Demystifying Chris Roberts on Aircraft Hacking
Recently Chris Roberts, a security guy has been in the news for his claims over hacking aircraft systems through in-flight entertainment systems.
I’ll try to demystify some of his claims that are nothing other than refreshing drink of snake oil.
Claim : We can still take planes out of the sky thanks to the flaws in the in-flight entertainment systems via FoxNews
Fact: In-flight entertainment systems run in different realms than the flight control computers and avionics. In other words both IFE and flight computers are not linked to each other. Here are a few comments that I found on same FoxNews article.
Comment #1
Being in Aviation Avionics Engineering, this report hold little to no water. The computer systems that control the flight are not connected to communications between the aircraft and ATC. There are regulations that require the separation for this specific potential problem. The systems that run the entertainment in the cabin are also not allowed to be connected to the systems that control flight.
Not sure where Fox obtained this information. If there is a way to control and aircraft remotely, then a modification was made to the systems to allow for this. In the USA, EASA, Transport Canada, etc… this would be a major change to type design and would require a Supplemental Type Certificate to approve, and there would be a problem with that regulation I indicated earlier.. it would not comply with the regulation, therefore it would be illegal to incorporate.
Comment #2:
I’m an avionics guy too. No way can flight control systems be “hacked” through the entertainment systems. That’s simply ridiculous
Lastly, in the worst case even if someone gets access to the flight computers through IFE, may be by supernatural powers then there’s whole bunch of circuit breakers inside a modern jetliner like Boeing 737–800 or Airbus A320 which can effectively turn-off the electronic brain of the airplane and let pilots fly the plane manually without any computer interference/augmentation.
There have been some incidents earlier in which the flight control computers have produced undesirable actions, notably on the Qantas Flight 72 in which an Airbus A330 aircraft produced several uncommanded pitch-ups and pitch downs which injured several passengers, due to an error in FCPC — Flight Control Primary Computer. However pilots were able to silence out FCPC and flew the plane manually. So Chris’ theory is questionable here.
Then there are several other claims by him —
In the above tweet, he refers to EICAS (Boeing terminology) or ECAM (Airbus terminology) which are set of displays that provide pilots with information related to the engine, fuel, hydraulics and etc. there is a section that displays advisory messages.
He’s basically claiming that he can put on PASS OXYGEN ON advisory message on EICAS through the IFE system that’s absolute ridiculous and hilarious at the same time because of the same reason as above.
You may read more about Passenger Oxygen System in Boeing aircrafts —
Claim: Quite simply put, we can theorise on how to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit — FoxNews
Fact: Engines of a jetliner like A320/B737 cannot be turned off through flight control computers because the flight control computers are not capable of turning-off the engines. The operation to turn-off or start the engines are controlled manually by the pilots through engine master switches present in the pedestal area.
In the image below you can see ENG 1 and ENG 2 switches which stand respectively for engine number one (L) and engine number two (R). Both switches have ON and OFF positions for starting and shutting down the engine, perhaps claims of flight computers capable of shutting them down is utter rubbish.
After all these, there’s an FBI warrant roaming around —
I’ll try to address all these point by point —
D. — I’ll say again, IFE systems are not connected to flight control computers, this would be dumbest idea of an airplane designer to make both systems interlinked, specially when an airplane is a critical system, you don’t want yourself to make the life of millions of people flying vulnerable.
On a reality check, if you try to remove SEB (Seat Electronic Box) in mid-flight and attempt to insert an ethernet cable to the seat in-front you is really questionable, keep in mind that you have passengers watching your move and flight attendants are always near-by. It’s pretty hard to believe that Chris really inserted the cable and connected his laptop to the SEB and nobody raised a single word against his actions or informed pilots about this.
E. — Wow, Chris overwrote code inside the Thrust Management Computer through IFE and issued a CLB thrust setting, then the plane drifted off-course. This shit really hilarious, you might be knowing why at this point of article. Good motivation for hacking movies though!
Then he used Vortex Software to monitor traffic from airplane’s cockpit. Well, I don’t know what this Vortex Software actually does if someone can shed some light it would be great!
While the FBI warrant doesn’t mention which traffic he claimed to monitor — I’d assume it to be aviation traffic. Even if he somehow hacked inside the cockpit in a parallel world, he would only see aviation traffic that near by the aircraft he was supposedly flying-in not distant aircrafts that the ATC can see through their radar. Modern aircrafts have a system called TCAS which when enabled, display aircrafts near by on the navigation display of the aircraft. So, there’s nothing much he can see apart from near by aircrafts, if you trust on him.
F. — So, now he used Virtual Box to replicate the airplane’s network. Let’s do a reality check to debunk this one, how can someone create a virtual environment inside a laptop that mimics exactly like an aircraft network on laptop, tough nut eh ? It’s analogical if you say that I can create a virtual environment of an entire car manufacturing facility and then practice hacking inside it, before giving a shot in a real facility.
That’s all folks, concluding this article by Kevin Mitnick’s tweet on this whole episode —
