El Al CISO: We took apart cyber systems of the 787 to determine whether they have points of failure 

In a panel on aviation in the cyber age at Wednesday's joint event by Cybertech and Fortinet, a discussion was held on the question of how to secure the supply chain in the aviation market. According to the National Cyber Directorate, there are two main threats – a shutdown of the airport, and a plane crash 

El Al CISO: We took apart cyber systems of the 787 to determine whether they have points of failure 

Photo: Cybertech

A panel on aviation in the cyber age moderated by Tamir Goren, director of special technologies at the Israel National Cyber Directorate, was held at Wednesday's joint event held by Cybertech and Fortinet. The other participants were Asaf Levy, CISO of El Al; Rubi Arbel, CEO, Security Scribe; and Zohar Ben-David, head of the aviation section of the National Cyber Directorate.   

Levy: "We took apart systems of the 787 to determine whether they have points of failure, and we are talking to Boeing (about it). We are trying to understand how the updates are carried out. In general, the update is done with a laptop that connects to a system of the plane. One of the things that we did is to reinforce the computers with which you connect to the plane. We also receive logs from the plane to understand what happens during every flight." 

"We have a big budget for defense of operational technology (OT), and we used part of it for defense of facilities and adoption of cyber elements. Every interaction involving the plane is monitored. There are planes that can broadcast data via satellites for maintenance purposes, and we examine that. We have continuous penetration tests for OT and IT. El Al emphasized the cyber aspects of the 787 even before I started working at the company. At the end of 2019, Boeing (staff) came to check what had been done in Israel in order to learn from it."      

"When you update the plane, you come from the direction of IT. If the companies that send updates are hacked, it could be a problem. Even the suppliers who are connected to you have an influence on your systems." 

Arbel: "Developed countries are aware of security in code, but that being said, it's difficult to make changes in code for airplanes. It's not an issue of awareness, but of real difficulty to update or change the code in airplanes."  

Ben-David: "There are two main threats – a shutdown of the airport, and a plane crash. As part of the Hercules project, it is not possible to defend everything. Among dozens of systems in the airport's supply chain, we needed to choose the important ones and defend them. The airport needs the support of the manufacturers. They are international, and as far as they are concerned, we are just a small dot on the map.     

"In the context of planes, every plane engine is a small factory. Every engine sends data on the status of its components to the manufacturer, and receives responses in the radio frequency spectrum. We also check whether these units are defended. In order to down a plane via cyber, superpower capabilities are needed. It's not easy." 

You might be interested also