Fatal Flaw Found in Aircraft Chip
In the dangerous world of computer hacking, two security experts from Cambridge have discovered a potentially fatal flaw in a computer chip of several aircraft like the massive Boeing 747: a back door program that may allow hackers to gain control of the chip through the internet.
With this revelation, the world should now be much more concerned about the threat and dangers of hackers and computer hacking. This discovery makes headlines at the same time as another story: the discovery of the powerful “Flamer” virus, which has been attacking several websites Iran, Syria and Saudi Arabia.
The discovery came to light after a paper was published by researchers Sergei Skorobogatov of Cambridge University and Chris Woods of Quo Vadis Labs. In the paper, the researchers say they have discovered a massive flaw in the computer chip used in several aircraft. The computer chip is manufactured by Actel, a US manufacturer.
“An attacker can disable all the security on the chip, reprogram cryptographic and access keys … or permanently damage the device,” they noted.
Woods has stated that they have given all the information they have regarding the hacking of the device to government control to ensure that it does not fall into the wrong hands. The response given by the government remains classified at this time.
“The real issue is the level of security that can be compromised through any back door, and how easy they are to find and exploit,” Woods said. At this time it is not clear how the back door got into the chip; it may have been placed there by Actel itself, whose ProASIC3 chip is used in medical, automotive, communications and consumer products, as well as military use.
Woods said that “a back door is an additional undocumented featured deliberately inserted into a device for extra functionality” – in effect, a secret way to get into the chip and control it.Crucially, in this case it exists as part of the design of the silicon chip – meaning that it cannot be removed because it is inherent in how the chip reacts to certain inputs. He suggested that it may have been put there by design by Actel, because there are some traces of the existence of such a back door in the system files of Actel development software.But, he said, that creates serious risks: “The great danger comes from the fact that such a back door undermines the high level of security in the chip making it exposed to various attacks. Although Actel makes a big claim that their devices are extremely secure because there is no physical path for the configuration data to be read to the outside world, a back door was added with a special key to circumnavigate all the security set by themselves or one of their users.”
Connecting to the chips would be comparatively easy over the internet if the chip is wired to an internet-enabled controller, he said. Normally a special cryptographic key would be needed, but the back door does not need an encrypted channel.
Among applications where the ProASIC3 are used are remote surveillance systems, drones, and for flight-critical applications on the new Boeing 787 Dreamliner.
Actel did not respond to requests for comment by the time of publication.