Boeing to ensure 787's flight control system can't be hacked by passengers

In a notification published in the Federal Register on Jan. 2, FAA said the Seattle-based aircraft builder must address this concern before the new jet, called the "Dreamliner," is certified for commercial use beginning in July.

However, the federal agency has not implemented a request from the Air Line Pilots Association (ALPA) that Boeing provide 787 flight crews with the means to disable passengers' ability to connect with the aircraft's computer system.

The computer network in the passenger compartment of the 787-8 aircraft is the first in the industry designed to give passengers in-flight web access, but it also is connected to the plane's control, navigation and communication systems, according to the FAA notification.

"These novel or unusual design features are associated with the connectivity of the passenger domain computer systems to the airplane's critical systems and data networks. For these design features, the applicable airworthiness regulations do not contain adequate or appropriate safety standards for protection and security [of systems and networks] against unauthorized data," the notification stated.

In its Jan. 2 report, the FAA issued final "special conditions" for certification of the 787 requiring Boeing to ensure that the aircraft's design prevents "all inadvertent or malicious changes to, and all adverse impacts upon, all systems, network, hardware, software and data in the Aircraft Control Domain and in the Airline Information Domain from all points within the Passenger Information and Entertainment Domain."

The FAA, which has been soliciting industry comments on the proposed special conditions since April, did not require Boeing to implement an urgent request from the ALPA "that a backup means must also be provided for the flight crew to disable passengers' ability to connect to [specific flight control] systems."

The FAA instead noted that its conditions do not preclude Boeing from building in a manual or automatic override, and said it "would prefer not to dictate specific design features to [Boeing] but rather to allow [it] the flexibility to determine the appropriate security protections and means to address all potential vulnerabilities and risks posed by allowing this access."

Boeing's main competitor, Airbus, also commented on the proposed conditions, stating that they failed to precisely define the three domains governed by the 787's computer system and that the conditions imply a "zero tolerance" regarding breaches that would be "impossible" to comply with during the life cycle of the aircraft "because security threats evolve...rapidly."

According to the FAA notification, Airbus preferred "a less categorical requirement which allows more flexibility and does not prevent possible residual vulnerabilities if they are assessed as acceptable from a safety point of view."

FAA said in the notification that it will be working closely with EUROCAE (European Organisation for Civil Aviation Equipment) and RTCA (formerly the Radio Technical Commission for Aeronautics) to develop additional aircraft network-security guidelines for a compliance standard on future aircraft certification programs.