View Feed
group-icon
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12940 Members
Join this group to post and comment.
Ankita Katdare
Ankita Katdare • Nov 11, 2014

Wireless Devices & Apps Used By Casual Pilots For Data & GPS Vulnerable To Security Attacks

Researchers from University of California, San Diego Jacob School of Engineering and Johns Hopkins University have teamed up to present a study that shows how the wireless devices and apps used during private flights by casual pilots are vulnerable to a number of security attacks. The engineers & computer scientists were able to showcase how attackers could access & manipulate safety-critical real-time information to cause severe harm to the flight, only because several secure design practices were not followed while designing them. To demonstrate their findings, the researchers used a combo of apps & devices generally used by private pilots. These include the Garmin GDL 39 receiver-Garmin Pilot app, the Appareo Stratus 2 receiver-ForeFlight app (one of the top grossing apps on App Store) and the SageTech Clarity CL01-WingX Pro7 app.

wireless-device-casual-pilot-hacking-2 wireless-device-casual-pilot-hacking-1

These devices are usually paired with iPads (or other tablets) to display the information for the casual pilots. This information generally includes data about the weather, current position, direction indications, airspace restrictions and the location of nearby aircrafts. During their study, the computer scientists found that all there combinations of wireless devices and apps had significant safety loopholes. For instance, two of the systems can allow the attacker to completely replace the firmware or downgrade it, which means the attacker could gain control of the program that operates these devices. Moreover, all the three aforementioned devices let the hacker/attacker meddle with the communication between receiver and tablet.

wireless-device-casual-pilot-hacking-3

This just goes on to say that if attacked, the results could be disastrous. For example, if the pilot receives incorrect aircraft position on his tablet during flight in poor weather conditions, it could collide with another aircraft or crash down. The researchers went on to propose the different practices that can be followed for secure design of the apps and wireless devices used by casual pilots. Some of them are - using cryptography to secure communication between the tablet and the receiver and pairing them, requiring user acknowledgement before updating firmware, downloading of data such as maps & location using HTTPS or digitally signatures by the vendor.

We could only hope that the developers of these systems are taking note and performing the necessary measures required to secure these vital systems for casual pilots. Interested people can take a look at the the research paper submitted by the team. What are your thoughts on the new study? Share with us in comments below.

Source: UC San Diego Research
its really informative even i'll try to follow these rules when i am working on my products(medical life support devices)

Share this content on your social channels -