Can the F-35 be hacked ?

falnorcon16 · by **falnorcon16** » 27 Mar 2011, 06:35

F 35: Computer Hacked?

From what I understand, the F 35 is basically a flying computer. Now, I might be silly to ask this question, but can they be hacked down / crashed by an enemy ?

Do they have a defence system installed against this, or is the thought to far fetched ?

1st503rdsgt · by **1st503rdsgt** » 27 Mar 2011, 06:46

I've heard whispers that it is possible (from Wired maybe?), but that the F-22 is safe because no one in China knows 1980s period code.

Prinz_Eugn · by **Prinz_Eugn** » 27 Mar 2011, 07:21

How would you introduce malicious code?

Not that easy.

spazsinbad · by **spazsinbad** » 27 Mar 2011, 08:24

Might be of interest:

Safety- and security-critical avionics software Feb 1, 2011

http://www.militaryaerospace.com/index/ ... tware.html

alloycowboy · by **alloycowboy** » 27 Mar 2011, 10:23

You could try, but accidents will happen!

neptune · by **neptune** » 27 Mar 2011, 17:56

spazsinbad wrote:../safety-and-security-critical-avionics-software...

Great article and can't wait to get to the office tomorrow, to finish the read.

No! :!:

1- In the air. The F-35 or other "computer a/c" cannot be hacked. The data streams into and between a/c systems are encrypted. That having been said, the tactical communications between a/c is line-of-sight (los). Thus, not having the encryption code and the mode of communications and the components of the communications and the "los", you can't get there, from here!

2- On the ground. The computer systems are increasingly being isolated thru a technique being implemented by several companies including LM. LM's advertised product is “IronClad" (http://www.lockheedmartin.com/products/ironclad/). In a nutshell; it only allows programs approved and operated by LM on the computer and no modification of the code is allowed to write in the computer by LM . Neat concept, that is secure from hacks. Further, it identifies and rejects any device (hacked) that is not validated by LM.

Meteor · by **Meteor** » 27 Mar 2011, 18:13

Can high tech military systems be hacked? Sure, anything "can" be hacked. The question is how difficult is it to accomplish. Most modern systems, (AEGIS cruisers, Predator UAVs, even F-16s), require two things on a regular basis; software updates and connectivity. Both updates and connectivity open up avenues to introduce accidental or malicious programming into internal networks and systems.

When I was flying the '16 we even had software updates to reprogram the flight control laws for aircraft on the flightline. Think of the consequences of some entity introducing a Stuxnet type virus into flight control laws. These programs could actually be installed during periodic updates and remain dormant until some triggering event. The other avenue is through the connectivity of all modern systems. AESA radars are designed to scoop up all RF energy out there, but also to inject algorithims into target systems for exploitation or control. We and are allies are busy doing this, as is evidenced by the Israeli takedown of the Syrian IADS not too long ago.

The bad guys are also doing this. Note that some of the best programming in the world resides in India, China, and Russia. Not too long ago the Russians electronically took down one of the Baltic states, and then Georgia during that conflict. China regularly invades US industrial and defense networks, and apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks. I would not be at all surprised if the US were to suddenly have massive command and control disruptions if faced with a confrontation with a major power such as the Chinese or Russians. Along the same lines, I would not be surprised if data links between aircraft and missiles and UAVs were also compromised. I know that we work on disrupting aircraft to missile update links. I'm sure that the bad guys are working the same issues against us. What happens if the bad guys have discovered a weak spot in the AIM-120 links? The BVR capability of the F-15, -16, -18, -22, and -35 would all be negated. Possible? Sure. Likely? Who knows?

spazsinbad · by **spazsinbad** » 27 Mar 2011, 19:14

Meteor said: "...apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks."

My question: Where is proof of this statement please. Thanks. I can recall some 'not so classified online data' was compromised but recall reading that 'classified' data is NOT online or otherwise on highly secure networks that are not able to be compromised.

VarkVet · by **VarkVet** » 27 Mar 2011, 19:54

When I started working A-10’s in 1980, she only had one computer (SAS)
This hacking sh*t is scary!
:shock:

Meteor · by **Meteor** » 27 Mar 2011, 20:34

Spaz: You'll note that I wrote "apparently", because as a mere interested civilian observer I can't offer "proof" for classified information to which I have no access. However, a quick Google of "F-35 data compromise" will give you a lot of smoke, and where there is smoke, there is often fire. Among the articles:

http://online.wsj.com/article/SB124027491029837401.html

By the same token, I would not accept an LM statement that "nothing was compromised" as proof, either. It is interesting to note that LM did institute a massive upgrading of the JSF data security program immediately after the disclosure of the apparent breach.

Also rather ironic is the LM "Ironclad" security project that Neptune mentioned. The original "IronClads" were wooden warships with plates of iron bolted to their hulls to make them impervious to cannonballs. Remember the Monitor and the Merrimac? In the endless battle between offense and defense, armor piercing 16 inch shells soon made even the heaviest IronClads vulnerable. In a similar manner, the endless seesaw battle between offense and defense in the cyber spectrum makes all software potentially vulnerable and "hackable".

spazsinbad · by **spazsinbad** » 27 Mar 2011, 21:03

Meteor, I did take note of the 'apparently' and I'm still in the dark about details. Nature of Cyber Security/Warfare I guess. Just wanted you to clarify that phrase is all and you have done that. Thanks.

neptune · by **neptune** » 27 Mar 2011, 21:07

Meteor wrote:... rather ironic is the LM "Ironclad" security project...

excellent, thought so too!

I will stick with my position of No!

, until someone shows proof of "Yes?" :cry:

.

I do agree that a world of 10 million 12yr. olds with computers had best be more than "One" step ahead of the pack! :!:

DoD has a huge challenge ahead of keeping a/c safe from hackers and I believe that as long as they can't break into the RF systems; then the Ironclad type stuff will keep some "dope" from plugging in a bad stick.

Security is a huge industry for those of us who sell non-internet systems and there is no "second place". :twisted:

No one cares about your fixing a system; once you let something in! :cry:

wrightwing · by **wrightwing** » 27 Mar 2011, 21:49

spazsinbad wrote:Meteor said: "...apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks."

My question: Where is proof of this statement please. Thanks. I can recall some 'not so classified online data' was compromised but recall reading that 'classified' data is NOT online or otherwise on highly secure networks that are not able to be compromised.

There was no compromise above FOUO level. The system that was hacked, was on the NIPR network.

munny · by **munny** » 28 Mar 2011, 04:35

Just because something contains a computer doesn't mean it's automatically susceptible to hacking. To break into the core of any system you need an interface to come in on. The only viable, contactable interfaces of an F-35 would be its various datalinks.
These datalinks would sanitize any data being sent to the main sensor processing apps, so while you could possibly send incorrect data to a communications channel causing some sensor weirdness, perhaps even cause that comms channel to fail, you wouldn't be able to get to the F-35's core systems and shut it down....etc.

There was talk in another thread of a kill code that the US has built into the aircraft that can be used to remotely shut down non-US F-35's .... you can bet this type of thing would involve heavy encryption and its implementation would be heavily guarded and isolated from prying hackers.

Before even attempting to attack an F-35, hackers would also need weeks/months of access to one to work out possible security holes and bugs to exploit. Its easy in civilian internet world when 80% of computers are running the same operating system using the same protocols. In military hardware world where every interface is physically hard-wired to send a specific set of messages in a set format, its next to impossible, even with detailed inside information.

BTW, the best way into an F-35 would be via the maintenance software used on the machines they plug the F-35 into before/after flights. If those machines are on a network, then it would be crazy to not have them absolutely secured.

popcorn · by **popcorn** » 28 Mar 2011, 04:59

Hacking into enemy IADS nodes is supposedly one of the future capabilities being considered for the Next Generation Jammer program isn't it?