Why hackers can’t take over aircraft controls (not yet)

by | May 20, 2015

In the last 24 hours, there have been numerous reports appearing in the international press, about a certain hacker who took over an airplane’s controls, right from his seat. The said hacker plugged his laptop into the Ethernet port of the in-flight entertainment system, and loaded up special software that enabled him to control of the aircraft’s engines, causing the plane to climb or “fly sideways”.

And you can read the full story here.

There has been much speculation about whether these reports are true or not.

I’ve researched this a bit and also talked to two experts. Both say this is not possible for the following reasons:

1. In-flight entertainment systems (IFE), flight navigation systems, Flight Management System (FMS), and aircraft controls are disparate systems — not interconnected through common hardware.

2. IFE  systems are standalone systems manufactured by companies like Panasonic Avionics Corporation, Thales Group, Zodiac, Lumexis, Gogo, On Air, Row 44, Rockwell Collins, and LiveTV. FMS and the autopilot are manufactured by Sperry Corporation and others (who do not make IFE systems).

3. When IFE systems are installed on aircraft, they must be certified by the FAA and pass all of the applicable requirements found in the Federal Aviation Regulations. There are stringent tests conducted to certify these systems.

4. IFE integrates with the electrical systems in the aircraft, for its source of power.

5. Even though aircraft are now “fly-by-wire” with instructions issued from the cockpit to move control surfaces or control engines, there is still an element of human interaction. The pilot must either fly the aircraft in manual mode or program the FMS and autopilot system. So the bone of contention is really about hacking into the FMS or autopilot. It would be impossible to do so wirelessly or remotely. The Ethernet and Wi-Fi networks in the cabin are not linked to systems in the cockpit.

6. Each engine is controlled by a throttle lever in the cockpit, which is either moved manually by the pilot or automatically, after receiving instructions from the pre-programmed FMS and autopilot. It’s not possible to do that via an  in-flight entertainment system.

So the issue has been largely blown out of context and, as usual, over-hyped and sensationalized by the media.

The lesson to learn from this episode: Mission critical systems should be separated from public networks. The Internet of Things, in this context, needs to have an exclusive, impervious networks.

——————————————————————————————————————————-

 

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The Rise of AI Agents in Business

AI agents are revolutionizing how businesses operate, innovate, and engage with customers while reshaping workforce dynamics and decision-making processes.

The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles