Boeing 747's First Commerical Flight 40 Years Ago: Hacking Concern on 747-8?

Forty years ago today, the Boeing 747 took its first commercial flight flying Pan Am colors (it had its first flight less than a year before). A story in the Los Angeles Times says that while official histories put the flight as occurring of the 21st of January (today), the actual flight from New York's John F. Kennedy International Airport to London's Heathrow Airport really took place on the 22nd of January because the flight was delayed by six and a half hours.

More than 1,400 747s have been built, with 250 of those being the original 747-100 version.

Today, Boeing is hoping to execute the first flight of its new 747-8 Intercontinental and Freighter versions sometime before the end of March.

However, as Bob Brewin at NextGov and a few other blogs noticed, the Federal Aviation Administration (FAA) put out a little noticed item that was published in the Federal Register on the 15th of January. It may not mean anything, since a similar notice was posted for the Boeing 787, but it may also mean another hiccup for an already somewhat troubled aircraft development.

It stated that the new Boeing 747-8:

 "... will have novel or unusual design  features associated with the architecture and connectivity capabilities  of the airplane's computer systems and networks, which may allow access to external computer systems and networks. Connectivity to external systems and networks may result in security vulnerabilities to the  airplane's systems.The applicable airworthiness regulations do not contain adequate or appropriate safety standards for these design features."

The FAA goes on to say that,

"The architecture and network configuration may be used for, or interfaced with, a diverse set of functions, including:

  1. Flight-safety related control, communication, and navigation systems (aircraft control domain),
  2. Airline business and administrative support (airline information domain),
  3. Passenger information and entertainment systems (passenger entertainment domain), and
  4. The capability to allow access to or by external network sources."

Does this mean that all these different 747-8 systems are fully interconnected and are able to pass data to one another? Any Risk Factor reader know for certain?

As of a result of the "novel or unusual design features", the FAA says it has imposed special conditions that contain additional safety standards that the FAA Administrator considers necessary to establish a level of safety equivalent to that established by the existing airworthiness standards.

Boeing must ensure electronic system security:

"for the aircraft control domain and airline information domain from access by unauthorized sources external to the airplane, including those possibly caused by maintenance activity."

and

"threats from external sources are identified and assessed, and that effective electronic system security protection strategies are implemented to protect the airplane from all adverse impacts on safety, functionality, and continued airworthiness."

 Again, this may not be a big deal, but it is noteworthy.

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement