Here's a nice shot of a Lufthansa in-flight entertainment system crashing and rebooting: <a href="http://www.flickr.com/photos/tims/3062736303/in/photostream/" rel="nofollow">http://www.flickr.com/photos/tims/3062736303/in/photostream/</a><p>It's doing a TFTP download of an image from a local server (all using martian IP addresses) and booting WinCE.<p>I find the OP story a bit hard to believe though. When I lived in Toulouse I talked to folks at Airbus about telemetry and I'm near certain that there was plenty of downlinking of data possible from the Trent 900 engines from the QUICK Technology for Engine Health Management and GE has for years provided real-time engine data download via ACARS.<p>What would be worrying is a connection on the same network between entertainment and controls of any sort. I'd like to see a better sourced story on this, though.<p>However, back when there was a flap about the Dreamliner networking the FAA gave a long response: <a href="http://cryptome.info/faa010208.htm" rel="nofollow">http://cryptome.info/faa010208.htm</a><p>In it there's the following argument from Airbus:<p>"AIRBUS Comment (b): Airbus stated that in the sentence
``The design shall prevent all inadvertent or malicious changes to, and
all adverse impacts * * *'', the wording ``shall prevent ALL'' can be
interpreted as a zero allowance. According to the commenter,
demonstration of compliance with such a requirement during the entire
life cycle of the aircraft is quite impossible because security threats
evolve very rapidly. The only possible solution to such a requirement
would be to physically segregate the Passenger Information and
Entertainment Domain from the other domains. This would mean, for
example, no shared resources like SATCOM (satellite communications),
and no network connections. Airbus maintained that such a solution is
not technically and operationally viable, saying that a minimum of
communications is always necessary."<p>That appears to allow a network connection between flight and passenger systems. Frankly, I find that idea terrifying.
This reminds me - not long ago I was on a trans-Atlantic flight and I was mindlessly poking around a touchscreeen of an in-flight entertainment system. A right-click menu poped up, a typical browser one. It had a SaveAs option, so I went on, looked around and the file system had typical *nix structure with /usr, /root, etc. Then they started the take-off prep and rebooted the while thing. So it gave me a minute or so. Once it was back up, I killed an hour trying to reproduce the menu popup, but couldn't.<p>So next time you find yourselves on the plane, bored - keep this in mind, try and reproduce :)
The user systems are usually very much different than the flight control systems. In the plane I worked on, all flight control systems ran on VxWorks and hardly used networking for anything. The majority of the communication between systems happened on a 1553 bus (<a href="http://en.wikipedia.org/wiki/MIL-STD-1553" rel="nofollow">http://en.wikipedia.org/wiki/MIL-STD-1553</a>) which had pre-defined messages on a redundant bus (as shown in the wiki article).<p>The amount of oversight a avionics system must go through when writing code for it is unfathomable for a modern software engineer. I know it sounds "cool" to hack into an avionics system from the in flight entertainment, but the likelihood of that being possible is somewhere around zero if the plane got approved by the FAA to be in the air.
<a href="https://www.infosecisland.com/blogview/16696-FACT-CHECK-SCADA-Systems-Are-Online-Now.html" rel="nofollow">https://www.infosecisland.com/blogview/16696-FACT-CHECK-SCAD...</a>
<a href="https://infosecisland.com/blogview/16770-SCADA-Air-Gaps-Do-Not-Exist.html" rel="nofollow">https://infosecisland.com/blogview/16770-SCADA-Air-Gaps-Do-N...</a><p>I tried to submit this and the followup article a while ago, but the domain was blacklisted by pg so the stories get autokilled.
I've actually seen Linux kernel panics on a lot of video systems on planes too. I suspect there are a lot of *nix os's on various parts of the planes.<p>This probably shows how much I travel though :-P
When I lived with a former Airbus engineer, he explained that these systems were running 80486 processors due to their relability (in the sense that nothing unexplainable would ever happen). That being said, he also told stories of how the complexity caused software bugs to manifest themselves that often disappeared before their causes were determined.
Connecting SCADA to a typical IP network is all the rage these days.<p>Better hope your SCADA engineers don't believe in security by obscurity or design by "That'll never happen".