Nevermind Asking If The Dreamliner Will Hack It... Can Someone
Hack The Dreamliner?
Unless it's an order announcement -- or photos from its first
flight -- Boeing would probably prefer to keep its delayed 787
Dreamliner out of the news cycle right now. As interest in the
composite-bodied airliner increases, however, so do the
headlines... which is likely why news of a potential security flaw
in the design of the aircraft made the rounds in the general media
last week.

It's not a flaw, per se... and the FAA wants to make sure it
stays that way. In a document posted to the Federal Register last
week, the agency states it wants additional precautions to preclude
possibility a passenger -- or someone else outside the cockpit --
could gain access to the 787's flight control systems, through the
plane's inflight entertainment network.
The risk lies in the high degree of multiplexing throughout the
Dreamliner's systems. Some data networks onboard the plane that in
the past were separate systems -- such as IFE, and flight control
and navigation software -- are shared on the Dreamliner, presumably
to decrease wiring complexity and reduce weight.
"The proposed architecture of the 787 is different from that of
existing production (and retrofitted) airplanes," the FAA says. "It
allows new kinds of passenger connectivity to previously isolated
data networks connected to systems that perform functions required
for the safe operation of the airplane. Because of this new
passenger connectivity, the proposed data network design and
integration may result in security vulnerabilities from intentional
or unintentional corruption of data and systems critical to the
safety and maintenance of the airplane. The existing regulations
and guidance material did not anticipate this type of system
architecture or electronic access to aircraft systems that provide
flight critical functions.
"Furthermore, 14 CFR regulations and current system safety
assessment policy and techniques do not address potential security
vulnerabilities that could be caused by unauthorized access to
aircraft data buses and servers," the agency adds. "Therefore,
special conditions are imposed to ensure that security, integrity,
and availability of the aircraft systems and data networks are not
compromised by certain wired or wireless electronic connections
between airplane data buses and networks."
News of the document first surfaced on Wired.com. Boeing
spokeswoman Lori Gunter told the tech website the FAA document was
misleading, and that the Dreamliner's systems aren't fully
interconnected.
"There are places where the networks are not touching, and there
are places where they are," she said, adding "there are protections
in place" to ensure passenger internet services cannot access
flight-critical systems "under any circumstance."
Gunter noted the planemaker is taking a number of steps related
to both hardware and software to combat the issue, but wouldn't
elaborate.
The ruling comes following a request for comments on the FAA's
proposed special conditions, made in April 2007. The Air Line
Pilots Association responded by "strongly" recommending the FAA
require a backup system for the flight crew to regain control of
the aircraft; the FAA responded it would prefer safeguards be in
place to prevent such a scenario in the first place.
Interestingly, European planemaker Airbus responded with several
concerns of its own. One stated the FAA's call for special
conditions wasn't "high level" enough, and is open to too much
interpretation. Airbus -- no stranger to complex computer flight
control systems -- also noted it would impossible for Boeing, or
anyone, to demonstrate complete security in such systems, as
technology is constantly evolving.