Pen Test Partners: Boeing 747 walk through, from a hacker’s perspective
The Boeing 747 is one of the best known and most popular airliners of all time. Designed in the 1960s and entered service in 1970, it was the largest airliner in the world in terms of passenger capacity for 37 years, until the arrival of the Airbus A380 in 2007.
Recently, British Airways decommissioned its fleet of 747s and a cybersecurity company, Pen Test Partners, had the opportunity to explore the operation of a 747-400 up close.
In an online conference held during the DEF CON many technical details of the inspection were presented, below are some highlights:
- The navigation database is updated every 28 days, using 3.5-inch diskettes [1]
- The "server-room" is located beneath the floor of the lower passenger deck
- Cabling is almost all Ethernet, but used in a different way from normal computer networks, according to the ARINC 629 standard
- The OS is a real-time VxWorks, which is used in a number of airliners' internal networks
Pen Test Partners' analysts published a video containing a detailed exploration of 747's systems, including the 3.5 floppy disk:
Are you surprised by backwardness of Boeing 747's systems? It gets worse: Boeing 787s, far more modern than 747s, need to be turned off and on every 51 days [2], otherwise the flight system, filled up with old data, could provide misleading information to pilots!