A remedy for bad altitude
Aircraft warning system will alert pilots to cyber attacks
How can an airplane be hacked? The answer, say experts, may be to confuse the pilot instead.
"Taking control over an airplane isn't as easy as flying a drone; an attack is more likely going to be simulating malfunctions so a pilot loses trust in his or her aircraft," said Mike Worden, a Raytheon engineering fellow and the company's principal investigator for cyber hardening projects.
Raytheon is working on a company-funded research and development project to provide commercial and military pilots a cyber attack warning system within the next year. The company is developing two products: a software-only technology and a hardware-deployable module. Software will provide a quick and easy fix should the need arise, while the hardware is designed to give airlines and the military a resilient, persistent solution for aircraft cyber protection.
“Think of it as the cyber equivalent of a missile warning system," Worden said. "When an enemy missile locks onto an aircraft, the pilot gets alerted so he or she can take evasive action, popping off flares and chaff to avoid getting shot down. With a cyber warning system, pilots will also be able to tell if anything on the aircraft has been hacked and performing actions that it shouldn’t."
Worden has assembled a team of cyber vulnerability experts and engineers led by Greg Ladd, an engineering fellow and cyber mitigation principal investigator, to prevent the five Ds of non-kinetic warfare – denial, disruption, degradation, destruction and deception.
“The team has developed software that looks for anomalies on the aircraft buses — the communication systems that control, monitor and transfer data between different electronic components in the aircraft —and remote terminals, which could be any device connected to the buses, such as annunciators, flaps, lights and landing gear," Ladd said.
Those systems are often based on 1970s technology, according to Worden, designed before the need for cyber defenses.
“In today’s Internet of Things, we think about cyber threats a lot," he said. "The consequences of a compromised aircraft could be catastrophic.”
According to Worden, the greatest cybersecurity threat facing aircraft is introduction of malware through the supply chain, since aircraft parts are manufactured all over the world.
“Malicious code could remain dormant until specific conditions are met before it’s triggered, such as, for example, reaching an altitude of 10,000 feet on its 30th flight,” Worden said. “Talk like this gets pilots hyperventilating, and I can tell you I get a little more nervous when I hit turbulence these days.”
Worden said that a single compromised component or “bad actor” could take advantage of the entire system. The exploit could deceive the pilot into thinking the aircraft was doing something that it shouldn't, such as losing fuel or having an engine fire, or it could actually take control of it remotely.
The cyber warning system would detect if a component aboard is “misbehaving” or suddenly appears when it shouldn’t an issue alert.
During military operations, a cyber attack on an aircraft could trick pilots into not trusting their instruments and aircraft. If they don’t trust their aircraft, then their mission fails.
“Today, our system lets pilots know of cyber intrusions, allowing them time to react and switch over to alternate systems,” Ladd said. “It lets them know ‘My engine really isn’t on fire; it’s a cyber issue.’”
Both Worden and Ladd said that the October, 2016 distributed denial of service cyber attacks against the internet provider Dyn, which blocked major websites from users across Europe and North America, annoyed and inconvenienced many across the globe, but they weren’t life threatening.
“Nobody died during the recent DDOS attacks — at worst, you weren’t able to stream a movie or post where you ate dinner that night,” Worden said. “A denial of service attack on aircraft could quickly turn into a tragedy. The pilot needs to be notified because immediate action is warranted. That’s the scenario that we’re looking to protect against.”
This document does not contain Technical Data or Technology controlled under either the U.S. International Traffic in Arms Regulations or the U.S. Export Administration Regulations. E16-G42W.