Air-Bus Hijacking: Silently Taking over Avionics Systems

To be honest this is both unsurprising and IMO very irrelevant.<p>Spoofing a CAN or ARINC429 bus requires physical access. At that point an attacker has access to the physical systems of the plane, at which point the plane is compromised anyway. What he uses to take over the plane is essentially arbitrary and there is absolutely nothing that would give any protection.

From the abstract:<p>&gt; <i>This paper investigates cyber-physical attacks on avionics data buses, specifically focusing on the ARINC 429 protocol. The objective is to demonstrate how message injection, modification, and deletion attacks can be executed, enabling an attacker to gain full control over the transmitted data.</i><p>I wish that vehicular systems all had air-gap level separation of messages, rendering it physically impossible to disrupt messages to critical systems like flight controls. I suppose that&#x27;s a naive perspective, but in the long run it&#x27;s hard to believe that we won&#x27;t have to resort to provably correct systems to thwart attacks.<p>&gt; <i>To accomplish this, we propose a method that involves modifying messages on the data bus without segmenting it.</i><p>Can we really live with avionics platforms as a setting for the same kind of perpetual arms race against attackers that we have for general operating systems?

The observation that ARINC 429 can be tapped, and that an active wiretap can alter data on the bus is of little surprise. The technological challenge is not high, the bus is comparable to a serialport at ~115200 baud. Considering that the technology surfaced in the 1970s, it is of no surprise that physical access restriction is the only means of security.<p>More interesting IMHO would be what can be done to accelerate the adoption of new technologies (especially w&#x2F;r&#x2F;t cryptography) in avionics. This is more than anything a cultural problem; How to convince regulative bodies, how to satisfy processes, how to re-balance the proven-in-use argument (where stuff gets more favorable safety assessments when it has been used long enough) vs crypto-agility (where the same thing from today just tomorrow becomes insecure without changing itself, because of some external discovery).<p>The technology is there, but the aviation community is not <i>yet</i>. Another nice read in this domain is &quot;Economy Class Crypto: Exploring Weak Cipher: Usage in Avionic Communications via ACARS&quot;[1, 2]. I only say mono-alphabetic substitution cipher.<p>An interesting connection of Blockchain-tech, safety and security can be found in &quot;Verifiable Computing in Avionics for Assuring Computer-Integrity without Replication&quot; [3]. Here the authors leverages zero-knowledge proofs to prove to a downstream actuator that its commands are indeed correct results yielded by the application of the appropriate control law on the provided sensor inputs. However, this work is probably at least a decade away from being applicable in actual certified aircraft.<p>[1] <a href="https:&#x2F;&#x2F;link.springer.com&#x2F;chapter&#x2F;10.1007&#x2F;978-3-319-70972-7_15" rel="nofollow">https:&#x2F;&#x2F;link.springer.com&#x2F;chapter&#x2F;10.1007&#x2F;978-3-319-70972-7_...</a> [2] <a href="https:&#x2F;&#x2F;www.cs.ox.ac.uk&#x2F;files&#x2F;9693&#x2F;fc-paper.pdf" rel="nofollow">https:&#x2F;&#x2F;www.cs.ox.ac.uk&#x2F;files&#x2F;9693&#x2F;fc-paper.pdf</a> [3] <a href="https:&#x2F;&#x2F;publ.sec.uni-stuttgart.de&#x2F;reinhartluettighuberliedtkeannighoefer-dasc-2023.pdf" rel="nofollow">https:&#x2F;&#x2F;publ.sec.uni-stuttgart.de&#x2F;reinhartluettighuberliedtk...</a>