A report presented at the DEF CON hacker convention in Las Vegas last week outlined potential vulnerability in the computer systems used on some Boeing aircraft. Boeing told GlobalAir.com on Tuesday that the vulnerability has been fixed.
Cybersecurity firm Pen Test Partners said in a report that hackers with direct access to a tablet device used by pilots to plan flights, commonly referred to as an electronic flight bag, could have modified the digital tool used to calculate landing and take-off speeds on some aircraft.Read the Pen Test Partners report.
According to Boeing, the issue is limited to certain unprotected Class 2 electronic flight bags installed by third parties and does not affect newer aircraft flight decks, which gather and display flight performance data differently.
What could have occurred?
If the crew did not detect the data modification during their required cross-check or verification process, there was the possibility of an aircraft landing on a runway too short, or taking off at incorrect speeds, according to the report presented at the convention.PREVIOUS STORY: FAA clears way to resume deliveries of Boeing 787 Dreamliner
"We are committed to evaluating original research that is conducted and shared in a responsible manner and thank Pen Test Partners for their professionalism and collaboration," Boeing said in a statement. "While we are not aware of any airplane affected by this issue, our team released a software update and service bulletin to our customers last year to further enhance security and minimize the already-low risk of interference."
The likelihood of trouble
Even without no known real-world cases of electronic flight bags being hacked, Boeing said it believes it's important to address potential vulnerabilities. An internal company review concluded this issue poses minimal risk to Boeing airplanes, the company said.Let us know in the comments at the top of the page what you think about the potential flaw and fix.