Network Security and

Airline Data Networks

Presented by
Dr. John Sutherland
Who am I ?

 Network Security consultant for several

Fortune 500 (Boeing, Microsoft,
Starbucks, Deloitte & Touche, etc…)
 PhD in Computer Science

 Several Certifications: CISSP, CISM,

CBCP, CCNA, MCSE, MCT, GSEC,
etc…
Acronyms
 ADN – Aircraft Data Network
 ACARS - Aircraft Communications Addressing and
Reporting System
 AOC – Airline Operational Control or Airline Operations
Center
 LAN – Local Area Network
 RF – Radio Frequency
 COTS – Commercial off the shelf
 RTCA - Radio Technical Commission for Aeronautics
 ARINC - Aeronautical Radio, Inc.
 EUROCAE - European Organisation for Civil Aviation
Equipment (regulatory agency for certifying aviation equipment in Europe)
 What are we talking about ?

 Aircraftdata networks
 Traditionally have used radio links, future
is broadband TCP/IP based
 Wireless hacking
ACARS - An Example

 ACARS (Aircraft Communications

Addressing and Reporting System)
messages are transferred over open RF
channels in human readable forms.
 Vulnerability: Low cost easily available
equipment to view sensitive aircraft data
How to view ACARS Data

PC with free
ACARS decoder
software

Radio Scanner
Vietnam Airlines tracked via ACARS
Reg IATA/ICAO Sign Aircraft type Flightnumber last contacts (max 30)

VN-A150 VN / HVN B777-2Q8 (ER) VN0532 08. Dec 2006 18:08

VN-A141 VN / HVN B777-2Q8 (ER) VN0544 08. Dec 2006 16:14
VN-A141 VN / HVN B777-2Q8 (ER) VN0545 08. Dec 2006 06:30
VN-A150 VN / HVN B777-2Q8 (ER) VN0533 08. Dec 2006 06:13
VN-A345 VN / HVN A321-231 VN0941 08. Dec 2006 03:09
VN-A345 VN / HVN A321-231 000000 08. Dec 2006 02:47
VN-A143 VN / HVN B777-26K (ER) VN0951 08. Dec 2006 02:33
VN-A145 VN / HVN B777-26K (ER) VN0782 08. Dec 2006 02:16
VN-A144 VN / HVN B777-2K6 (ER) VN0968 07. Dec 2006 23:11
VN-A145 VN / HVN B777-26K (ER) VN0783 07. Dec 2006 22:51
VN-A345 VN / HVN A321-231 VN0940 07. Dec 2006 22:41
VN-A143 VN / HVN B777-26K (ER) VN0950 07. Dec 2006 22:35
VN-A142 VN / HVN B777-2Q8 (ER) VN0542 07. Dec 2006 15:48
VN-A142 VN / HVN B777-2Q8 (ER) VN0543 07. Dec 2006 06:20
VN-A149 VN / HVN B777-2Q8 (ER) VN0955 07. Dec 2006 03:55
VN-A144 VN / HVN B777-2K6 (ER) VN0951 07. Dec 2006 03:16
VN-A144 VN / HVN B777-2K6 (ER) VN0951 07. Dec 2006 03:16
VN-A150 VN / HVN B777-2Q8 (ER) VN0941 07. Dec 2006 03:15
VN-A145 VN / HVN B777-26K (ER) VN0780 07. Dec 2006 01:53
 Why be concerned?
 2002 wireless LAN systems
• Denver International Airport and San Jose
International Airport.
 American Airlines Inc.
• totally in the clear without any encryption
 American's curbside check-in operations
could be monitored
 Southwest's networks were issuing
information from back-end systems….

* IDG article, January 18, 2002. Wireless LANs: Trouble in the air By Bob Brewin, Dan
Verton and Jennifer Disabatino
Why be concerned? (cont.)
 Joe Weiss, Vice President ARINC
 Unprotected wireless LAN could allow access
to core airline operational systems
• flight operations, bag matching and passenger
reservations
• (Flight operations systems manage such vital functions
as refueling, maintenance and flight dispatch)
 Possible compromise: Indicate luggage
belongs to someone on the flight when it really
doesn’t
E-enabled
 Means connectivity to real-time high speed Internet and/or
airline networks to increase efficiency and speed of
communications for passengers and crew

 New generation aircraft will include a new Aircraft Data

Network design which will introduce new cyber security
vulnerabilities to the aircraft

 Cabin Network application software crew & maintenance

use 802.11 on handheld and laptops

•Airbus A380 entered production 2002 and the planned first

flight was 2006.
* Boeing 787 plans to enter production in 2007 and the
planned first flight is 2008
 ADN A rc hit ectiure
802.11 Broadband
(Gatelink or other)

ADN
gateway IFE
802.11

Aircraft 802.11
Controls
Passenger
Cabin
Crew Devices
Services
Devices

VHF/HF Radio
Maintenance
SATCOM
Laptop
Power, Weight, Volume
& Flight Certification

 Can’t put everything we want on an

airplane
 Must maximize the security features of
existing network equipment
 Power, weight & volume limitations

 Solution is integrated software solutions

prevail (firewall software, etc…)
 Wireless networking security

 On aircraft no different than Internet café or

airline club,…
 Security of customers personal laptops is
their responsibility
 Initially a legal issue that concerned airlines
 Can’t stop bad people from doing bad things
 Contributing factors, layovers, cancelled
flights, 12 hour flight to California, etc…
 Wireless anywhere…everywhere

 Wireless at 30,000 feet

 Can it interfere with flight deck controls, navigation,
other ?
 Mobile banking….from cell phones

• Bill payments
• Online purchases
 Hacking/Security is major concern
 Legal Issues related to hacking
 In 2006 about 230 Vietnamese government & private enterprises
were compromised by foreign hackers
 Recent case: the defacing of the Ministry of Education & Training
Web site , student replaced minister’s picture with his own (27 Nov
2006)
 Punishment…is it illegal?
 Within Vietnam’s borders vs. outside Vietnam
 Extradition
• Bi-lateral agreements (with 192+ countries/entities)
• Or Multi-lateral
 UK treats hackers as terrorists
• Terrorism Act 2000
Do hackers provide a benefit?

 Improving software by pointing out

security holes (if your front door was
unlocked….)
 Informationwants to be free!
 Bottom line….

….They are criminals

Why do Hackers hack?
 Economic
 Political or social agenda
• “Hactivism”
• their aim is to vandalize high-profile
computers to make a statement
 Boredom is the root of all evil
• some do it for the sheer thrill
 State sponsored – Information Warfare
Dangerous person?
 The First Internet Worm
 Robert Tappan Morris, Jr.
• Graduate student at Cornell
• Released worm onto Internet in 1988
• When caught (due to a bug in the program), he claimed he was
just testing how long it would take for a worm to travel through the
network
 Effect of worm
• Spread to 6,000 Unix computers
• Infected computers kept crashing or became unresponsive
• Took a day for fixes to be published
 Even after fixes were released, it took many system
administrators a lot of time to eradicate the worm.
 It was estimated that the cost of repair for the damage
caused by the worm at each system ranged from $200
to more than $53,000.
The First Internet Worm – results

 Impact on Morris
• Suspended from Cornell
• 3 years’ probation + 400 hours community service
• Tried under the US Computer Fraud and Abuse Act
• Had $150,000 in legal fees and fines
• Later finished his PhD in CS and is now associate
professor at MIT

 He is the son of Robert Morris, the former chief

scientist at the National Computer Security Center, a
division of the National Security Agency (NSA).
Conclusion
 Next generation of airplanes will utilize
TCP/IP based networks
 Security is a concern for airlines as well as all
organizations that utilize e-commerce
 International organizations need to cooperate
ARINC, RTCA, EUROCAE…for airlines
 Cooperation needed between ASEAN,
European Union, United States, etc…
 Education of users