Aviation has become increasingly automated, but experts say hacking into an aircraft's controls — as a U.S. security consultant recently mused about on Twitter — is still a very difficult thing to do.
If it were possible, "Transport Canada and the [U.S. Federal Aviation Administration] wouldn't be certifying these aircraft for use," says Lynne McMullen, chair of the aviation school at Seneca College in Toronto.
- Chris Roberts denied flight after tweeting about hacking onboard systems
- Why airlines don't live-stream black box data
McMullen says there are safeguards in place that enable a pilot to override any outside attempt to commandeer a plane.
Stephen Cobb, a senior security researcher at cybersecurity firm ESET North America, says that "serious hacking of flight critical systems is a low probability right now, and personally I don't hesitate to take commercial flights for business or leisure."
Even so, he says it is important to be vigilant and not simply trust "the assurances that airlines make."
"Continued scrutiny is required and the challenge of securing complex systems should not be downplayed."
A contentious tweet
On Saturday, U.S. cybersecurity researcher Chris Roberts, who specializes in airline safety, was barred from boarding a United Airlines flight from Colorado to San Francisco.
Three days earlier, he had been removed from a United flight and questioned by airport authorities for four hours.
It was all because of a tweet he posted on Wednesday in which he mused about using his laptop to manipulate the plane's engine-indicating and crew-alerting system (EICAS) in order to get the oxygen masks to drop.
After explaining that Roberts' Twitter statement had prompted the company to act, a United Airlines spokesman told The Associated Press "we are confident our flight control systems could not be accessed through techniques he described."
Roberts isn't the only one who has been thinking along these lines lately. His public speculation followed on the heels of a chilling report on airline safety by the U.S. General Accountability Office (GAO) last week.
The report, which surveyed a number of security experts, found that because modern aircraft "are increasingly connected to the Internet," they could "potentially provide unauthorized remote access to aircraft avionics systems."
In an interview with Forbes magazine, Phil Polstra, professor of digital forensics at Bloomsburg University in Pennsylvania, said that the GAO report was erroneous and "irresponsible."
"Just because the cabin has wireless and ground communication is also wireless doesn't mean the systems are 'connected,'" Polstra said, questioning whether the writers of the GAO report even know how modern aircraft work.
While modern aviation increasingly relies on wireless networks, aircraft control systems are separate from the in-flight entertainment system or passenger Wi-Fi network, says Mike Rioux, chief operating officer at JDA Aviation Technology Solutions in Bethesda, Md.
Communication between the pilot and air traffic controllers is done through VHF radio frequencies, while the auto-pilot and auto-land systems are part of the aircraft's onboard computer and can't be manipulated from outside the cockpit, says Seneca's McMullen.
McMullen says a plane's environmental system — which monitors cabin pressure, for example — is separate from the passenger Wi-Fi system and is controlled from the cockpit using on-board computers.
So even if an outsider were able to penetrate it, as Roberts proposed, McMullen says "the pilots are able to override it just as they would be if the system was to malfunction."
Meanwhile, the flight control system, which transmits and receives signals from navigational aids such as satellites, is separated from passenger Wi-Fi through "air gapping," says ESET's Cobb.
Air gapping is a process in which a critical computer network — in this case, flight control — is separated from a non-critical one — passenger Wi-Fi — either physically or through an extra firewall.
Cobb says that in general, networks on planes come with very robust security features.
"Travellers should be aware that networks on aircraft are engineered to much higher security and reliability standards than other locations you encounter on the road, like hotel rooms and coffee shops," he says.
Is 'air-gapping' enough?
That said, there is some confusion as to the extent to which the systems are air-gapped, says Cobb.
In 2008, the FAA warned Boeing that the Wi-Fi network on its Dreamliner planes could be vulnerable to attack, and Cobb says the recent GAO report "has raised questions as to the extent to which current solutions provide an acceptable level of security."
In response to the GAO report, Boeing said that its pilots have the ability to manually override any electronic attempt to take over an aircraft.
McMullen confirms that even in a hypothetical breach of a plane's flight control system, there are numerous safeguards in place. For example, a plane's auto-landing feature has two to three backups in place in case of malfunction or a breach.
In this age of widespread automation, McMullen maintains the best safeguard remains an alert and competent pilot.
"The interesting thing that comes out of all of this is the reminder that the pilots are so absolutely necessary because they're the most flexible part of the system, because they're able to monitor and analyze and react quickly."