A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts
https://news.ycombinator.com/item?id=20638315
My $0.02: I came across Boeing's documentation for their "Boeing Update" solution. (think Windows Update, but for 787s).
It described in detail how the planes are updated with new firmware for the avionics, entertainment system, and the engines. I was shocked to learn that the 787 uses a lot of COTS kit internally, such as standard WiFi and Ethernet connections. There's an RJ-45 jack at the front landing gear accessible from the outside of the plane at any time!
It was by far the best technical document I have ever read, of any type, ever by at least a factor of ten. It was so good I read it like a novel. Twice. The security design was amazing. The PKI was amazing. The patch management was amazing. The network design was amazing. The documentation was amazing. My estimate was the the document alone would have cost multiple millions of dollars to write, not including any of the engineering work that went into the solution itself.
Boeing's engineers thought of everything. EVERYTHING. This scenario was catered for:
- The plane is rented, not owned.
- The IT department is outsourced.
- Aircraft maintenance is outsourced.
- The plane is currently on the ground in a country that is hostile.
- A critical update has been released, without which the plane is unsafe to fly.This is one of the scenarios that is literally spelled out, in plain English, and you're left completely certain that the update will be safe and secure despite all of that.
The security is just nuts. Everything uses explicit, hardcoded whitelists. TLS is bidirectional (clients are verified by the servers too). Patches must be quadruple signed by Boing, the parts manufacturer, the FAA, and the airline at a minimum to be acceptable. There are physical connection breakers and PIN codes on top of that. There are two nested VPNs on top of the already encrypted WiFi. It just goes on and on.No part of it left me thinking they could have done better. I've used that document as a template for my own work, and it's the better for it.
Since then, I've insisted on flying 787s whenever possible, because I'm certain that the engineering effort that has gone into those things is about as good as humanly possible.
Das Posting wurde vom Benutzer editiert (09.08.2019 09:01).