FAA is dismissing claims made by Hugo Teso, a German information technology consultant, that aircraft navigation systems can be hacked using a smartphone application and desktop computer.
Last week, during a cyber security conference in Amsterdamn, Teso, who is also a commercial pilot, demonstrated the ability to hack into a virtual airplane by sending radio signals to its flight-management system with an Android app called PlaneSploit. His demonstration was conducted in a simulated environment, hacking into a flight-management system (FMS) on a PC-based training simulator.
However, the system that Teso hacked into is not identical to actual in-flight systems that commercial airlines use, which are certified by FAA and EASA for carriers that operate under their authority.
"The FAA is aware that a German information technology consultant has alleged he has detected a security issue with the Honeywell NZ-2000 Flight Management System (FMS) using only a desktop computer. The FAA has determined that the hacking technique described during a recent computer security conference does not pose a flight safety concern because it does not work on certified flight hardware," a spokeswoman for FAA told Aviation Today in an emailed statement.
The EASA issued a similar statement saying that Teso’s system would not work in a real-world situation involving a commercial aircraft flight. Teso claimed that PlaneSploit, an app he developed, can exploit the aircraft’s autopilot system, allowing a hacker to alter the flight plan and essentially assume control of the plane’s flight path.
However, FAA reports that the technique described would not allow a hacker to use the FMS to prevent a pilot from overriding the aircraft’s autopilot system.
"The described technique cannot engage or control the aircraft’s autopilot system using the FMS or prevent a pilot from overriding the autopilot. Therefore, a hacker cannot obtain ‘full control of an aircraft’ as the technology consultant has claimed," FAA said.
Related: Commercial Avionics News