In-flight connectivity has introduced a raft of well-documented passenger and operational benefits, but it has a more sinister flip-side. As aircraft become more and more connected, the aviation industry faces an ongoing battle to ensure it is always several steps ahead of constantly evolving threats to cybersecurity.
“The cyber-security risks associated with [In-Flight Entertainment] IFE systems are just like those associated with other electronic systems in today’s connected world — that a malicious hacker tries to penetrate a system with the intent to disrupt services or steal information,” says Bruno Nouzille, technical director for avionics at Thales. “However, we want to be clear that when we talk about a connected IFE system we are talking about a system that goes through very stringent qualification standards, testing and regulatory safety certification to enable it to be installed on an aircraft. Complementary to this, specific security risk analysis and penetration testing methods are used to validate the robustness of the system to defend against cyber-attacks.” Nouzille stresses that this is a “continuous process,” which is updated to ensure systems remain secured from the “ever-evolving cybersecurity threatscape.”
Joel Otto, staff vice president of strategy and business development at Rockwell Collins’ Information Management Systems (IMS) division, agrees. “As a system designer, you have to always be looking at potential vulnerabilities for penetration,” Otto says. “I am highly confident in the fact that we are all aware as an industry of the potential threat it poses.”
Despite some alarming headlines last year, prompted by a hacker in the United States who claimed to have connected his laptop computer to the in-flight entertainment system and repeatedly gained access to aircraft control networks, the fear surrounding the incident appears to have calmed.
The hacker’s claims have largely been discredited by manufacturers and stakeholders, who emphasize that flight systems are isolated and protected by a multi-layered security approach, and cannot be accessed through public systems.
“The No. 1 design criterion is the isolation of key components,” says Bob Gourley, cofounder and partner at technology consulting firm Cognitio and author of The Cyber Threat. “It is totally impossible for someone through the IFE system to grab control of the aircraft.”
Nouzille agrees that the validity of the hackers’ claims have been disproven. “Comprehensive investigations in cooperation with aircraft manufacturers and authorities were performed as a result of these claims. One year later, we maintain our position that these claims remain unproven,” Nouzille says.
There can never be a guarantee, however, that this kind of event will never happen in the future. As Information Technology (IT) systems become increasingly sophisticated, so do cyber-criminals. “I’m not 100 percent convinced [cybersecurity systems are] 100 percent infallible,” says Marc Kolenko, a U.S.-based cybersecurity expert. “At some point, there is going to be the potential to cross domains from the public network to the private side.”
So, can e-enablement put the safety of an aircraft at risk? Not according to the manufacturers. “The short answer is no, in-flight entertainment and connectivity systems cannot compromise the safety of an aircraft,” says Nouzille, noting that Thales works with aircraft manufacturers on a continuous basis with a holistic approach to safety and security. A precise description of how the multi-layered security systems designed to keep threats at bay work is difficult to determine, due to the secrecy required to keep the information out of the hands of those with malicious intent. As Otto of Rockwell Collins points out: “This is a tricky subject to address because for a lot of what we do to secure our solutions, we do not give specifics away.”
Airlines should build cyber-awareness into their operations and have a “formal cybersecurity program” in place, says Nouzille. “This comprehensive operational plan includes security measures already introduced by aircraft manufacturers, Thales systems and others,” he adds. Regulators clearly have their eyes firmly on the ball when it comes to cybersecurity threats to aviation. In the United States, the FAA’s William J. Hughes Technical Center in March 2016 issued Broad Agency Announcement (BAA) DTFACT-16-R-00037 for Aircraft Systems Information Security/Protection (ASISP). Under the announcement, the agency is reaching out to external contractors to prepare outlines for studying and tracking cyber-attack threats and vulnerabilities to aircraft systems. The winning contractors will provide direct support to the FAA’s NextGen Aviation Research Division (ANG-E2) for research and development of applicable methodologies for ASISP Safety Risk Assessments (SRAs) that can be found on modern avionics systems for aircraft flying in the National Airspace System (NAS).
Another important point to consider is the proliferation of tablet-based Electronic Flight Bags (EFBs) and the potential for cyber-security breaches. In the case of Class 1 EFBs, which feature read-only connectivity, there is little chance that security could be compromised. “[These] devices can connect — if they’re allowed to — to the Internet if there is Internet connection on the airplane. This allows interaction with the back office, but there is no way to directly feed information from one of those devices to the avionics,” Otto notes.
However, the public has voiced concerns about whether airlines deploying portable EFBs have sufficient security protocols in place to keep them safe. While larger airlines often have control over these devices and “keep them locked down,” says Gourley, smaller carriers do not necessarily have sufficient rules in place. “The smaller ones have less control because they don’t have the IT staff,” he notes. “I’m far less confident the smaller parties are protecting these systems enough, and there could one day be a malicious incident.”
Gourley believes a dedicated hacker “could make a change just for fun,” although he believes it is unlikely that anything more serious could occur as a result of hacking into an EFB. Gourley’s advice to smaller airlines deploying EFBs is to establish configuration controls. “There are steps [airlines] can take to make them more secure, such as making sure they are backed up, having a cloud-based server and making sure they are not connected to Wi-Fi in bad ways,” he says. It is clear that the aviation industry is well aware of the cyber-security threat, and stakeholders appear to be working together to address it. “When it comes to security of an aircraft, competition does not exist. Industrial rivalry does not exist. Nothing exists apart from keeping these systems secure,” says Nouzille.
For commercial airline passengers, accessing the Internet through the in-flight connectivity system carries the same risks as logging on to public Wi-Fi services in hotels and coffee shops — with the added worry of a person in much closer proximity having a clear view of any passwords they type in.
In business aviation, however, where aircraft are often used as flying offices, there are services available that enable data going to and from the aircraft to be encrypted, or to bypass the public Internet altogether.
Florida-based Satcom Direct, which provides connectivity solutions to the business aviation sector, has developed such a system with its SD Private Network. Satcom Direct chief information officer, John Zban, likens the solution to a private network between two offices on the ground.
“If you think of a company with offices in New York and Miami, connectivity between those offices is private — it’s not on the Internet. The company will go to somebody like AT&T and ask for a 100 Mb link between the offices that no one else can access,” says Zban.
“When you use a private network model, like we’ve done, it allows a company to treat a plane like any other office. We become the provider that supplies the pipe between the offices.”
In-house security experts based at Satcom Direct’s operations center in Melbourne, Fla. provide a 24/7 monitoring service, which the company says can identify and block intrusion attempts in real time. “We can deliver traffic from a satellite constellation to a company with five aircraft without touching the Internet,” says Zban.
Commercial airlines, larger and more complex in scale, cannot so easily offer assurances to passengers that the use of in-flight Wi-Fi services will not lead to breaches in security, such as identity or credit card information theft. Here, the emphasis is very much on the individual passenger to be vigilant and adopt a common-sense approach to their online security.