Airline disruptions have been in the news a lot over the past few years. Failures in information technology services have caused a number of these problems. These incidents make very clear the dependence of modern transportation on computer technology. To improve customers’ experience and ensure their safety, computer scientists and transportation experts must work together to improve the technologies that support travel.
In the airline industry, problems caused by computer technology fall into two categories: failures of systems that support travel, and problems that plague the in-flight experience. Issues related to travel support impact customers before their flight takes off. These cause delays and cancellations, and they frustrate customers who simply want to get to their destination as quickly as possible. Problems related to in-flight systems, however, carry much more risk, because they jeopardize passengers’ lives.
Flight support systems include counter and web-based check-in, baggage handling, gate operations, flight status services, ticketing, and aircraft weight and balance checks. The Aircraft Communications Addressing and Reporting System, or ACARS, also falls into this category, as it provides data and communications services that are essential to takeoff and landing. These services have been disrupted by power outages, network equipment failures, large-scale data center outages, and loss of server connectivity. Airlines have a difficult time coping with these kinds of problems, because the tightly integrated nature of the various services that support travel, including those which work to satisfy heightened national security requirements related to air travel, make resorting to manual pen-and-paper processes virtually impossible. The outage of US Customs and Border Protection systems on January 2nd of this year illustrates the variety of ways in which airline travel can be crippled by systems that, despite their entrenchment in the process, are only peripherally related to the task of flying.
The threat against airline computer and communication systems in flight causes even greater concern, because it imperils passengers’ lives. In August 2014, Ruben Santamarta of IOSystems presented how he was able to hack satellite communications systems on which aviation depends using in-flight wifi and entertainment systems. By reverse-engineering the firmware of satellite communications equipment manufactured by Hughes, Cobham, Iridium, Harris, and others, Santamarta was able to identify hard-coded passwords in the computer instructions. These hard-coded passwords are specified in the software itself to enable technicians to access and service equipment without having to enter login information manually, thus making their jobs faster and more convenient. The problem with specifying usernames and passwords in software, however, is that they can be discovered by people who shouldn’t have access to those systems. This gives hackers access not only to the directly associated systems, but also, perhaps, to other systems with which they interact.
More recently, in December 2016, Santamarta and his IOSystems team found a security hole in the Panasonic Avionics in-flight system that could potentially enable a hacker to access a number of customer services in-flight, including taking control of the intercom system and lighting. It could also potentially interfere with the altitude and location readings, thus directly impacting flight. For frequent flyer customers who have their charge card information stored for easy in-fight payment, such hacks could potentially compromise that information, too. These kinds of attacks could certainly diminish the flying experience for customers and, worse, severely threaten their safety.
In May 2015, noted hacker Chris Roberts, founder of One World Labs, claimed that he was able to make an United airplane climb and move sideways in flight. He plugged his laptop into the Seat Electronic Box that gives passengers access to the in-flight entertainment system. Once connected, he was able to see devices on the network that interacted with satellite communications and the engine-indicating-and-crew-alerting system (EICAS). He tweeted in mid-air about being able to deploy oxygen masks. He said he was able to monitor traffic from the cockpit system and to take control of the plane’s Thrust Management Computer. And, he momentarily used his access to the Thrust Management Computer to cause the plane to climb and move sideways. His actions have drawn the ire of the FBI and the airline, because they placed the passengers and crew of that flight at great risk. In the wake of this incident, United instituted a bug bounty program, offering to reward hackers who find vulnerabilities in their flight support systems up to one-million frequent flyer miles. Interestingly, though, the bug bounty reward does not extend to hackers like Roberts who target in-flight systems.
Modern transportation depends on automation to increase efficiency and improve the experience of passengers. But automation, which inevitably depends on computer technology to implement it, carries tremendous risk. Simply put, we have not figured out, and probably never will determine with certainty, how to make computer systems impervious to compromise.
Flight support systems have become extremely complex. Ticketing, check-in, baggage, pre-flight verification, troubleshooting, and physical security systems must tie together seamlessly and remain accessible to airline personnel and millions of passengers accessing these systems from the airport, from home and office computers, and from their phones. Accommodating these various use cases and their users requires a level of interconnectedness that makes the system look a lot like a game of dominoes. When a system in one part of the spaghetti enterprise fails, others are taxed, stymied, and may ultimately fail, as well.
In flight, the systems that keep passengers entertained and connected to the ground provide an avenue for hackers to access the systems that are keeping in the air. Just as the drivetrain systems of passenger cars have been compromised by attacks that used their on-board wifi and mobile entertainment systems, so, too, have airplanes. The systems that control motion – whether they are the steering, braking, and acceleration of a car or the wing controls and thrust management of plane – must be kept separate. This sounds simple on paper, but it becomes increasingly difficult as we attempt to increase the capacity of these vehicles to control themselves. Autonomous control requires communicating with the environment, sensing real-time signals and tapping into systems that aggregate such data to support forecasting what lies ahead. That means that these vehicles’ ability to communicate with external systems increasingly influences their ability to control their motion. That means that we can’t simply isolate external communications from movement controls. Instead, we have to figure out how to secure the movement control systems in a way that minimizes external actors’ ability to access and control them.
For researchers in computer science and transportation, these are exciting times. The challenges we face are thoroughly interesting and critical for us to meet. Lives are at stake, and it is our job to protect them, together.