https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


Getty Images

Supply Chain Security: Malware, Not Missiles

How hostiles will target our aircraft: An Air Force cadet reflects on supply chain security and the need to secure hardware. 
  • Written by Julia Pack
  • 23rd September 2019

Disclaimer: The opinions expressed in this paper are the author’s and do not represent an official position of the U.S. Air Force or the U.S. Air Force Academy.

The recent tragedies of two Boeing 737 MAX-8 passenger jets crashing, despite pilots’ efforts to save them, set off a global alarm about the vulnerability of large, sophisticated aircraft to a flaw in a single subsystem. We were reminded of this fundamental truth after losing the Challenger shuttle. Now, we are reminded of it again. The Boeing disasters resulted from unintentional mistakes in software code. Imagine the potential of deliberate, targeted defects introduced into military aircraft carrying potent weaponry. It’s yet another example of the pervasive concern of supply chain security. 

Recently, during the summer between my third and fourth years attending the Air Force Academy in Colorado Springs, I worked as an intern at a specialized cybersecurity engineering firm based in Ohio. Though far from Silicon Valley, this group guides tech giants — including leading chip-makers, in developing their hardware-level security.

During my too-brief exposure to the topic of military hardware-level cybersecurity, I learned that in the near future, hostiles could attempt to use malware and counterfeit chips to attack our aircraft. They don’t need to rely on expensive missiles. I’m not a cybersecurity engineer, but as a future officer and warfighter, I began asking questions about supply chain security and securing aircraft systems. What follows is a quick look into a deep topic that could impact anyone who flies.

For a broad look at claimed hacks of commercial aircraft, and test cyberattacks on commercial jets by the U.S. Department of Homeland Security, this article in Newsweek is a good starting point: 

Are military aircraft vulnerable to failure in a single, relatively small onboard system? There’s certainly evidence that such a gap existed in the past. In 2008, a USAF B-2 Spirit bomber crashed in Guam after takeoff due to faulty readings caused by moisture in three of its 24 port-side air-data sensors, which judge airspeed. The B-2’s computer-controlled system largely flies the aircraft. Because of this, the system automatically manipulated flight surfaces and settings to correct and maintain aircraft stability, but on this occasion with incorrect data. The control system overrode the pilots’ inputs, and they were unable to recover the aircraft before bailing out. The pilots were seriously injured, and this first-ever loss of a B-2 cost an estimated $1.4 billion. 

It’s easy to understand why malware is one threat to device security that keeps chief information security officers (and their military counterparts) up at night. This rogue software is loaded by unauthorized means onto a device, most likely when it reboots. Presumably, that malicious code is designed to help attackers steal information, sabotage the device itself or interfere with the operation of the overall system, whether it is a weapon, vehicle or aircraft. 

The Traditional Way to Attack Military Aircraft

Attacking a sophisticated fighter craft by sending some physical object at it — missiles, for example, is both expensive and risky. You can’t remain undetected, and there will be retribution. It requires proximity and fleeting opportunity. Putting counterfeit hardware into military hardware would be more appealing to certain enemies if it had a high chance of success.

Cyberattacks on aircraft may well be more cost-effective for hostile entities than targeting with an expensive missile. Depending on the security of the device or subsystem, an everyday laptop or small computer chip may have the capability to interrupt and hinder operations in the air. We can assume that hackers would aim to cause GPS jamming or interference, corrupt data communications and even gain access to DoD weapons systems. It is critical to have an effective means of detecting the smallest changes in code.

The specialized chips that are used in aircraft subsystems can be designed and produced to detect and block rogue software — while signaling that the subsystem has been compromised.

That’s the good news. What if the so-called “security chip,” however, is replaced by one that appears identical but serves the purposes of hostiles? Could that actually happen? 

It would be quite challenging to replace a subsystem chip on an active USAF aircraft. A saboteur posing as a mechanic cannot sneak up to a fighter jet on the tarmac and begin swapping out parts at 3 a.m. without being noticed, even at a maintenance depot. A hostile infiltrator who has been accepted as part of a skilled maintenance crew could pose a greater threat, but that scenario seems unlikely. 

During the manufacturing process, and along the supply chain of different defense suppliers, a lapse in security might leave an opportunity for a hostile actor to carry out the swap. The many components in a system are made in different places, and then they are shipped to where they are incorporated into larger systems. It’s challenging to ensure that an extensive supply chain remains 100% “pure” at all times, and some defense contractors have complex, far-flung supply chains. 

If this seems like succumbing to paranoia, it’s not. It’s embracing reality.  

To be safe, we should assume attacks will come, and we should take measures to stop them. It makes sense to consider that a counterfeit, malicious chip could be substituted into a military aircraft component. One way to defend against that is to architect dependencies between chips in the component that communicate with one another, requesting a key or other signal that only the legitimate original part could answer with.

How Hardware Can Detect a Hostile Insertion of Hardware or Software

A security chip, such as Micron’s Authenta or a trusted platform module, protects against attacks by assuring device identity and the “health” of the code being run. Security chips are designed to spot and capture measurements of code on substituted parts and compare this to an original copy, thereby identifying rogue software — which will never measure (hash) identically to the authorized software.

When the active code measures to the exact correct value, this means it can be trusted, and the security chip makes available an encrypted key that unlocks remaining data to continue running the system. When a connection to another subsystem or remote device in the aircraft is requested by the device containing the security chip, or another device, or an operator of the system, the security chip participates in a protocol to authenticate both devices to one another. If both devices are uncompromised, they can communicate normally.

Cyber Resiliency in the Face of Attack

If the software code is wrong, the security chip can help keep the aircraft operating safely. It will be architected to run the system in a mode that minimizes damage. This capability gives the system, and the machine it is part of, some resiliency; the ability to keep functioning through an attack. Resiliency is crucial. There’s almost no conceivable situation of compromised systems where you’d want a jet engine stopped in flight.

Effective Hardware Cyber Resiliency Is an Intricate Puzzle

Each device inside the aircraft that is connected to anything — the Internet, or other devices inside the aircraft — needs to have its own onboard security at the hardware level to help sound the alarm when an attempt to load rogue software takes place. It is a truly complex task to correctly design the required authentications between systems and subsystems, and the automated responses of each subsystem in case of compromise or when missing components are detected.

The Air Force has been extremely proactive in tapping the talents and patriotism of white-hat, ethical hackers to uncover vulnerabilities. It conducts ‘Hack the Air Force’ initiatives open to 191 countries, and they are an important — and community-building way of discovering bugs in Air Force systems. With upwards of eight million lines of code built into newer models of aircraft, we have a sharp need to be certain that exactly and only the correct eight million lines are loaded.

Working with TrustiPhi, though it was a short time period, fundamentally changed how I perceive security. When our peers strap into the seat of an F-35, we want to know — and they need to know — that the aircraft’s mission will prevail over the almost inevitable hacks and cyber-sabotage by hostile actors, by having resiliency built into the subsystems. Having had a first look under the hood in the cyber world, I will maintain awareness of security issues and seek to ensure resiliency against malware and sabotage in our hardware. It is with full confidence in our training, vigilance against cyberattack, and resiliency of our equipment that the Air Force will continue its success in defending from the skies.

Julia Pack is a cadet first class at the U.S. Air Force Academy (CS-09 “Viking 9;” USAF Academy, Class of 2020) and a 2019 Intern at TrustiPhi. 

 

Tags: Hardware-based security Security Features Opinion

Related


  • Image shows welding robotics and a digital manufacturing operation.
    IoT Supply Chain Vulnerability Poses Threat to IIoT Security
    The supply chain provides building blocks for IoT but also vulnerabilities. IT pros need to ward against malicious attacks that exploit supply chain security gaps.
  • IoT Security Needs Pen Testing Approach
    IoT pen testing is a no-brainer, say experts. But don’t test everything.
  • Image shows a digital background depicting innovative technologies in security systems,
    Securing IoT Devices With Zero Trust Requires Mindset Shift
    Zero-trust approaches require a shift in mindset to ensure IoT devices have rigorous security policies applied — and the work is never done, say IT pros.
  • An Integrated Approach to IoT Security
    This e-book provides a comprehensive framework to help organizations reduce risk in IoT products and environments.

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • Common Internet of Things Security Pitfalls 
  • Can Privacy-Preserving Machine Learning Overcome Data-Sharing Worries?
  • Developing a Critical Infrastructure Cybersecurity Strategy
  • Addressing IoT Security Challenges From the Cloud to the Edge 

News

View all

Webex Collaboration Banks on Hybrid Workplace Model at Cisco Live 2021

2nd April 2021

Cisco Enlists Networking Automation, CX Cloud in COVID-19 Response

31st March 2021

White Papers

View all

Telehealth and COVID Infographic

30th March 2021

Medical Supply Chain Management with Smart Devices and Sensors

30th March 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

Embedded IoT World 2021

28th April 2021 - 29th April 2021

The Virtual Industrial AI Summit

29th June 2021 - 30th June 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

🥳Happy #IoTDay! How are you celebrating? We're giving $50 off All Access Passes to join our upcoming virtual event,… twitter.com/i/web/status/1…

9th April 2021
IoTWorldToday, IoTWorldSeries

🎉 Announcing #EIOTWORLD sponsor, @InnoPhaseinc — a fabless wireless semiconductor platform company specializing in… twitter.com/i/web/status/1…

8th April 2021
IoTWorldToday, IoTWorldSeries

Digital Health Infrastructure Benefits From Cloud-to-Edge Architecture dlvr.it/RxBwQ4 https://t.co/AILVdUVWDA

7th April 2021
IoTWorldToday, IoTWorldSeries

Meet the #EIOTWORLD keynote lineup: Google, Facebook, Linux Foundation, STMicroelectronics, Antmicro, OpenHW Group,… twitter.com/i/web/status/1…

6th April 2021
IoTWorldToday, IoTWorldSeries

Network Data Analytics Supports Back-to-Work Health and Safety dlvr.it/Rx5xlL https://t.co/VvxxpdUMJ3

6th April 2021
IoTWorldToday, IoTWorldSeries

IoT Cybersecurity Act Places Security Onus on Device Makers dlvr.it/Rx2jHK https://t.co/fyd3nQ1r1Z

5th April 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X