What's new
Van's Air Force

Don't miss anything! Register now for full access to the definitive RV support community.

CAN Bus Can Be Hacked

First rule of security: if someone has physical access, all other rules are void.

IMHO, this really isn't much different than someone going in and futzing with your analog gauge calibration or disconnecting an antenna or loosening a control, etc.

Now if this could be exploited without touching the CAN bus wiring, that would be a whole new world of problems.
 
This is not news, just someone applying what has been done in the Auto world to aviation. Wired did a piece on what someone could do if they had access to the CAN bus in Autos back in 2015 (Hint, this still required physical access in the first place):
https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

As others and even DHS have said, physical access is required. Do you realize that hackers could even hack your laptop if they got physical access to it? Seriously, this is a just silly.

It would be much easier for someone to attack the ADSB system, jam GPS, mess with the ILS or any of a number of other things.
 
This is not news, just someone applying what has been done in the Auto world to aviation. Wired did a piece on what someone could do if they had access to the CAN bus in Autos back in 2015 (Hint, this still required physical access in the first place):
https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

As others and even DHS have said, physical access is required. Do you realize that hackers could even hack your laptop if they got physical access to it? Seriously, this is a just silly.

The risk, as far as I can tell is pretty low for this particular use case. Brian is right, this has been done before but is probably a good notice for us in the experimental GA world to understand that the risk, though small, does exist.

Someone doesn't have to be doing something nefarious for this to manifest itself. The basic idea is that communication on the bus is not validated in any way that it originates from a trusted source.

Fly IFR with components meant for that task. Fly VFR with eyes outside.
 
In career #1 I was one of those people who sat around hypothesizing how a bad actor would get into safety-critical aerospace systems. It's a good way to drive yourself nuts.

I'll sleep tight tonight knowing that I'm just one person among millions using CAN bus, and if somebody really wants to mess with me there are far more time- and cost-effective ways than hacking my airplane's avionics.

ds
 
Last edited:
Wow. Good thing we don?t use anything even less secure. You know, like USB or even RS232 serial.

Now I need an ibuprofen. My eyes rolled so hard it made my head hurt.
 
physical security

Everyone is right - once you give physical access, all bets are off. But still, there are lots of ways that the CAN bus can and should be improved. Reminds me of the early days of ethernet and brokenring - plug something into the network and you could do anything.

Lots of scenarios I can think of that can be exploited with bad CAN security - rogue actor plugging something into the bus during maintenance, innocent actor plugging nefarious device in, etc.
 
Everyone is right - once you give physical access, all bets are off. But still, there are lots of ways that the CAN bus can and should be improved. Reminds me of the early days of ethernet and brokenring - plug something into the network and you could do anything.

Lots of scenarios I can think of that can be exploited with bad CAN security - rogue actor plugging something into the bus during maintenance, innocent actor plugging nefarious device in, etc.

I was about to make fun of the idea of someone trying to access the connections for my CAN bus behind my panel; it's not a job for the faint of heart and would probably cause a rogue actor to change careers or at least get drinks or therapy. But if others do your avionics work, I can appreciate the possibilities you mention and suggest that such owners employ oversight, even if they trust their shop. Aerotronics built my panel and I trust them but I had to connect my own bus anyway because of how some of the equipment was located, and so I doubly know I have no trojans. Now that it's installed, I can feel pretty secure that no one can access it casually.
 
This is what I work with all day...

To get anything done you need to have a risk based approach and protecting internal communication between devices in a GA/Experimental airplane is just not effort well spent.

Agree.

There seems to be a misconception that an attacker must have physical access to your airplane to attack the CAN bus. How many of us update our Garmin/Dynon firmware or maps using the flash card, or uploading your Foreflight flight plans to the GNS devices? If any of these equipment is connected to the CAN bus, the malware can exist in your flash card or the computer that you used to create your flight plan and thus the attacker will have gained access to your CAN bus.

I realize from the risk factor, few attackers will spend their good money going after the GA/Experimental market.
 
Well, I got a Trunk Monkey (actually a chimpanzee) for my car. Now I suppose I?ll just have to get one for the RV.:confused:
 
Cybersecurity is a huge deal these days with Part 121 avionics. We are spending a P-51's worth of $ on proving that our (DAL D) box, located in a **** hole, with an Ethernet maintenance port (no WiFi) using a custom cable, running a segregated custom certified DAL B OS, with one ARINC 429 interface to the airplane, cannot be used to take over or flood the flight computers.
Seriously.
We have to do penetration testing of the software, code reviews, etc. by a third party.
I suggested a padlock on the connector, but they said the lock could be picked...

Any of you youngsters out there looking for a biz to get into, pay attention. Personally, I'd rather shove a pencil in my ear.
 
Last edited:
Mike,

Wow. I fly 121 so I can afford to fly 91. Security, at work, is a big deal. I won?t go into it.

But, a single pilot transport class aircraft with a datalink to control the aircraft (in case something or someone incapacitates the one Pilot) has me concerned. With respect to security.
 
BOH

I suppose it's a good thing we have AP servos that can be turned off... :rolleyes:

And anyone that reads Simon Travaglia might even be worried that a hacker could find a way to disable a hard-wired servo power switch through a software hack. :eek::rolleyes:

Skylor
 
I was given this "research" a while ago.
Man, I could not believe what I was reading.
What a load of hogwash.

What they were doing here is laboriously trying to spoof the system. You can do that with any wire that contains any sort of information - starting from the wire that goes to your oil temperature sender (just a voltage or current) to the many types of data links (ARINC429, RS232, RS422, RS485, CAN, and some more propriety signalling, even PWM).

If you have access to the wire and are sufficiently clever to connect to it and modify whatever there is on it - yes you can cause bad information to be received by whatever is using this information. That's hardly rocket science or an Earth shaking discovery.

You could just go and cut a power wire. Get the right one and you create havoc. Much simpler. Heck - rather cut a fuel line and put a match to it. Even more spectacular.

Honestly - I don't get this one. If your various items on board talked wireless to each other no physical access is needed. That might be (rather unlikely) option - as typically you would have very short range links.

There are still bits of my brain sticking to my monitor - my scull exploded when I read that paper. Did somebody get paid to write this ?

Rainier
CEO MGL Avionics
 
And anyone that reads Simon Travaglia might even be worried that a hacker could find a way to disable a hard-wired servo power switch through a software hack. :eek::rolleyes:

Skylor

I suggest that disabling the shear pin / slip clutch will be more difficult.

If you have that much access to an airplane you're sabotaging, just toss an old fashioned explosive and timer in the tail cone and be done with it.
 
At one point the tsa decided that somebody could steal a CRJ by climbing in through a windshield. I guess they had seen open cockpit windiws on older airplanes. So some hero tsa dude climbed up on the steps on the nose of one at O'Hare only to find that the windshield is held in place by about 400 screws and it does not open. What he did not know was that those convenient foot steps were actually pitot tubes and temp probes, aoa vanes and ice detectors. They are not designed for jack booted gorillas to climb on. He certainly ensured it was all safe, since he made the plane non airworthy. The airline was not pleased. Of course the tsa said they were doing their job.
 
Back
Top