Hacking my airplane – Black Hat

Cameron Camp, security researcher at ESET

ESET’s security researcher, Cameron Camp points out that after welcoming hacking research, automobile technology started to get better at defending against hacks. So why has the airline industry not been as welcoming?

I’m building a homebuilt experimental airplane. Yes, I plan to fly in it. Don’t be afraid, lots of others are too, and this segment of inventors could easily prove a valuable anti-hacking component for big jet and small plane industries alike.

The airline industry is paralyzed with fear of bad press, especially of getting hacked. With more new planes getting wired (and wireless) systems, there will continue to be more networks flying around in the air by your seat in the cabin.

Not all networks control critical things; many are involved in doing quite simple things like changing the color of the lights in the cabin. So what’s the risk to flight control systems? That’s exactly what the automotive industry figured ten years ago: What could possibly go wrong with vehicle control if an “entirely different”, seemingly unrelated system got hacked?

Until it did. Here at BlackHat a while back we got to see videos of vehicles swerving out of control following a hack. Thankfully, the automotive industry came to terms with the hacking reality, and (some) even sponsored hacking opportunities like the automotive hacking village here at DefCon later in the week. It was a very positive turn of events. By engaging the hacker culture in a more open way, automobile technology started to get better at defending against hacks, which helps to keep us all safe.

The airline industry has not been as welcoming. While it’s not as plausible to park a jet in a suite at DefCon, seemingly few strides have been made to warmly welcome hacking research. It’s not implausible to make some systems available that are currently used in aircraft, but there seems to be cultural inertia that has only warmed slightly to the thought.

So now we have a briefing here at BlackHat about messing with the in-flight guidance systems on small planes. These kinds of systems are often used in planes like mine.

But unlike typical manufacture disclosure processes, which can be, um, unfulfilling and unwelcoming, those who work on their own planes, for which they are considered the manufacturer, are prime candidates to engage to help work things out.

After all, we don’t really have large PR inertial problems, we just want to fix the problem. Our stock won’t tank. We can publish findings to enthusiast lists and groups in the U.S. like the Experimental Aircraft Association (EAA) where people share ideas rather quickly, and thereby become a sort of ad hoc beta test group.

Can it work? Absolutely. About 40 years ago, the homebuilt/experimental groups started hacking planes for performance. Nowadays, a homebuilt aircraft might be constructed of carbon fiber laminate flow wings with Fowler slotted flaps for low-speed handling in a high-speed aircraft that will absolutely destroy the performance of the heavily regulated light planes the aircraft industry still produces, which are still largely based on 70‑year‑old technology still today. At half the price.

One model of homebuilt, the Lancair IV-P, using the same engine used to fly a certificated airplane around 200 miles per hour, cruises along at around 350. It’s embarrassingly good what hacking improvements can bring to an industry.

Are homebuilt aircraft safe? Yes. They have similar insurance rates as other high-performance aircraft, so there’s been enough time to prove solid designs reliable.

It’s time to engage the industry – not to find fault, but to fix problems. And we’re here to help. If you let us.