-
Network Security and the New Boeing 787An Overview of the Common
Core Fiber Network and Its Security Risks
Nathanael B. Frank
-
The “Dreamliner”
• Built for:• Flexibility• Profitability• Sustainability •
Comfort
http://www.boeing.com/commercial/787/
PresenterPresentation NotesUnlike other aircraft builds, where
the focus has been power or size, in building the Dreamliner,
Boeing had different focuses:Flexibility, Profitability,
Sustainability, and Passenger Comfort. Boeing used scientific
research to create, as they put it a “super-efficient family of
commercial airplanes”. Using cutting edge materials and technology,
such as carbon composites, as opposed to aluminum, and enhanced
networking technologies; the Dreamliner family can fly farther, on
less fuel; allowing airlines to open routes that may have
previously been unprofitable, or un available. This has been a big
shift from other new aircraft such as the Airbus A380, where the
focus has been on moving more people.
-
The Common Core System• Electronics and Software Backbone•
Shared Between Avionics and
Passenger Comfort Systems
https://www.stellarnet.us/systems/fiber-optic-spectrum-analyzers/
PresenterPresentation NotesA major shift in the aviation
industry has occurred as there has been an increase in both
“fly-by-wire” glass cockpits, and more widely available and
advanced in-flight entertainment systems. \In older aircraft,
in-flight entertainment is a retrofit process. Networks, such as
“GoGo In-Flight” are added to an aircraft rather than built inNewer
aircraft such as the Boeing 787 Dreamliner, as well as the Airbus
A350 and A380 rely on an internal network to support avionics
systems, and have in-flight entertainment and wi-fi sharing the
same core.
-
System Benefits• AFDX:
• Increased Avionics Communication Speeds
• More than 100 Mb/s • Full Duplex
• Decreased Weight, Greater Efficiency • Less Cabling
https://en.wikipedia.org/wiki/Glass_cockpit
PresenterPresentation NotesKnown as Avionics Full Duplex, AFDX
is the base technology behind the 787 common core. AFDX is governed
by two standards, IEEE 802.3 and ARINC 664 Part 7. The entire IEEE
802 standard governs Ethernet communication, and 802.3 governs an
array of standards in the physical and datalink layers of wired
Ethernet networks. Previous systems relied on a single pair
connection to each of the various avionics devices and was not
“switched” This architecture resulted in Slower communications
speeds from avionics nodes as a single twisted pair can only
function as half-duplexExtra cabling, as each device required its
own twisted pair.Switching to the AFDX increases avionics data
speeds by allowing for full duplex communicationsIn the case of the
787, this is even faster, with the use of fiber optic technologyThe
system also provides significant weight reductions as less cable is
needed to implement the switched network
-
Security Risks
• Shared Network• Firewall Only Separation
• No “Air Gap”• Critical Systems Vulnerable
• Onboard Hacker• Passenger Downloaded Malware• Internet Based
Threats
PresenterPresentation NotesThere are security risks associated
with this type of shared network:The passenger entertainment side
of the network is protected from the critical systems side of the
network by only a firewall.While not necessarily “easily” defeated,
firewall systems are not infallible, meaning a passenger could
conceivably by-pas the firewall and gain access to critical
avionics systems. Experts have suggested that in order to properly
provide security to these systems, that the two sides should have
an “Air Gap” meaning that the passenger side, and the avionics side
would actually be two physically separate networks. This would
however require that the aircraft have two separated internet
connections either via air-to-ground or satellite technologies.
While this method would protect against an on-board hacker, as well
as against passenger downloaded malware, it would not protect
against internet based threats.
-
Internet Based Threats• Malware• Hacking
Affected Systems:• Navigation
• NextGen Air Traffic Control• Communication• Network Based
Controls
https://www.faa.gov/nextgen/snapshots/stories/?slide=35
PresenterPresentation NotesBy being connected to the internet,
an aircraft is immediately vulnerable to a wide variety of internet
based threats, such as malware and hackingJust like any computer,
like the ones at home and work, a networked aircraft can be
attached by viruses and hackers through its network connections.
With the rise of the FAA’s NextGen Air Traffic Control system,
there is a rise in networked communication between the ground and
aircraft. The Government Accountability Office has found that there
are serious risks associated with the NextGen communication system
that need to be addressed. One of these risks is the need to
protect aircraft avionics systems. The GAO stated in an April 2015
reports: “Modern aircraft are increasingly connected to the
Internet. This interconnectedness can potentially provide
unauthorized remote access to aircraft avionics systems.”
-
Security Solutions• Advanced Network Partitioning • Pilot
Physical Overrides• More FAA Oversight
PresenterPresentation NotesTo help reduce the threats by using
the common core network, Boeing has implemented a couple of
solutions. The first solution the Boeing is using is a software
platform that allows for a sophisticated partitioning of devices.
This software will help to bind the control of avionics devices and
their embedded software to a secure environment. The second
solution is that Boeing has included in the 787 platform, a manual
pilot override system. This system is meant to ensure that even if
an intruder were to gain access to the avionics systems, the pilots
would be able to override the electronics and maintain control of
the aircraft. Additionally, as more and more mass transportation
vehicles, like planes and trains are becoming network connected,
the GAO has directed the Federal Department of Transportation, and
consequentially the FAA, to develop cybersecurity certification
criteria to ensure that aircraft remain safe, not only from the
people on board, or the elements, but also people in
cyberspace.
-
Summary• Boeing 787 Common Core combines
avionics and passenger networks• This systems provides network
speed
and overall efficiency benefits• Combined networks carry risks
from
intrusion and malware• Boeing uses advanced software and
pilot overrides to create a safe airframe in spite of these
risks.
http://www.boeing.com/commercial/787/
PresenterPresentation NotesThe Boeing 787 is one of the world’s
most efficient airframes, opening up airlines to greater profits,
more flexibility; all while preserving passenger comfort.In
building the 787, Boeing implemented a common network, known as the
Common Core, that provides data access to safety critical avionics
systems, and passenger entertainment systems.While this network
provides efficiency benefits it creates some security risks, by
creating a potential for a hacker or malware to gain access and
control of avionics systems To combat these threats, Boeing worked
with industry leading firms to implement sophisticated software and
systems that securely separate avionics and passenger systems.
Additionally, as this trend continues, there is pressure mounting
on the Federal government to implement cybersecurity certification
standards, to protect not just aircraft but other transportation
types like rail.Despite all of the risks, Boeing has developed a
state-of-the-art, efficient, and safe airframe, that will change
the aviation horizon for years to come.
-
RefferencesAdaCore. (n.d.). Wind River Teams with AdaCore on
Safety-Critical ARINC 653 for use in Boeing 7E7. Retrieved from
http://www.adacore.com/customers/787-dreamliner-common-core-system/Boeing
Corporation. (2017). 787 Dreamliner By Design. Retrieved from
http://www.boeing.com/commercial/787/by-designGogo LLC. (n.d.).
History. Retrieved from Gogo:
https://www.gogoair.com/historyGovernment Accountabiliy Office.
(2015, 04). FAA Needs a More Comprehensive Approach to Address
Cybersecurity As Agency Transitions to NextGen. Retrieved from
http://www.gao.gov/assets/670/669627.pdfMcHale, J. (2005, 4 1).
AFDX technology to improve communications on Boeing 787. Retrieved
from Military EAerospace:
http://www.militaryaerospace.com/articles/print/volume-16/issue-4/news/afdx-technology-to-improve-communications-on-boeing-787.htmlZetter,
K. (2015, 4 15). Hackers Could Commandeer New Planes Through
Passenger Wi-Fi. Retrieved from Wired:
https://www.wired.com/2015/04/hackers-commandeer-new-planes-passenger-wi-fi/
Network Security and the New Boeing 787The “Dreamliner”The
Common Core SystemSystem BenefitsSecurity RisksInternet Based
ThreatsSecurity SolutionsSummaryRefferences
