systems and data networks. This onboard network system will be composed of a network file server, a network extension device, and additional interfaces configured by customer option. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for this design feature. These special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards.
Formerly non-networked devices on board the plane may now be networked.
On August 21, 2012, The Boeing Company applied for a change to Type Certificate No. T00001SE Rev. 30 dated June 6, 2012 for installation of an onboard network system, associated line replaceable units (LRUs) and additional software functionality in the Boeing Model 777-200, -300, and -300ER Series Airplanes. The Boeing Model 777-200 airplanes are long-range, wide-body, twin-engine jet airplanes with a maximum capacity of 440 passengers. The Boeing Model 777-300 and 777-300ER series airplanes have a maximum capacity of 550 passengers. The Model 777-200, -300, and -300ER series airplanes have fly-by-wire controls, software-configurable avionics, and fiber-optic avionics networks.
The proposed architecture is novel or unusual for commercial transport airplanes by enabling connection to previously isolated data networks connected to systems that perform functions required for the safe operation of the airplane. This proposed data network and design integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate this type of system architecture or electronic access to aircraft systems. Furthermore, regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities, which could be caused by unauthorized access to aircraft data buses and servers.
Boeing warned about hacking the aircraft systems back in 2012. Was it fixed?
By the way, I do not believe this was a part of the MH370 situation, but it is curious.
Like this:
Like Loading...
Related
No comments:
Post a Comment