Airplanes rely on CANbus, a protocol designed in the 1980s with no adversarial threat modeling. Any device on that taps into that bus can send commands to any other device, which will happily execute them - without authentication or authorization other than presence on the bus.

For instance, we know cars’ engine, steering, and brakes, which use CANbus, can be controlled by sending commands from the radio. This should never happen in normal circumstances, yet it’s possible under adversarial conditions because of the CANbus architecture.

Of course in the 1980s that wasn’t a huge concern because anyone who could tamper with the wiring in your car could cut your brake lines too. So threats to drivers, passengers, and pedestrians through the CANbus were dismissed by industry. And rightly so.

Fast forward to 2010 when cars are connected to the internet and you can control a car remotely. This is when alarm bells should have been going off for the auto industry to put long-term fixes in place.

Narrator: They didn’t. autosec.org/publications.h…

Now it’s 2013. @0xcharlie and @nudehaberdasher presented their research showing that when plugged into the CANbus they could control the car. Again, no one in industry was shocked because the system was DESIGNED this way. ioactive.com/pdfs/IOActive_…

So when in 2015, when @0xcharlie and @nudehaberdasher killed @a_greenberg’s engine on video, the public and policymakers lost their minds. They felt unsafe and lied to. Automakers violated their trust.

In 2019, aftermarket afterthought cybersecurity products add a few billion dollars to the cost of cars...so we don’t have to FIX the actual problem. Good for VCs. Bad for public safety and the economy (see also, the broken window fallacy). marketsandmarkets.com/PressReleases/…

Don’t get me wrong, better car architectures, such as AutoSAR, exist And are being very slowly being rolled out. And things like FlexRAY can help replace CANbus. But it’ll still be DECADES before all cars on the road have these. autosar.org

News today that planes use the highly vulnerable CANbus protocol and the aviation industry reaction was reminiscent of the auto industry in 2010. That’s disappointing. It’s one more in a series of turning points for the aviation industry. apnews.com/6219f26c3ea145…

Using the computer and auto industries as guides, we know what’s in store for the aviation industry if they follow this track. A few more years in denial, delaying the inevitable. Then an existential crisis they can’t avoid. A scramble to respond, while taking a beating in press.

Settling into a steady state where they support a new dependent and intertangled industry, adding $billions to the cost of air travel and air freight. If that’s not the future the industry wants, perhaps there’s a better way...

Collaboration with security researchers fixed problems earlier than they would have been, with sustainable and inexpensive approaches. We offer that olive branch at the @AviationVillage. Not too late to come out to @defcon this year. aviationvillage.org