Adversaries in our airspace [Commentary]


Air Traffic Controller, Robert Moreland, works in the control tower at Opa-locka airport on March 4, 2013 in Opa-locka, Florida. Due to sequestration cuts, small airports such as Opa-locka, which is a popular spot for corporate jets to land, will close its control tower in April to save federal transportation dollars under the federal spending cuts that went in to affect last week. Even though the control tower will close, planes will still be able to use the airport just without the help from the control tower. (Photo by Joe Raedle/Getty Images)

As attack surfaces for cyber adversaries expand with the internet of things, one critical domain that must not be overlooked is above our heads. Cyber threat vectors in aviation vary widely from passengers and crew to ground and flight control, to maintenance and the aircraft manufacturing supply chain. The consequences of a compromised aircraft could be problematic for commercial or military platforms.

Many of the electronics systems on aircraft were designed based on 1970s’ technology. Those systems stand strong today in terms of reliability and signal integrity, but do not incorporate cyber defenses because there wasn’t a need at that time. However, today a plane without cyber defenses could be just a few mouse clicks away from a bad actor.

To provide some context on the scope of the attack surface, a wide-body airliner could have as many as 100 million lines of code in its avionics systems. And it could only take one vulnerable line of code for an exploit to disrupt operations.

Introduction of malware through the supply chain or via other methods could compromise platform functionality. Exploits could deceive the pilot into thinking the aircraft was doing something that it shouldn’t, such as losing fuel or having an engine fire.

Pilots need to be able to trust the information being relayed to them. During operations, a cyberattack on an aircraft could deceive pilots into not trusting their instruments and aircraft. When a pilot can’t trust his or her aircraft, the mission is at risk of failure.

Like a radar early warning receiver that alerts the pilot of a potential missile threat, pilots also need to know if their data may have been compromised. A cyber warning system could detect if a component aboard is displaying anomalous behaviors or suddenly appears when it shouldn’t and then issue an alert. When an adversary missile locks onto an aircraft, the pilot gets alerted so he or she can take evasive action. Similarly, a cyber warning system would alert the aircrew if the aircraft were under cyberattack and performing actions it shouldn’t — allowing for corrective action to then be taken.

An effective system must look for and detect unauthorized intrusions among traffic that crosses through the avionics bus — the communication system that controls, monitors and transfers data between different electronic components in the aircraft — and remote terminals, which could be any device connected to the buses, such as annunciators, flaps, lights and landing gear.

This past year the distributed denial of service cyberattacks against the internet provider Dyn blocked major websites from users across Europe and North America. While this attack was an inconvenience for users, a similar attack on an aircraft could be much more damaging.

The threat of an attack such as that on Dyn could be present if the avionics bus is not cyber hardened. The first step toward reducing this threat is conducting a system assessment to find the vulnerabilities, then identify and prioritize the risks and begin to apply system resiliency.

New aviation threats require a new approach to the security of the airspace — one that starts by providing a clear assessment of the risk and thus gives the pilot confidence that he or she, alone, has control of the aircraft. The pilot can then make the most informed decisions to ensure the safety of the airspace, passengers and the mission. Ensuring our aviation platforms are secured against cyberattack is a matter of modern national security. It is a responsibility that demands our attention today.

Bill Leigher is a retired U.S. Navy Rear Admiral and director of Raytheon’s government cybersecurity solutions business.