Aviation Industry Seeks to Strengthen Cybersecurity Defenses
June 21 2017 - 11:37PM
Dow Jones News
By Andy Pasztor
LE BOURGET, France-- Escalating concerns about cyberthreats are
prompting the aviation industry to devise an unlikely new
safeguard: real-time warnings to pilots about potential hacking
attempts.
Work to develop such systems, which have prompted disagreements
between some in the industry, are part of separate efforts by
France's Thales SA, Raytheon Co. and other companies to expand
cyber protections for aircraft. Airbus SE and Boeing Co. support
the pilot-alerting goal, reflecting a desire to try new things as
global threats intensify and evolve.
But interviews at the Paris Air Show showed there isn't an
industrywide consensus on the concept, a version of which is under
development and could start to be tested on some commercial
aircraft by late 2018. Large suppliers such as Honeywell
International Inc. and Rockwell Collins Inc.--which provide cockpit
equipment for many airliners--are skeptical about the need for such
proposed capabilities.
The debate isn't likely to affect cybersecurity systems on
today's airliners or even those built in the next few years, though
it could impact how the digital cores of future models will be
protected.
Proponents of alerting see advanced systems on aircraft as being
able to identify attempted or successful cyberintrusions, with the
data feeding into artificial intelligence features powerful and
adaptable enough to automatically respond to the hazard.
"The conventional ways by which we've protected ourselves in
cyber may need to change" as threats evolve, said Greg Hyslop,
Boeing's chief technology officer.
Allan McArtor, chairman of the Airbus unit that operates in the
U.S., Canada and Latin America, also sees a need for greater
industry sophistication in battling potential cyberthreats. "We
haven't been able to make a very convincing argument" to the public
about why aircraft are safe from outside intrusion, he said. What
is missing, he added, is "a convincing cyberthreat architecture
that allows us to be aware of attacks" when they take place,
including warnings going directly to the cockpit.
The push for new approaches generally tracks recommendations
from an earlier U.S. government-backed study group. The group of
experts also concluded that airline vulnerabilities extend to
maintenance operations that can allow outsiders to gain
unauthorized access to aircraft systems.
In September, the Federal Aviation Administration's top
technical advisory group adopted language seeking to ensure that
cybersecurity protections would be incorporated into all future
industry standards--affecting everything from aircraft design to
flight operations to maintenance practices.
Thales decided years ago that it wasn't sufficient to merely
devise elaborate protections. "We must have some real-time
capabilities to detect and respond" if an intrusion is under way,
said Thomas Hutin, one of the company's top cybersecurity
officials. He wouldn't reveal which airline signed up to
participate in the testing phase, but the goal is to send a
real-time alert and have crew members react based on "a very
detailed set of procedures" that they were trained to use.
Carl Esposito, president of Honeywell's Electronics Solutions
Business unit, sees no need for such drills, pointing to the
extraordinary rigor and care avionics suppliers use in writing
code. Existing safety systems are effectively impenetrable from the
outside, he said, because of "encryption, security keys and
end-to-end verification" of users already embedded in the software.
Flight-control applications are separated from cabin-entertainment
data with a physical gap between their respective power grids. In
the event a warning comes to the cockpit, he maintained, aviators
aren't cybersecurity experts so "what could the pilots do about it
anyway?"
These different assessments of the industry's cyber
vulnerabilities--and what leaders should do combat future
attacks--partly reflects the uncertain nature of threats. Industry
officials agree there hasn't been a single verified instance of
safety systems being breached on a large commercial jetliner. But
at the same time, experts' warnings are getting louder about the
dangers of hackers finding a vulnerability in aviation
protections.
Raytheon, which over the past decade has bulked up its
cybersecurity business to more than $1 billion a year in revenue,
hopes to start designing what could be a cyber warning system
intended for cockpits in both commercial jets and military
aircraft. The challenge is "how do you remediate existing systems
and build in that resiliency going forward," according to David
Wajsgras, president of the company's intelligence, information and
services unit.
Raytheon, a major global provider of air-traffic control
hardware and applications, is starting with the more modest goal of
establishing a detection system intended to identify false or
spoofed sensor readings from engines, flight computers or other
operating elements. But ultimately, it envisions sending some type
of automated message to warn pilots if their aircraft is believed
to be under cyberattack, an option that doesn't exist for any
airliner at present.
Warning systems could also be used for other purposes. Under
some scenarios, air carriers want the option of quickly being able
to turn off all in-flight entertainment data to a specific seat,
row or even the entire cabin.
Write to Andy Pasztor at andy.pasztor@wsj.com
(END) Dow Jones Newswires
June 22, 2017 00:22 ET (04:22 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Rockwell Collins (NYSE:COL)
Historical Stock Chart
From Jul 2024 to Jul 2024
Rockwell Collins (NYSE:COL)
Historical Stock Chart
From Jul 2023 to Jul 2024