The aviation industry increasingly operates high-technology planes that require sophisticated systems and programs. These, in turn, are vulnerable to hacking.
For instance, most planes use Automatic Dependent Surveillance-Broadcast, which sends unencrypted data on a plane’s position. This data could be tampered with by an ill-intentioned person who could alter the real positioning of an aircraft.
In 2015, the hacker Chris Roberts claimed that he was able to access critical plane functions, including the engine, via the entertainment system of the plane.
The Government Accounting Office has also identified several vulnerabilities related to the information systems used by air traffic control.
My point is that information systems and computer programs used by the aviation industry were developed to respond to performance challenges rather than security issues. Therefore, the design of aviation information systems presents vulnerabilities that can be exploited by hackers and jeopardize safety of aircraft and air traffic control.
NOT QUITE AS SAFE AS WE ASSUME
The problem is that by limiting our measurement of security to fatal incidents, we narrow our appraisal of risk. Aviation from this perspective appears to be very secure. Crashes, after all, are rare events.
However, I would argue that if you take into account all the nonfatal incidents, which most people are not aware of, then the actual risk of accident in the airline industry is higher.
Frederic Lemieux does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond the academic appointment above.