back to article That was some of the best flying I've seen to date, right up to the part where you got hacked

US defence firm Raytheon is punting a security suite that apparently promises to harden military aircraft against "cyber anomalies". The company is reportedly developing "a new warning system that tells pilots when their planes are being hacked". "Basically, we're trying to give the pilot the information about what's …

  1. fidodogbreath Silver badge

    Kasper Sky Anti-Virus?

    1. GnuTzu Silver badge

      Snort for planes, but I can't think of a pun for that..

      1. Maventi

        Nosedive?

      2. Mahhn

        Snort to keep your pigs flying?

  2. Doctor Syntax Silver badge

    Easier solution - don't go onto the internet whilst flying.

  3. Brian Miller

    What, no live demo?

    OK, so they crashed a virtual helicopter. Would they care to do that as a live demo?

    For a live hack of an airliner in flight, it should demonstrate something like at least turning the airliner around, not checking the status of the coffee makers.

  4. Tomato42 Silver badge

    serial bus?

    I'm sorry, what's wrong with a serial bus?

    USB has it in the name, PCIe also uses one, it just runs multiple buses in parallel for more demanding applications

    it's parallel interfaces that are going the way of Dodo: LPT, IDE, Ultra-320 SCSI

    1. John Robson Silver badge

      Re: serial bus?

      Multiple busses in parallel - isn't that the definition of a parallel bus?

      1. boltar Silver badge

        Re: serial bus?

        No. A parallel bus sends the bits of a data byte/words in parallel at the same time over seperate physical wires in the connector. Which sounds like a great idea and it is - up to a certain length. Then slight differences in the makeup of each individual wire means that the bit signals all travel at slightly different speeds start getting out of sync with each other and after only a few 10s of metres it stops working altogether. Which is why serial buses took over.

        1. John Robson Silver badge

          Re: serial bus?

          It does raise the question - at what point do you consider things to be parallel.

          Obviously if the various lanes are entirely independent (supplying different cards etc) then they're not a parallel bus.

          but I assume that GFX cards still split their data down the lanes - they won't do it bit-wise, but does byte-wise not count as parallel? What about MBwise...

          Maybe the definition should be based on the result of one path failing - I imagine a GFX card would cope with 4 rather than 8 lanes, even if can't transition live.

          A printer cable with half the 'lanes' gone would of course be useless...

    2. boltar Silver badge

      USB isn't really a serial bus

      It has a lot more in common with twisted pair ethernet than it does with RS232 in that data is sent as packets over a wire and these paclkets are encoded/decoded by hardware into frame buffers before being pushed further up the stack. Its a lot more complex than just setting the DTR line to +/-5V and reading raw binary data off the wire as per old style serial buses and there's probably some hidden attack vectors in various USB implementations if anyone bothered to look (and I'm sure someone has);.

      1. Anonymous Coward
        Anonymous Coward

        Re: USB isn't really a serial bus

        USB literally stands for Universal SERIAL Bus.. It's literally in it's name that data is sent one bit at a time down the wire - the definition of a serial data bus.

        That the data is encoded deferentially is an implementation detail for safe transmission rather than changing that the bus is serial vs parallel.

        If it were parallel then multiple bits of the same byte would be sent over the wire at the same time by the same clock signal - but they aren't.

  5. Anonymous Coward
    Anonymous Coward

    MIL-STD-1553 spec serial data bus. ... [implausibly in] ... the 1950s vintage Hawker Hunter.

    Hang on, I'll just ask my Dad - on the off-chance he might remember. He used to service them in the early '60s...

    .

    ... mind you, wiki has them "Retired from military service 2014" (!), so probably you need a more recent aircraft engineer :-)

    1. Malcolm Weir

      Re: MIL-STD-1553 spec serial data bus. ... [implausibly in] ... the 1950s vintage Hawker Hunter.

      It's not even vaguely implausible! Sorry, El Reg, you're out of your depth here!

      The Hunter T.8M had a Blue Fox RADAR. The Blue Fox had 1553. Therefore the Hunter T.8M had 1553!

      Also... Singapore upgraded their Hunters in the late 1970s. The upgraded Hunters could carry AIM-9 Sidewinders, and given that timescale, the missiles would have been AIM-9L variants, which use 1553 to connect to the host aircraft (e.g. to report status back, initiate self-test, light the blue touch paper...) Therefore Singapore's upgrades in the late 70's would have included MIL-STD-1553.

      (And why would you not? 1553 is a very simple, 1mbit/sec fault-resilient bus running over relatively cheap cabling. Easier to use that -- with it's plethora of support and development tools -- than try to invent your own!)

    2. My other car WAS an IAV Stryker

      Re: MIL-STD-1553 spec serial data bus. ... [implausibly in] ... the 1950s vintage Hawker Hunter.

      On the ground, the M1 Abrams has 1553 bus. The M2/M3 Bradley probably does also.

      Stryker and most more-recent mobile ground platforms have eschewed it for Ethernet and CAN (SAE J1939 compatible).

    3. Augie

      Re: MIL-STD-1553 spec serial data bus. ... [implausibly in] ... the 1950s vintage Hawker Hunter.

      Suspect the Hunter T.8M

      T.8 fitted with the Sea Harrier's Blue Fox radar, used by the Royal Navy to train Sea Harrier pilots.

  6. spold Silver badge
    Pirate

    Sky blue screen of death?

    The title is self explanatory really.

    Icon - prepare for boarding? / Arrrrrrrrgh!

  7. Cederic Silver badge

    love the bastardised quote

    Ah, sweet memories. A montage of hand gestures, working men, hardware and lustful flying weapons of war, peeking through steam backlit by a setting sun, the monochrome a raw sensuous orange with dark sillhouettes and a gentle guitar crescendo that built the pace, the tension, the raw power about to take to the skies, released with a switch to joyful fast paced lyrics and.. the rest of the film wasn't bad either.

  8. ecarats
    Alert

    What a load of b*ll*cks

    Their marketing spiel is just that - pure marketing. The whole 'cyber anomaly' bit is one big clue.

    And even allowing for the unlikely scenario of their demo what exactly are they proposing? Message filtering for incoming data transmissions? Already happens, mostly by just binning everything not expected & forcing strict formatting. Protecting the RTOS running in a box? Can already be done, not really needed most of the time. Filtering the databus? If it's an expected message with spoofed data you won't know the difference - plus it may well just clash with the 'real' data from the proper source if you're just injecting - and if it's an unexpected message it'll just be binned. Just like data that deviates too much is usually just binned - more often than not to get unusual things successfully injected you have to start forcing values straight into process memory.

    I can sort of see why they went with 1553/429 as a target as it's a simple old thing which is why it drifted of to the peripheries. Try that stuff with the newer things like AFDX and you'd trip up much more quickly.

    That's not to say you can't make avionics dance to any tune you want with knowledge and effort but it isn't trivial, it's extremely specialist as a skill and it certainly isn't something you can do as a remote 'hack'. Even with physical access you'll usually only win by rehosting and poking things in ways the original platform just can't do.

    Though I'm sure none of this will get in the way of selling something unnecessary that doesn't really do anything useful. It works well enough for the PC & phones markets so they may as well try the same game for aircraft.

    1. Anonymous Coward
      Anonymous Coward

      Re: What a load of b*ll*cks

      If you could get a bad actor to physically insert a node onto the AFDX bus. That node then learns the communications protocol, MAC addresses, etc. Then you might be able to packet inject some bad data.

      But, the AFDX switch should spot the change in network topology using its TDR cable length/impedance checks and flag that up as an error. And secondly aircraft communications are usually very time bounded, so you would have to mask the original signal with your own, at transmission time and without collision detection systems noticing it.

      1553 is a little easier, but even then it's non-trivial, and probably at state-sponsored level of ability.

      Much the easiest attack vector is a missile if you just want rid of a target.

      Dodgy (manipulated physically or in the signal conditioning) sensors in the after sales market would be the easiest long game if you want deniable responsibility and didn't mind a scatter-gun approach. For example, implementing slightly bad data on a set time/date e.g. all speed indicators showing a speed reducing by 1 knot per second starting at 12:00 on 10/10/2025 (if the majority of the after-sales sensors agree, the systems will have to accept it as real data.) As always, it's those who would cut corners who would bring the whole system down!

      [You can freely have that as the plot to your next novel!]

      1. My other car WAS an IAV Stryker
        Holmes

        Re: What a load of b*ll*cks

        Article: "The firm also says the system can be modded for automotive-grade CAN buses.

        "Another marketing feature mentions a highly specific use case: 'Operational threats that can come either from an enemy or from a US soldier inadvertently causing a cyber intrusion to propagate by plugging his malware-infected cell phone into a USB port on a Stryker vehicle, for example.' "

        First off, CAN is much more dangerous than 1553. I should know, but I can't comment further.

        Second, Stryker's USB is not a big issue. But I can't comment further on that either.

        Third, Stryker uses CAN bus for various things. But I certainly can't comment any further on that.

        But given all that I know (and can't talk about), I envisioned that a CAN bus monitoring system to weed out unintended traffic would be a cyber necessity for future mobile ground platforms. But I can't tell you more about that either.

        (Of course, if you wanted to be crude and already have physical access, just start cutting wires instead. Power, CAN, Ethernet, everything = dead tank. Knowing the best cables to snip may be restricted but not classified.)

  9. Anonymous Coward
    Anonymous Coward

    I thought you could wreck aircraft systems by switching on a mobile phone out of flight mode...

    1. John Robson Silver badge

      Meh - knowing just how sensitive aircraft are(n't) I listened to end of the rubgy last week - took until we were at about 1-2k feet (guesstimate from looking out of window)

      Then I dropped the mobile signal (because at speed and altitude your device will spend more battery and time than is healthy looking for appropriate towers).

      Heck a few months ago I completely forgot that my tablet connection was online, and it was just sat in an overhead bin for the whole flight...

      OTOH I do appreciate the experience of not having "I can't hear you I'm on the plane" being shouted at some poor soul who probably could hear the person speaking quite well, until they got deafened.

      Shoudl we ban such connections on trains as well?

      I think the data connection is too useful to lose there, but what do I know.

    2. Crazy Operations Guy Silver badge

      Older analog cell phones, if poorly made or degraded from use, can bleed energy in the radio frequencies used for various Nav / Comm functions. Not so much of a problem now that analog cellular phones are extremely rare and aircraft are moving away from VHF for navigation.

    3. swm Silver badge

      The real problem with cell phones on aircraft is that they find multiple cell towers which would overload the cell system. Cell phones don't really bother the aircraft systems but they sure bother the multiple ground stations they communicate with.

  10. Pascal Monett Silver badge
    WTF?

    "one of the heli's various wireless receivers"

    What the hell is a combat helicopter doing with wireless receivers ? Even if I can accept that they may have a use when on base, shouldn't they be shut down when in flight ? Isn't that something that could enable their detection ?

    Even if not, I highly doubt that a combat helicopter is broadcasting anything that a wireless receiver could have a use for. There is undoubtedly a (shielded) wired data bus between all elements that need it. Any wireless receiver should be shut down when in flight, that would end the problem.

    1. Jimmy2Cows Silver badge

      Re: "one of the heli's various wireless receivers"

      No expert but it's probably some "connected battlefield" stuff, sharing telemetry, radar contacts, troop/vehicle movements etc. to and from other theatre assets. Plus helo's aren't exactly stealthy; audible and thermal emissions are really hard to mask, detection based on RF emmissions seems low on the list of detactability concerns.

    2. Malcolm Weir

      Re: "one of the heli's various wireless receivers"

      Late comment: what they're doing is maintenance reporting. The vehicle lands, spots the WiFi signal, sends it's status, and then the maintenance crew knows what knobs to turn / liquids to top up. Key benefit is reducing the number of personnel wandering around near spinning rotors.

      Easy to add interlocks so the WiFi kit only comes on when there's weight-on-wheels!

  11. Jimmy2Cows Silver badge
    Terminator

    Futurama

    "You were doing quite well... until everybody died."

  12. Flywheel Silver badge
    Unhappy

    "niche in the market for startling the hell out of pilots by giving them something else to worry about while flying over a warzone"

    Windows will now shut down and spend the next 10 minutes rebooting your aircraft and applying 304 updates. Please don't turn off your computer...

  13. DCdave
    Mushroom

    "The company is reportedly developing a new warning system that tells pilots when their planes are being hacked".

    HUD - we've detected a potential virus attack on your system. Access to flight controls and weaponry is currently disabled for your protection.

    1. Anonymous Coward
      Anonymous Coward

      "There is a man standing behind you with a gun pointed at your head"...

  14. Anonymous Coward
    Anonymous Coward

    "Warning" suggests hacking is allowed

    "a new warning system that tells pilots when their planes are being hacked"

    Why not harden it so it greatly reduces the chance of hacking? This sounds like a feature that hackers will just shut off. Still, may be handy in the cases where your planes are sold to foreign governments.

  15. Anonymous Coward
    Anonymous Coward

    A properly trained pilot could fix it a second

    If the aircraft is behaving oddly, a trained pilot would just shake the stick to disconnect the autopilot, and then fly level until the problem has been isolated, and if that can't be accomplished, just switching off affected avionics. That's kind of the point of having two separated avionics suites in the cockpit anyway: You have your big fancy glass with all your interconnected systems goo-gaws; but then you also have your extremely simplified and isolated backup systems that lack anything that can be 'hacked', usually mechanical; sometimes self-contained glass with a dedicated pitot and embedded GPS attached to a dedicated backup battery and is usually accompanied with a switch to disconnect it from the aircraft's power buses.

    The critical flight systems, like stick inputs, trim controls, throttle, etc are going to be using ridiculously simple analog signaling on multiple redundant channels. Fly-by-wire systems, at least the ones I've looked at, are nothing more than a couple channels of analog differential pairs attached to linear potentiometers on the L/R control linkage with some optoisolators to allow disabling malfunctioning channels and to bump the signaling to +/- 28 V, and made some transistors to mix in auto-pilot control if the A/P isn't just operated by servos attached to the linkages to move the controls physically. These signals wind through the aircraft to hydraulic servos that manipulate the actual control surfaces. Same story with trim, flaps, and most throttle systems.

    Really, the most damage you can do to an airliner is annoy the hell out of the pilot that now has to hand-fly the plane to a diversionary airport.

    I would imagine that something carrying munitions would be equipped with something at least as reliable and have better trained pilots, especially since the military is where Murphy's Law not only originated, it is proven daily.

  16. T 7

    God forbid the pilot was female. "Basically, we're trying to give the pilot the information about what's happening internally on his aircraft in real time,"

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019