Cyber vulnerability in networks used by spacecraft, aircraft and energy generation systems (Image Credit: Space war)
A major vulnerability in a networking technology widely used in critical infrastructures such as spacecraft, aircraft, energy generation systems and industrial control systems was exposed by researchers at the University of Michigan and NASA.
It goes after a network protocol and hardware system called time-triggered ethernet, or TTE, which greatly reduces costs in high-risk settings by allowing mission-critical devices (like flight controls and life support systems) and less important devices (like passenger WiFi or data collection) to coexist on the same network hardware. This blend of devices on a single network arose as part of a push by many industries to reduce network costs and boost efficiency.
That coexistence has been considered safe for more than a decade, predicated on a design that prevented the two types of network traffic from interfering with one another. The team’s attack, called PCspooF, was the first of its kind to break this isolation.
In one compelling demonstration, the team used real NASA hardware to recreate a planned Asteroid Redirection Test. The experimental setup controlled a simulated crewed capsule, specifically at the point in the mission when the capsule prepared to dock with a robotic spacecraft.
“We wanted to determine what the impact would be in a real system,” said Baris Kasikci, the Morris Wellman Faculty Development Assistant Professor of Computer Science and Engineering. “If someone executed this attack in a real spaceflight mission, what would the damage be?”
With one small malicious device, the team was able to seamlessly introduce disruptive messages to the system, creating a cascading effect that ended in the capsule veering off course and missing its dock entirely.
Here’s how it works: The attack emulates the network switches, which are high-stakes traffic controllers in TTE networks, by sending out fake synchronization messages. These messages are normally intended to keep network devices running on a shared schedule, allowing the most important devices to communicate quickly.
“Normally, no device besides a network switch is allowed to send this message, so in order to get the switch to forward our malicious message, we conducted electromagnetic interference into it over an Ethernet cable,” said Andrew Loveless, U-M doctoral student in computer science and engineering and subject matter expert at the NASA Johnson Space Center.
That interference serves as an envelope for the fake synchronization message. The noise causes just enough of a gap in the switch’s normal operation to allow the message to pass through. An easily concealed bit of circuitry on a malicious device, connected to the network via Ethernet, can inject these messages as many times as necessary to throw everything out of whack.
“Once the attack is underway, the TTE devices will start sporadically losing synchronization and reconnecting repeatedly,” Loveless said.
This disruption will gradually lead to time-sensitive messages being dropped or delayed, causing systems to operate unpredictably and, at times, catastrophically. But the researchers explain how to prevent this attack, too.
Replacing copper Ethernet with fiber optic cables or installing optical isolators between switches and untrusted devices would eliminate the risk of electromagnetic interference, though this would come with cost and performance tradeoffs. Other options involve changes to the network layout, so that malicious synchronization messages can never access the same path taken by the legitimate ones.
“Some of these mitigations could be implemented very quickly and cheaply,” Kasikci said.
The team disclosed their findings and proposed mitigations to major companies and organizations using TTE and to device manufacturers in 2021.
“Everyone has been highly receptive about adopting mitigations,” Loveless said. “To our knowledge, there is not a current threat to anyone’s safety because of this attack. We have been very encouraged by the response we have seen from industry and government.”
Research Report:PCspooF: Compromising the Safety of Time-Triggered Etherne
Related Links
University of Michigan
Cyberwar – Internet Security News – Systems and Policy Issues
|
Tweet |
|
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook – our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don’t have a paywall – with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution. |
||
SpaceDaily Contributor $5 Billed Once credit card or paypal |
SpaceDaily Monthly Supporter $5 Billed Monthly paypal only |
Apple limits file-sharing for Chinese iPhone users after anti-govt protest
Beijing (AFP) Nov 10, 2022
Apple limited file-sharing for Chinese iPhone users Thursday, a month after reports that anti-government protesters were using the function to share digital leaflets with strangers.
Under the update to the AirDrop function, users of smartphones sold by Apple in China can only opt in to receive files from non-contacts during a 10-minute window before it automatically shuts off. The feature did not previously have a time limit.
The update, rolled out in the operating system released overnight, mak … read more