When it comes to systems that rely on computers and communications, we describe security as the prevention of intentional and, to a large extent, unintentional misuse that could compromise desired system behavior. In the context of existing safety, development, and certification, this study provides a practical understanding of how cyber security effects airplane computer system architecture. There's more to aviation than planes. It is backed up by the necessary ground infrastructure and equipment, as well as a large-scale computer network. Operations using computer networks to disrupt, deny, degrade, or destroy information housed in computers and computer networks, or the machines and networks themselves, are known as virtual attacks against the computer network. This paper discusses some of the most important security concerns that occur when it comes to aviation safety and reliability. We believe that many of the past accidents may have been perpetrated deliberately, and that some of them could be replicated maliciously now. We begin by looking at common security weaknesses and threats in aviation and its supporting infrastructure, as well as recalling some prior occurrences. Then we analyze what catastrophes are probable, if not inevitable, and what we might do in response.
| Published in | Advances in Networks (Volume 10, Issue 1) |
| DOI | 10.11648/j.net.20221001.12 |
| Page(s) | 7-14 |
| Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
| Copyright |
Copyright © The Author(s), 2024. Published by Science Publishing Group |
Aviation, Information Security, Cyber Attack
| [1] | C. Royalty, “Cyber Security for Aeronautical Networked Platforms - What does it mean to me in commercial aviation design?,” 2012, doi: 10.2514/6.2012-2417. |
| [2] | S. Tomáš, K. Ivan, and S. Stanislav, “Present and potential security threats posed to civil aviation,” Incas Bull., vol. 4, no. 2, pp. 169–175, 2012, doi: 10.13111/2066-8201.2012.4.2.17. |
| [3] | M. L. Olive, R. T. Oishi, and S. Arentz, “Commercial aircraft information security-an overview of ARINC report 811,” AIAA/IEEE Digit. Avion. Syst. Conf. - Proc., pp. 1–12, 2006, doi: 10.1109/DASC.2006.313761. |
| [4] | C. A. Wargo and C. Dhas, “Security consideratiolis for the e-enabled aircraft,” IEEE Aerosp. Conf. Proc., vol. 4, pp. 1533–1550, 2003, doi: 10.1109/AERO.2003.1235083. |
| [5] | N. Thanthry and R. Pendse, “Aviation data networks: Security issues and network architecture,” IEEE Aerosp. Electron. Syst. Mag., vol. 20, no. 6, pp. 3–8, 2005, doi: 10.1109/MAES.2005.1453803. |
| [6] | R. Robinson, M. Li, and K. Sampigethaya, “Electronic Distribution of Airplane Software and the Impact of Information Security on Airplane Safety ƒ A irplane A ssets D istribution S ystem ƒ Assessment according to the Common Criteria ƒ Conclusion,” no. September, pp. 1–18, 2007. |
| [7] | S. K. P. Alampalayam and S. Srinivasan, “Intrusion Recovery Framework for Tactical Mobile Ad hoc Networks Intrusion Recovery Framework for Tactical Mobile Ad hoc Networks,” no. May, 2014. |
| [8] | S. A. Kumar, “Classification and Review of Security Schemes in Mobile Computing,” Wirel. Sens. Netw., vol. 02, no. 06, pp. 419–440, 2010, doi: 10.4236/wsn.2010.26054. |
| [9] | S. a Lintelman, K. Sampigethaya, M. Li, R. Poovendran, and R. V Robinson, “High Assurance Aerospace CPS & Implications for the Automotive Industry,” Proc. Natl. Work. High Confid. Automotice Cyber-Physical Syst., 2008. |
| [10] | R. Poovendran and D. Von Oheimb, “Network-Enabled Commercial Airplane Operations,” pp. 1–7. |
| [11] | “FAA: Slammer didn’t hurt us, but other attacks coming | Network World.” https://www.networkworld.com/article/2339600/faa--slammer-didn-t-hurt-us--but-other-attacks-coming.html (accessed Apr. 16, 2022). |
| [12] | “US air traffic faces ‘serious harm’ from cyber attackers • The Register.” https://www.theregister.com/2009/05/07/air_traffic_cyber_attack/ (accessed Apr. 16, 2022). |
| [13] | “Report: Hackers broke into FAA air traffic control systems - CNET.” https://www.cnet.com/news/privacy/report-hackers-broke-into-faa-air-traffic-control-systems/ (accessed Apr. 16, 2022). |
| [14] | “Istanbul Ataturk International AirportSecurity Affairs.” https://securityaffairs.co/wordpress/16721/hacking/istanbul-ataturk-international-airport-targeted-by-cyber-attack.html (accessed Apr. 16, 2022). |
| [15] | “Phishing Scam Targeted 75 US Airports.” https://www.informationweek.com/cybersecurity/phishing-scam-targeted-75-us-airports (accessed Apr. 16, 2022). |
| [16] | “Attack On LOT Polish Airline Grounds 10 Flights.” https://www.forbes.com/sites/thomasbrewster/2015/06/22/lot-airline-hacked/?sh=403709d0124e (accessed Apr. 16, 2022). |
| [17] | “Main Cyber-Security Challenges in Aviation.” https://www.aerotime.aero/articles/25150-main-cyber-security-challenges-in-aviation (accessed Apr. 16, 2022). |
| [18] | “Ukraine says to review cyber defenses after airport targeted from Russia | Reuters.” https://www.reuters.com/article/us-ukraine-cybersecurity-malware-idUSKCN0UW0R0 (accessed Apr. 16, 2022). |
| [19] | “Cathay Pacific Cyber Attack Is World’s Biggest Airline Data Breach.” https://www.insurancejournal.com/news/international/2018/10/26/505699.htm (accessed Apr. 16, 2022). |
| [20] | “British Airways Says ‘Sophisicated’ Hacker Stole Data on 380,000 Customers.” https://www.insurancejournal.com/news/international/2018/09/10/500566.htm (accessed Apr. 16, 2022). |
| [21] | “Delta, Sears Report Data Breach by Service Provider.” https://www.insurancejournal.com/news/national/2018/04/05/485440.htm (accessed Apr. 16, 2022). |
| [22] | “Brit airport pulls flight info system offline after attack by ‘online crims’ • The Register.” https://www.theregister.com/2018/09/17/bristol_airport_cyber_attack/ (accessed Apr. 16, 2022). |
| [23] | “Air Canada suffers major app data breach of 20,000 customers - Digital Journal.” https://www.digitaljournal.com/business/air-canada-in-major-app-data-breach/article/530763 (accessed Apr. 16, 2022). |
| [24] | “Boeing hit by WannaCry virus, but says attack caused little damage | The Seattle Times.” https://www.seattletimes.com/business/boeing-aerospace/boeing-hit-by-wannacry-virus-fears-it-could-cripple-some-jet-production/ (accessed Apr. 16, 2022). |
| [25] | “Airbus Statement on Cyber Incident | Airbus.” https://www.airbus.com/en/newsroom/press-releases/2019-01-airbus-statement-on-cyber-incident (accessed Apr. 16, 2022). |
| [26] | “Ransomware attack on Albany Airport on Christmas 2019 - Cybersecurity Insiders.” https://www.cybersecurity-insiders.com/ransomware-attack-on-albany-airport-on-christmas-2019/ (accessed Apr. 16, 2022). |
| [27] | “Air NZ faces data breach after staff accounts phished.” https://securitybrief.co.nz/story/air-nz-faces-data-breach-after-staff-accounts-phished (accessed Apr. 16, 2022). |
| [28] | “DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla | Threatpost.” https://threatpost.com/doppelpaymer-ransomware-used-to-steal-data-from-supplier-to-spacex-tesla/153393/ (accessed Apr. 16, 2022). |
| [29] | “Ransomware attack hits ST Engineering’s USA aerospace unit | News | Flight Global.” https://www.flightglobal.com/aerospace/ransomware-attack-hits-st-engineerings-usa-aerospace-unit/138722.article (accessed Apr. 16, 2022). |
| [30] | “Airline software super-bug: Flight loads miscalculated because women using ‘Miss’ were treated as children • The Register.” https://www.theregister.com/2021/04/08/tui_software_mistake/ (accessed Apr. 16, 2022). |
| [31] | “Chris Roberts who ‘hacked a commercial flight’ also hacked the ISS | Daily Mail Online.” https://www.dailymail.co.uk/news/article-3090288/Security-expert-admitted-FBI-took-control-commercial-flight-bragged-hacker-convention-2012-playing-International-Space-Station-getting-yelled-NASA.html (accessed Apr. 16, 2022). |
| [32] | “Air France plane carrying 228 people disappears in storm over the Atlantic.” https://www.smh.com.au/world/air-france-plane-carrying-228-people-disappears-in-storm-over-the-atlantic-20090601-bsua.html (accessed Apr. 16, 2022). |
| [33] | Y. G. Sun, L. Wang, and W. X. Chen, “A sensor of aero-engine real-time fault detection system based on ARM9,” Adv. Mater. Res., vol. 591–593, pp. 1470–1474, 2012, doi: 10.4028/www.scientific.net/AMR.591-593.1470. |
| [34] | T. Humphreys, “Statement on the vulnerability of civil unmanned aerial vehicles and other systems to civil GPS spoofing,” Univ. Texas Austin (July 18, 2012), 2012. |
| [35] | S. A. P. Kumar and B. Xu, “Vulnerability Assessment for Security in Aviation Cyber-Physical Systems,” 2017, doi: 10.1109/CSCloud.2017.17. |
| [36] | Conventions, “Aviation Security : The Role of IFALPA and its Member Associations,” no. December, pp. 1–2, 2021. |
| [37] | “ICAO Standards | IHS Markit.” https://ihsmarkit.com/products/icao-standards.html (accessed Apr. 16, 2022). |
APA Style
Eman Ali Metwally, Haytham Tarek Mohammed. (2022). Hacking an Aircraft: Hacking the In-flight Entertainment System. Advances in Networks, 10(1), 7-14. https://doi.org/10.11648/j.net.20221001.12
ACS Style
Eman Ali Metwally; Haytham Tarek Mohammed. Hacking an Aircraft: Hacking the In-flight Entertainment System. Adv. Netw. 2022, 10(1), 7-14. doi: 10.11648/j.net.20221001.12
Share This Article
Twitter
Linked In
Facebook
Copy
Download@article{10.11648/j.net.20221001.12,
author = {Eman Ali Metwally and Haytham Tarek Mohammed},
title = {Hacking an Aircraft: Hacking the In-flight Entertainment System},
journal = {Advances in Networks},
volume = {10},
number = {1},
pages = {7-14},
doi = {10.11648/j.net.20221001.12},
url = {https://doi.org/10.11648/j.net.20221001.12},
eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.net.20221001.12},
abstract = {When it comes to systems that rely on computers and communications, we describe security as the prevention of intentional and, to a large extent, unintentional misuse that could compromise desired system behavior. In the context of existing safety, development, and certification, this study provides a practical understanding of how cyber security effects airplane computer system architecture. There's more to aviation than planes. It is backed up by the necessary ground infrastructure and equipment, as well as a large-scale computer network. Operations using computer networks to disrupt, deny, degrade, or destroy information housed in computers and computer networks, or the machines and networks themselves, are known as virtual attacks against the computer network. This paper discusses some of the most important security concerns that occur when it comes to aviation safety and reliability. We believe that many of the past accidents may have been perpetrated deliberately, and that some of them could be replicated maliciously now. We begin by looking at common security weaknesses and threats in aviation and its supporting infrastructure, as well as recalling some prior occurrences. Then we analyze what catastrophes are probable, if not inevitable, and what we might do in response.},
year = {2022}
}
TY - JOUR T1 - Hacking an Aircraft: Hacking the In-flight Entertainment System AU - Eman Ali Metwally AU - Haytham Tarek Mohammed Y1 - 2022/06/14 PY - 2022 N1 - https://doi.org/10.11648/j.net.20221001.12 DO - 10.11648/j.net.20221001.12 T2 - Advances in Networks JF - Advances in Networks JO - Advances in Networks SP - 7 EP - 14 PB - Science Publishing Group SN - 2326-9782 UR - https://doi.org/10.11648/j.net.20221001.12 AB - When it comes to systems that rely on computers and communications, we describe security as the prevention of intentional and, to a large extent, unintentional misuse that could compromise desired system behavior. In the context of existing safety, development, and certification, this study provides a practical understanding of how cyber security effects airplane computer system architecture. There's more to aviation than planes. It is backed up by the necessary ground infrastructure and equipment, as well as a large-scale computer network. Operations using computer networks to disrupt, deny, degrade, or destroy information housed in computers and computer networks, or the machines and networks themselves, are known as virtual attacks against the computer network. This paper discusses some of the most important security concerns that occur when it comes to aviation safety and reliability. We believe that many of the past accidents may have been perpetrated deliberately, and that some of them could be replicated maliciously now. We begin by looking at common security weaknesses and threats in aviation and its supporting infrastructure, as well as recalling some prior occurrences. Then we analyze what catastrophes are probable, if not inevitable, and what we might do in response. VL - 10 IS - 1 ER -
Information
Email: