A hackers first solo: airplane avionics security 101

Speakers – Ken (@TheKenMunroShow) and Alex (@alexlomas)

Synopsis

An airplane is a complex mix of legacy components and custom protocols, generally obscured from security researchers as a result of the high barriers to entry and safety-critical requirements.

As a result, little is known in the research community about airplane security. The little that does make it in to the public domain is generally full of FUD; the media are understandably excited about such stories and independent researchers are rarely aware of the security controls that can mitigate some attacks.

We will lift the lid on airplane network and avionics security. This is a 101 primer for aviation security: understand the network surface on an airplane, the protocols involved, the components and how they interface with each other and ground systems, plus potential routes that attackers might take & how to lock them down.

We will also be running hands-on avionics hardware security workshops during the aviation village. Learn from reverse engineers and understand how aviation components interact.

About the Speakers

Alex Lomas / @alexlomas

Alex is a light aircraft pilot and hardware reverse engineer with a keen interest in commercial avionics security. He started in this space by securing access to a number of end-of-life airframes & investigating / reverse engineering the avionics hardware and network protocols that manage, for example, flight surface control movement.

Ken Munro / @thekenmunroshow

Ken is also a pilot, but generally more accident-prone. He started out in infosec after miserably failing his commercial pilot written exams and deciding that pwning planes was probably safer for all involved than him flying them.

He looks after vulnerability disclosure at Pen Test Partners, trying to influence industry good practice and government policy around aviation, automotive & IoT security.