Hacking The Planet: An Intro to Avionics Security

hi i'm caitlin this is my talk hacking the planet intro to avionics security uh my twitter handle is a zero x 2060 it's in the corner hi a little bit about me uh i'm caitlin i've been working in investing for nearly two years now and my one of my main hobbies is aerospace and computer security i've been fascinated by aerospace or anything in my space ever since like interstellar came out in 2014. one of my plans after the pandemic ends is to finally take flying lessons i want to get like my sports pilot license uh this talk will be about the security and cryptography of the onboard computer systems on aircraft uh what side channel attacks are in some

hardware security this talks about a really specific job field in the aerospace industry uh lots of large aerospace companies in the us that do defense contracting have engineers that are dedicated to this type of hardware security some vocabulary avionics by definition are the electronic systems on aircraft and satellites anything that goes way up in space uh crypto systems are defined as a pair of algorithms such as encryption and decryption um side channel attacks they are defined as attacks that are based on the implement information gained from the implementation of a computer system to derive the secret key this is intro to avionics uh this is a diagram of all the different computer systems on on an aircraft

from power systems to fuel management systems through navigation and guidance and instrumentation and data the dcu which is like i would call it like the big brain of a aircraft is uh it sensor data concentrated unit it basically takes all that data that you see below it and it concentrates into one area intro to cryptography this is one of my favorite things in the world um right next to like satellites in space uh cryptography it's you know it's a it's can be described as a way of encoding and decoding messages there are two types uh symmetric and asymmetric also known as public key there are several types of graphic attacks um password cracking which i'm sure we're

all familiar with uh collision attacks birth attacks uh pictured is alan during if you're not familiar with him he's known for cracking the enigma machines during world war ii and he's basically like the father of computer science uh i included some diagrams of asymmetric and symmetric key encryption for those that might need a better time visualizing it side channel attacks these uh side channel attacks are hardware crypto analytic attacks that exploit the physical behavior of a system such as timing power consumption and electromagnetic magnetic emissions

other types of psi channel attacks include power analysis talks this is basically what a side channel attack is uh it's not a very good diagram but i thought it gets the information across

attacks side channel attacks are performed with an oscilloscope and a computer the oscilloscope is to capture any traces that a computer might emit a computer or any sort of system uh power analysis attacks these attacks are done by examining the power syst the power consumed by a device running a cryptographic algorithm so every time there are two types of power well there's two main types of power analysis attacks there's simple apparent analysis and differential power analysis simple power analysis these kind of attacks uh they recover a single could a single key from one transaction uh they require a strong signal close proximity to a target device and they're usually based are usually applied to pub like key cryptography systems um

these kind of attacks uh they can reveal a sequence of instructions executed by a machine and uh this kind of attacks uh these whole power analysis it's very math heavy um lots of big brain concepts uh there it's usually upsets that of electrical engineering if you've ever studied engineering in college uh this graph here it's a it's a model of a single simple power analysis attack it's exploiting a power trace and in the rsa algorithm

next type of power analysis attack that i'll be going over is a differential power analysis a dpa they're a form of side channel attacks that monitor variations in the electrical power consumption or the electromagnetic emissions of a target device these attacks uh they measure different parts of the chip to recover the key these attacks are a lot more powerful than some single power analysis and then uh they're also a lot harder to prevent um this is a simple representation of the dpa attack um like i said this is a very math heavy concept um i just think it's super cool um but i won't be going over the this all this information in the slide but um it'll be

left in my slide deck if you want to check it out for later uh so back to avionics uh what is shown here is called an fpga field programming rule gate array they're everywhere um more in fpga uh these chips they're integrated circuits they're used in all right away and of systems um such as avionics encryption uh super computers probably cars i mean your bridge probably has one as well i wouldn't be surprised they're everywhere they're in a lot of applications these integrated circuits uh they're considered secure due to the code customization it allows for um my analogy for bliss if you have a hard time like understanding the concept i would consider it think of it as

buying a plain frosted cake at the grocery store and decorating it yourself that's the best analogy i can think of for it these chips are most commonly used in aerospace and they're used everywhere in avionics the main reason for fpgas being used as opposed to other chips is that adding hardware any additional hardware on an aircraft is really hard and given that the fact they're the most commonly used ones for that reason and also they're just a lot cheaper so back to avionics uh if you recall i used one of these graphs in my previous slides so think of all the applications that fpga chips have they're used in literally every part in in the computer system on flights

how does this all relate to aerospace big aerospace companies that do defense contracting in the us often have software engineers that work on these chips and on embedded cryptographic function functions and systems i thought it was a really cool field that no one knows about so i decided to do a talk about it like i said a lot of these concepts um they're pretty map heavy a lot of physics um i could do like an entire talk on like probably differential power and analysis alone but i just wanted to do a broad overview of this talk today um to get to kind of like understand uh what side channel attacks are and how that relates to avionics

and yeah this is my talk uh my twitter handle up below is xerox 2060. uh you can follow me but uh yeah this is uh the end of my talk so thanks very much for that and one question if you don't mind so with the future of avionics security being pretty important how do you feel the industry and the attention does the industry give it enough attention compared to other areas of security because yeah if you took an aircraft out of the air obviously there's going to be a lot more collateral damage to life than it would be if you knocked off some systems on the ground so do you feel the industry gives it enough attention

or do you think there's a lot more attention should be given to and maybe what way it's going uh for aerospace as a whole i would say there's not much attention to this i think primarily the bulk of money and time that goes into this is for the defense uh contractors or companies that do defense okay thank you and we have another question here actually um do you come across much more analog systems versus digital in avionics oh you know that's a good question that i have not really considered um i'd say like the there's a big shift in moving towards um electronic uh well digital systems versus analog for airplanes especially in defense i'm sorry i can't really answer your

question but that was my best answer that i could give you yeah that's no problem at all and so i i don't think there's any more questions there so um i think a few minutes are left so um if there's no more questions then i think we'll wrap it up then if that's all right okay all right thank you very much for your time kevin appreciate it