[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] FAA Responds to Boeing Security Story


By Kim Zetter 
January 09, 2008

Following up on a story that Wired News published last week about a 
possible security vulnerability in the design of Boeing's new 787 
Dreamliner jet, I received an e-mail from the Federal Aviation 
Administration responding to some of the questions I asked the agency 
last week before the story was published. At the time, a spokesman had 
told me he wouldn't be able to respond to me until this week.

The story was about a special condition that the FAA had published in 
the Federal Register regarding a novel design in the Boeing 787 that, 
for the first time, connects a passenger internet network with networks 
that control the plane's navigation and maintenance systems. The special 
condition disclosed that such a design could put critical data at risk 
and stated that Boeing would have to demonstrate that proper safeguards 
were in place to prevent this from occurring.

FAA spokesman Allen Kenitzer wrote me in an e-mail yesterday that the 
fact that the FAA issued a special condition about this does not mean 
that the Boeing design is vulnerable, just that it has the potential to 
be vulnerable unless implemented properly, and that Boeing will be 
required to demonstrate that the system is not vulnerable before the FAA 
will certify the plane for use. [Update: I added the emphasis on the 
word is here; it's not in Kenitzer's e-mail. I added it to make sure 
readers read the sentence correctly.]

"Stated another way, the special conditions help ensure the design will 
not be vulnerable," he wrote.

He added that such special conditions are not unusual and that the FAA 
had issued ten special conditions on the 787 alone (a Boeing spokeswoman 
had told me last week that the FAA issued eight special conditions on 
the 787 design).

"Special conditions are routinely developed and published in the normal 
certification program process whenever the FAA determines the current 
aviation regulations are inadequate to address a potential safety 
concern," he wrote, adding that, "the applicant is introducing new 
technology and proposing more connectivity between passenger / cabin 
services and other airplane networks and systems than on past airplane 
models in which aircraft networks and systems were more isolated (no or 
very limited connectivity between these networked systems).  The current 
regulations and guidance do not adequately address the security aspects 
of this additional connectivity."

I had asked him a question about what exactly the FAA meant in its 
special condition when it wrote that the passenger, navigation and 
maintenance networks on the 787 were "connected," since I wanted to make 
sure that I hadn't misinterpreted what the FAA was describing. He wrote:

"In the context of the special conditions, the FAA used the concept of 
'connection' between the passenger, airline, and airplane domains very 
broadly.  Earlier technology typically had physical and electrical 
isolation between these systems.  These special conditions came about 
because the new designs do not necessarily provide complete physical and 
electrical isolation.  As a generic example, a 'connection' in this 
context could be something such as time sharing a satellite receiver for 
data transmission.  Not all types of 'connections' present the same 
vulnerabilities.  Each must be assessed and addressed by Boeing."

Visit InfoSec News