Wednesday, January 02, 2013

America's Drones - a Cautionary Tale for F-35 Customers

American drones have an enormous vulnerability, their absolute dependence on computer code that can be easily hacked.   This is suspected to have resulted in Iran's capture of a Lockheed RQ-170 stealth drone in December, 2011.

Something even more code dependent is the F-35.  It requires no less than 9-million lines of code to operate, more than double that of its stealth Big Brother, the F-22.   A considerable portion of that code is believed to have already been hacked out of Defense Department and contractor computers and the Chinese are the prime suspect.

The control algorithms for these crucial machines are written in a fundamentally insecure manner, says Dr. Kathleen Fisher, a Tufts University computer scientist and a program manager at the Defense Advanced Research Projects Agency. There’s simply no systematic way for programmers to check for vulnerabilities as they put together the software that runs our drones [or F-35s], our trucks or our pacemakers.
In our homes and our offices, this weakness is only a medium-sized deal: developers can release a patched version of Safari or Microsoft Word whenever they find a hole; anti-virus and intrusion-detection systems can handle many other threats. But updating the control software on a drone means practically re-certifying the entire aircraft. And those security programs often introduce all sorts of new vulnerabilities. “The traditional approaches to security won’t work,” Fisher tells Danger Room.
Fisher is spearheading a far-flung, $60 million, four-year effort to try to develop a new, secure way of coding — and then run that software on a series of drones and ground robots. It’s called High-Assurance Cyber Military Systems, or HACMS.
Drones and other important systems were once considered relatively safe from hack attacks. (They weren’t directly connected to the internet, after all.) But that was before viruses started infecting drone cockpits; before the robotic planes began leaking their classified video streams; before malware ordered nuclear centrifuges to self-destruct; before hackers figured out how to remotely access pacemakers and insulin pumps; and before academics figured out how to hijack a car without ever touching the vehicle.
“Many of these systems share a common structure: They have an insecure cyber perimeter, constructed from standard software components, surrounding control systems designed for safety but not for security,” Fisher told a group of researchers earlier this year.
It’d be great if someone could simply write some sort of universal software checker that sniffs out any program’s potential flaws. One small problem: Such a checker can’t exist. As the computer science pioneer Alan Turing showed in 1936, it’s impossible to write a program that can tell if another will run forever, given a particular input. That’s asking the checker to make a logical contradiction: Stop if you’re supposed to run for eternity.

The F-35 stealth technology is threefold.  It comprises radar absorbing materials, radar deflecting shapes and a highly complex electronics suite.   The F-35 also has an ultra-sophisticated sensor suite to enable it to monitor the battle space in a 360-degree arc without resorting to active, telltale emitters.   The Chinese, who have filched so much F-35 code and the electronics from the drone Iran captured, figure they can use the bomber's sensor windows to hack the aircraft's computers and crash them to the ground.   And we'll probably never know about it until they begin falling out of the sky.

But, never fear, the military will remain vigilant against that sort of thing, won't they?  Well, maybe not.

Officials at Creech Air Force Base in Nevada knew for two weeks about a virus infecting the drone “cockpits” there. But they kept the information about the infection to themselves — leaving the unit that’s supposed to serve as the Air Force’s cybersecurity specialists in the dark. The network defenders at the 24th Air Force learned of the virus by reading about it in ['s] Danger Room.
The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.
It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”


Anonymous said...

Lockheed Martin admitted in 2011 that their computer systems had been compromised. So it is possible that the entire F-35 code base was stolen. And once that happens, the ballgame is over. The only way to ensure the security of the F-35 code would be to start again with a blank piece of paper. And it would take at least a decade to recreate functional secure code.

This is just one more reason why Canada should run, not walk, away from the F-35 project.

The Mound of Sound said...

They don't have to steal it all. Even substantial chunks are enough to reveal almost everything. Yes, Lockheed was hacked. So was the US Defense Department. So too was BAE. Who can tell how much code was stolen or what use it has been put to since then. Coupled with the materials and electronics harvested out of that RQ-170, just about anything is possible.

Take a look at China's new J-31. Google some images of it and you'll find them chilling.