Portal Home | IS News Menu | Portal Menu | ISB Menu | Main Content
Fly a Dreamliner From Your Laptop (a Real One)
07 Jan 01:02

According to a document issues by the Federal Aviation Authority the on-board computer system of the new Boing 787 Dreamliner passenger airplane may be susceptible to hacking from laptops used in flight.

On pages 27ff of Federal Register: January 2, 2008 (Volume 73, Number 1 - URL below) the summary of these FAA "special conditions" state that "This airplane will have novel or unusual design features when compared to the state of technology envisioned in the airworthiness standards for transport category airplanes. These novel or unusual design features are associated with connectivity of the passenger domain computer systems to the airplane critical systems and data networks. For these design features, the applicable airworthiness regulations do not contain adequate or appropriate safety standards for protection and security of airplane systems and data networks against unauthorized access. These special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing standards."

Further into the document the following:

"The digital systems architecture for the 787 consists of several networks connected by electronics and embedded software. This proposed network architecture is used for a diverse set of functions, including the following:

  1. Flight-safety-related control and navigation and required systems (Aircraft Control Domain).
  2. Airline business and administrative support (Airline Information Domain).
  3. Passenger entertainment, information, and Internet services (Passenger Information and Entertainment Domain).

The proposed architecture of the 787 is different from that of existing production (and retrofitted) airplanes. It allows new kinds of passenger connectivity to previously isolated data networks connected to systems that perform functions required for the safe operation of the airplane. Because of this new passenger connectivity, the proposed data network design and integration may result in security vulnerabilities from intentional or unintentional [editor's emphasis] corruption of data and systems critical to the safety and maintenance of the airplane."

According to this it looks as if passengers' laptops are connected to the computer network responsible for keeping up to 381 passengers from tumbling to their deaths. As an informed member of the information security community for more than 20 years your editor is not sure this is a good idea.

Apart from this the document makes very interesting reading because it illustrates part of the security process in the airplane industry. It's not long - go read it.

The largest aircraft your editor has ever controlled was a French Caravelle passenger jet, and only for a few minutes at that - and I can't wait to try flying a 787. I just hope none of the other passengers will want to veer off to Jordan or Syria - or to gatecrash a party in the White House...

--ED

Related links: (Open in a new window.)
External link cryptome.org/faa010208.htm

View Printable View printable version (opens in new window)
Back Back