Says Some Computer Systems May Be Vulnerable To Outside Attacks

The FAA published a notice in the CFR earlier this month indicating some computer systems on the 747-8 and 747-8F may be vulnerable to outside attacks due to the nature of their connectivity. And the agency said current airworhiness standards do not take the vulnerability into account.

"This airplane will have novel or unusual design features associated with the architecture and connectivity capabilities of the airplane's computer systems and networks, which may allow access to external computer systems and networks," the agency published in the Federal Register. "Connectivity to external systems and networks may result in security vulnerabilities to the airplane's systems. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for these design features. These special conditions contain the additional safety standards that the Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards."

The suspect systems are described as digital systems architecture composed of several connected networks. The architecture and network configuration may be used for, or interfaced with, a diverse set of functions, including:

• Flight-safety related control, communication, and navigation systems (aircraft control domain).
• Airline business and administrative support (airline information domain).
• Passenger information and entertainment systems (passenger entertainment domain).
• The capability to allow access to or by external network sources.

The FAA's concern is that the architecture and network configuration may allow the exploitation of network security vulnerabilities resulting in
intentional or unintentional destruction, disruption, degradation, or exploitation of data, systems, and networks critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate these types of airplane system architectures. Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities, which could be exploited by unauthorized access to airplane networks, data bases, and servers. Therefore, these special conditions and a means of compliance are provided to ensure that the security (i.e., confidentiality, integrity, and availability) of airplane systems is not compromised by unauthorized wired or wireless electronic connections.

The FAA is requiring Boeing to ensure electronic system security protection for the aircraft control domain and airline information domain from access by unauthorized sources external to the airplane, including those possibly caused by maintenance activity. It further says Boeing must ensure that electronic system security threats from external sources are identified and assessed, and that effective electronic system security protection strategies are implemented to protect the airplane from all adverse impacts on safety, functionality, and continued airworthiness.

The order currently applies only to the 747-8 and -8F, but the FAA says "Should Boeing apply at a later date for a change to the type certificate to include another model incorporating the same novel or unusual design features, these special conditions would apply to that model as well."

FMI: www.faa.gov, www.boeing.com