As we survey the future of aerospace in the cyber threat world in 2019 and beyond, the industry is forced to come to terms with a grim reality: cyber threats against military and civilian aircraft are escalating across an expanding attack surface with no sign of letting up. From the U.S. Department of Homeland Security (DHS) to agencies and think tanks around the world, there is a growing murmur that it is not a question of “if” but of “when” there will be a major catastrophic event linked to cyber. Whether or not the direst of these predictions come to pass, it is clear that we have our work cut out for us in the mission to keep our aircraft safe and secure.
In the face of this sobering scenario, we can offer a glimmer of optimism. Performance Software’s JETS emulation and simulation platform is poised to lead the industry into a new era of hardened aircraft security profiles. In this post we discuss today’s threat landscape and how our technology can be implemented to battle cyber threats on two fronts – fully simulated environments that facilitate robust testing far beyond what can be accomplished on live aircraft, and virtualization techniques that run underneath existing systems to provide a new layer of powerful cyber protection in real time.
Many Actors, Many Threats
The aviation ecosystem faces a complex range of threats from terrorist organizations, criminals, and nation-states. These bad actors recognize the economic and military implications of a major disruption to the aviation system. Sadly, as history has shown time and again, bad actors also recognize the potentially profound effect on the public psyche of a catastrophic aircraft failure.
Hackers continue to become more sophisticated in their attacks. They learn from their successes as well as their mistakes and have amassed an arsenal of tools and techniques based on experience that now stretches back several decades. They have learned how to probe even the most secure systems for the slightest weakness and to fully exploit those weaknesses. A list of users in an unencrypted spreadsheet or a technical specification left in a forgotten folder on an unsecured server can open an attack vector that no one imagined.
As aerospace moves inexorably to an always-on, fully connected state, the vulnerabilities multiply accordingly. We’ve been aware of the significant vulnerability of aircraft to direct cyber-attacks for several years now, with some highly visible successful penetrations in tests. Perhaps the best known of these tests was the 2016 DHS remote penetration of a parked commercial aircraft. The details of the event are mostly classified, and the validity of the penetration questioned by some, but the story is repeated frequently and prominently in news reporting and blog posts like this one.
With a service life of 20 to 30 years or more, aircraft in mid to later life present as a range of interwoven generations of technology. Many of the subsystems were designed and implemented without any consideration for the contemporary threat environment. In a situation frighteningly similar to that faced by power plants, factories, and other industrial installations, the security of subsystems has relied in part on the so-called airgap – the physical isolation of critical systems from other systems and interfaces.
While the most modern platforms were designed for cybersecurity from the ground up, legacy aircraft will have seen multiple cycles of upgrades, many of which bridge the various subsystems. In the course of these upgrades we’ve seen a steady evolution from point-to-point connectivity solutions to networked connectivity, and along with that evolution comes increased vulnerability to same types of compromise that other networked systems face, such as malware and unauthorized access.
In addition to hacks that directly compromise the aircraft, there are peripheral attacks that disrupt operations with potentially dire consequences. Reliance on connectivity to ground and satellite systems opens the door to delivering erroneous information through those systems or cutting off communications entirely though denial-of-service and similar hacks. GPS jamming and spoofing are among the most common attacks on aircraft. Even non-lethal mischief, such as triggering an alarm or producing an incorrect system readout, will erode pilot confidence in the systems and create confusion in the cockpit.
To learn more about how Performance can help with cyber threats, contact Performance Software today.