|
|
|
|
|
|
by Veserv
716 days ago
|
|
|
The problem described in the paper is not what you think it is. The paper effectively says: "Assume we control the wire to the flight controls, then we have complete control over whatever is sent to the flight controls." Not to belittle the technical work in constructing a implant that can manipulate the electrical signals in the wire in realtime, but the consequence of such access is as obvious as it is uninteresting. Not to say that physical compromise of the wire is unbeatable; encryption makes it effectively impossible to spoof or rewrite messages, but the wires and communication protocol are already only intended for communication between trusted components (if you are communicating to untrusted components then you have to use something else like a data diode). The only really interesting part of the highlighted attack vector is that the "trusted wires" are likely not particularly physically separated from "non-trusted wires" or easy access which makes physical compromise at least plausible to achieve for a external malicious actor as compared to physically modifying one of the actual critical flight computers. |
|
|
From what I read ARINC 429 is a one-way bus making this completely redundant and unnecessary.