FAA: Network Security Vulnerability on Boeing’s New 787?

Wired published an article yesterday about an FAA report that identifies a potential security vulnerability in the way Boeing has designed the passenger jet’s on-board computer network. While not a lot of detail has been released by the FAA or Boeing and the plane is not scheduled for deployment until November 2008, it appears the systems that control flight also have a physical connection to the computer network meant for passenger Internet connectivity.

The article reports that a computer hacker on-board the flight could compromise the network and gain access to the network that controls the airplane.

Personally, I think it’s great that airlines will be providing Internet access to passengers in the future… but as a computer professional with 15 years of experience in computer networks, these systems are better left disconnected. Even discussions around software measures and hardware firewall solutions do not put me at ease.

If airlines make such a big deal over cellphone/wireless usage during flight, the aircraft manufacturer needs to make an even bigger deal about the security of their on-board computer networks.

There is always somebody out there smarter than the designers of Boeing’s systems, with malicious intent and ready to devote a good deal of time tearing apart *any* measures Boeing puts in place to deter hacking attempts. As the original article suggests, at least pull in a credible, third party auditor to certify the security measures in place.