Wednesday, May 14, 2025
  • About us
    • Write for us
    • Disclaimer
    • Terms of use
    • Privacy Policy
  • RSS Feeds
  • Advertise with us
  • Contact us
DefenceTalk
  • Home
  • Defense News
    • Defense & Geopolitics News
    • War Conflicts News
    • Army News
    • Air Force News
    • Navy News
    • Missiles Systems News
    • Nuclear Weapons
    • Defense Technology
    • Cybersecurity News
  • Military Photos
  • Defense Forum
  • Military Videos
  • Military Weapon Systems
    • Weapon Systems
    • Reports
No Result
View All Result
  • Home
  • Defense News
    • Defense & Geopolitics News
    • War Conflicts News
    • Army News
    • Air Force News
    • Navy News
    • Missiles Systems News
    • Nuclear Weapons
    • Defense Technology
    • Cybersecurity News
  • Military Photos
  • Defense Forum
  • Military Videos
  • Military Weapon Systems
    • Weapon Systems
    • Reports
No Result
View All Result
DefenceTalk
No Result
View All Result
Home Defence & Military News Technology News Cybersecurity

Cyber vulnerability in networks used by spacecraft, aircraft and energy generation systems

by DefenceTalk
November 16, 2022
in Cybersecurity
3 min read
0
Cybersecurity for 2020 Elections a Top DoD Priority, General Says
14
VIEWS

A major vulnerability in a networking technology widely used in critical infrastructures such as spacecraft, aircraft, energy generation systems and industrial control systems was exposed by researchers at the University of Michigan and NASA.

It goes after a network protocol and hardware system called time-triggered ethernet, or TTE, which greatly reduces costs in high-risk settings by allowing mission-critical devices (like flight controls and life support systems) and less important devices (like passenger WiFi or data collection) to coexist on the same network hardware. This blend of devices on a single network arose as part of a push by many industries to reduce network costs and boost efficiency.

That coexistence has been considered safe for more than a decade, predicated on a design that prevented the two types of network traffic from interfering with one another. The team’s attack, called PCspooF, was the first of its kind to break this isolation.

In one compelling demonstration, the team used real NASA hardware to recreate a planned Asteroid Redirection Test. The experimental setup controlled a simulated crewed capsule, specifically at the point in the mission when the capsule prepared to dock with a robotic spacecraft.

“We wanted to determine what the impact would be in a real system,” said Baris Kasikci, the Morris Wellman Faculty Development Assistant Professor of Computer Science and Engineering. “If someone executed this attack in a real spaceflight mission, what would the damage be?”

With one small malicious device, the team was able to seamlessly introduce disruptive messages to the system, creating a cascading effect that ended in the capsule veering off course and missing its dock entirely.

Here’s how it works: The attack emulates the network switches, which are high-stakes traffic controllers in TTE networks, by sending out fake synchronization messages. These messages are normally intended to keep network devices running on a shared schedule, allowing the most important devices to communicate quickly.

“Normally, no device besides a network switch is allowed to send this message, so in order to get the switch to forward our malicious message, we conducted electromagnetic interference into it over an Ethernet cable,” said Andrew Loveless, U-M doctoral student in computer science and engineering and subject matter expert at the NASA Johnson Space Center.

That interference serves as an envelope for the fake synchronization message. The noise causes just enough of a gap in the switch’s normal operation to allow the message to pass through. An easily concealed bit of circuitry on a malicious device, connected to the network via Ethernet, can inject these messages as many times as necessary to throw everything out of whack.

“Once the attack is underway, the TTE devices will start sporadically losing synchronization and reconnecting repeatedly,” Loveless said.

This disruption will gradually lead to time-sensitive messages being dropped or delayed, causing systems to operate unpredictably and, at times, catastrophically. But the researchers explain how to prevent this attack, too.

Replacing copper Ethernet with fiber optic cables or installing optical isolators between switches and untrusted devices would eliminate the risk of electromagnetic interference, though this would come with cost and performance tradeoffs. Other options involve changes to the network layout, so that malicious synchronization messages can never access the same path taken by the legitimate ones.

“Some of these mitigations could be implemented very quickly and cheaply,” Kasikci said.

The team disclosed their findings and proposed mitigations to major companies and organizations using TTE and to device manufacturers in 2021.

“Everyone has been highly receptive about adopting mitigations,” Loveless said. “To our knowledge, there is not a current threat to anyone’s safety because of this attack. We have been very encouraged by the response we have seen from industry and government.”

Full report in PDF

Tags: cybersecurityindustrial control systemsnetwork securityvulnerability
Previous Post

Sweden to send military, humanitarian aid to Ukraine

Next Post

Poland blast was likely caused by Ukraine air defence: Belgian defence minister

Related Posts

Air Force Research Lab Announces MUOS Satellite Communications Testing in Antarctica

Trojan Horses in Space: Cyber Threats Hidden in Satellite Networks

April 8, 2025

Most of us like satellites. They power our televisions. Allow us to find our way home from anywhere on the...

Chatbot vs national security? Why DeepSeek is raising concerns

Chatbot vs national security? Why DeepSeek is raising concerns

February 17, 2025

Chinese AI chatbot DeepSeek upended the global industry and wiped billions off US tech stocks when it unveiled its R1...

Next Post

Poland blast was likely caused by Ukraine air defence: Belgian defence minister

Latest Defense News

Trump announces ‘full and immediate’ India-Pakistan ceasefire

Trump announces ‘full and immediate’ India-Pakistan ceasefire

May 10, 2025
Pakistan says Indian missiles strike air bases as conflict spirals

Pakistan says Indian missiles strike air bases as conflict spirals

May 10, 2025
J-10C fighter jet

Pakistan says India has brought neighbours ‘closer to major conflict’

May 9, 2025
North Korea fires multiple suspected cruise missiles

North Korea fires flurry of short-range ballistic missiles

May 9, 2025
China says ‘closely watching’ Ukraine situation after Russian attack

China vows to stand with Russia in face of ‘hegemonic bullying’

May 9, 2025
Israeli Harop Drone

Pakistan shoots down 25 Indian drones near military installations

May 9, 2025

Defense Forum Discussions

  • United States Defense Thread
  • German Navy
  • Royal New Zealand Navy Discussions and Updates
  • Indonesia: 'green water navy'
  • The Russian-Ukrainian War Thread
  • Indo-Pakistani Tensions (2019 & Beyond)
  • Royal Australian Navy Discussions and Updates 2.0
  • USAF News and Discussion
  • Russia - General Discussion.
  • 6th Generation Fighters Projects
DefenceTalk

© 2003-2020 DefenceTalk.com

Navigate Site

  • Defence Forum
  • Military Photos
  • RSS Feeds
  • About us
  • Advertise with us
  • Contact us

Follow Us

No Result
View All Result
  • Home
  • Defense News
    • Defense & Geopolitics News
    • War Conflicts News
    • Army News
    • Air Force News
    • Navy News
    • Missiles Systems News
    • Nuclear Weapons
    • Defense Technology
    • Cybersecurity News
  • Military Photos
  • Defense Forum
  • Military Videos
  • Military Weapon Systems
    • Weapon Systems
    • Reports

© 2003-2020 DefenceTalk.com