Can the F-35 be hacked ?

Unread postPosted: 27 Mar 2011, 06:35
by falnorcon16
F 35: Computer Hacked?

From what I understand, the F 35 is basically a flying computer. Now, I might be silly to ask this question, but can they be hacked down / crashed by an enemy ?

Do they have a defence system installed against this, or is the thought to far fetched ?

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 06:46
by 1st503rdsgt
I've heard whispers that it is possible (from Wired maybe?), but that the F-22 is safe because no one in China knows 1980s period code.

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 07:21
by Prinz_Eugn
How would you introduce malicious code?

Not that easy.

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 08:24
by spazsinbad
Might be of interest:

Safety- and security-critical avionics software Feb 1, 2011

http://www.militaryaerospace.com/index/ ... tware.html

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 10:23
by alloycowboy
You could try, but accidents will happen!

Re: RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 17:56
by neptune
spazsinbad wrote:../safety-and-security-critical-avionics-software...


Great article and can't wait to get to the office tomorrow, to finish the read.

No! :!:

1- In the air. The F-35 or other "computer a/c" cannot be hacked. The data streams into and between a/c systems are encrypted. That having been said, the tactical communications between a/c is line-of-sight (los). Thus, not having the encryption code and the mode of communications and the components of the communications and the "los", you can't get there, from here! :D

2- On the ground. The computer systems are increasingly being isolated thru a technique being implemented by several companies including LM. LM's advertised product is “IronClad" (http://www.lockheedmartin.com/products/ironclad/). In a nutshell; it only allows programs approved and operated by LM on the computer and no modification of the code is allowed to write in the computer by LM . Neat concept, that is secure from hacks. Further, it identifies and rejects any device (hacked) that is not validated by LM. :D

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 18:13
by Meteor
Can high tech military systems be hacked? Sure, anything "can" be hacked. The question is how difficult is it to accomplish. Most modern systems, (AEGIS cruisers, Predator UAVs, even F-16s), require two things on a regular basis; software updates and connectivity. Both updates and connectivity open up avenues to introduce accidental or malicious programming into internal networks and systems.

When I was flying the '16 we even had software updates to reprogram the flight control laws for aircraft on the flightline. Think of the consequences of some entity introducing a Stuxnet type virus into flight control laws. These programs could actually be installed during periodic updates and remain dormant until some triggering event. The other avenue is through the connectivity of all modern systems. AESA radars are designed to scoop up all RF energy out there, but also to inject algorithims into target systems for exploitation or control. We and are allies are busy doing this, as is evidenced by the Israeli takedown of the Syrian IADS not too long ago.

The bad guys are also doing this. Note that some of the best programming in the world resides in India, China, and Russia. Not too long ago the Russians electronically took down one of the Baltic states, and then Georgia during that conflict. China regularly invades US industrial and defense networks, and apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks. I would not be at all surprised if the US were to suddenly have massive command and control disruptions if faced with a confrontation with a major power such as the Chinese or Russians. Along the same lines, I would not be surprised if data links between aircraft and missiles and UAVs were also compromised. I know that we work on disrupting aircraft to missile update links. I'm sure that the bad guys are working the same issues against us. What happens if the bad guys have discovered a weak spot in the AIM-120 links? The BVR capability of the F-15, -16, -18, -22, and -35 would all be negated. Possible? Sure. Likely? Who knows?

RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 19:14
by spazsinbad
Meteor said: "...apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks."

My question: Where is proof of this statement please. Thanks. I can recall some 'not so classified online data' was compromised but recall reading that 'classified' data is NOT online or otherwise on highly secure networks that are not able to be compromised.

Unread postPosted: 27 Mar 2011, 19:54
by VarkVet
When I started working A-10’s in 1980, she only had one computer (SAS)
This hacking sh*t is scary!
:shock:

Unread postPosted: 27 Mar 2011, 20:34
by Meteor
Spaz: You'll note that I wrote "apparently", because as a mere interested civilian observer I can't offer "proof" for classified information to which I have no access. However, a quick Google of "F-35 data compromise" will give you a lot of smoke, and where there is smoke, there is often fire. Among the articles:

http://online.wsj.com/article/SB124027491029837401.html

By the same token, I would not accept an LM statement that "nothing was compromised" as proof, either. It is interesting to note that LM did institute a massive upgrading of the JSF data security program immediately after the disclosure of the apparent breach.

Also rather ironic is the LM "Ironclad" security project that Neptune mentioned. The original "IronClads" were wooden warships with plates of iron bolted to their hulls to make them impervious to cannonballs. Remember the Monitor and the Merrimac? In the endless battle between offense and defense, armor piercing 16 inch shells soon made even the heaviest IronClads vulnerable. In a similar manner, the endless seesaw battle between offense and defense in the cyber spectrum makes all software potentially vulnerable and "hackable".

Unread postPosted: 27 Mar 2011, 21:03
by spazsinbad
Meteor, I did take note of the 'apparently' and I'm still in the dark about details. Nature of Cyber Security/Warfare I guess. Just wanted you to clarify that phrase is all and you have done that. Thanks.

Unread postPosted: 27 Mar 2011, 21:07
by neptune
Meteor wrote:... rather ironic is the LM "Ironclad" security project...


excellent, thought so too!

I will stick with my position of No! :P , until someone shows proof of "Yes?" :cry: .

I do agree that a world of 10 million 12yr. olds with computers had best be more than "One" step ahead of the pack! :!: DoD has a huge challenge ahead of keeping a/c safe from hackers and I believe that as long as they can't break into the RF systems; then the Ironclad type stuff will keep some "dope" from plugging in a bad stick.

Security is a huge industry for those of us who sell non-internet systems and there is no "second place". :twisted: No one cares about your fixing a system; once you let something in! :cry:

Re: RE: Can the F35 be hacked ?

Unread postPosted: 27 Mar 2011, 21:49
by wrightwing
spazsinbad wrote:Meteor said: "...apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks."

My question: Where is proof of this statement please. Thanks. I can recall some 'not so classified online data' was compromised but recall reading that 'classified' data is NOT online or otherwise on highly secure networks that are not able to be compromised.


There was no compromise above FOUO level. The system that was hacked, was on the NIPR network.

RE: Re: RE: Can the F35 be hacked ?

Unread postPosted: 28 Mar 2011, 04:35
by munny
Just because something contains a computer doesn't mean it's automatically susceptible to hacking. To break into the core of any system you need an interface to come in on. The only viable, contactable interfaces of an F-35 would be its various datalinks.
These datalinks would sanitize any data being sent to the main sensor processing apps, so while you could possibly send incorrect data to a communications channel causing some sensor weirdness, perhaps even cause that comms channel to fail, you wouldn't be able to get to the F-35's core systems and shut it down....etc.

There was talk in another thread of a kill code that the US has built into the aircraft that can be used to remotely shut down non-US F-35's .... you can bet this type of thing would involve heavy encryption and its implementation would be heavily guarded and isolated from prying hackers.

Before even attempting to attack an F-35, hackers would also need weeks/months of access to one to work out possible security holes and bugs to exploit. Its easy in civilian internet world when 80% of computers are running the same operating system using the same protocols. In military hardware world where every interface is physically hard-wired to send a specific set of messages in a set format, its next to impossible, even with detailed inside information.

BTW, the best way into an F-35 would be via the maintenance software used on the machines they plug the F-35 into before/after flights. If those machines are on a network, then it would be crazy to not have them absolutely secured.

Unread postPosted: 28 Mar 2011, 04:59
by popcorn
Hacking into enemy IADS nodes is supposedly one of the future capabilities being considered for the Next Generation Jammer program isn't it?

Re: RE: Re: RE: Can the F35 be hacked ?

Unread postPosted: 28 Mar 2011, 06:44
by Conan
munny wrote:Just because something contains a computer doesn't mean it's automatically susceptible to hacking. To break into the core of any system you need an interface to come in on. The only viable, contactable interfaces of an F-35 would be its various datalinks.
These datalinks would sanitize any data being sent to the main sensor processing apps, so while you could possibly send incorrect data to a communications channel causing some sensor weirdness, perhaps even cause that comms channel to fail, you wouldn't be able to get to the F-35's core systems and shut it down....etc.

There was talk in another thread of a kill code that the US has built into the aircraft that can be used to remotely shut down non-US F-35's .... you can bet this type of thing would involve heavy encryption and its implementation would be heavily guarded and isolated from prying hackers.

Before even attempting to attack an F-35, hackers would also need weeks/months of access to one to work out possible security holes and bugs to exploit. Its easy in civilian internet world when 80% of computers are running the same operating system using the same protocols. In military hardware world where every interface is physically hard-wired to send a specific set of messages in a set format, its next to impossible, even with detailed inside information.

BTW, the best way into an F-35 would be via the maintenance software used on the machines they plug the F-35 into before/after flights. If those machines are on a network, then it would be crazy to not have them absolutely secured.


Yep, identifying exploits into an encrypted system that runs proprietary software of which there are at best only a few thousand examples on the planet (as opposed for example to tens or hundreds of millions of Windows systems) is going to be a tough challenge.

There are other challenges too. The aircraft are non-operational on the ground most of the time and thus protected from remote exploitation by the simple expedient that the network you are attempting to access is switched off.

These type of aircraft are also closely guarded when on the ground and the personnel who have access are closely monitored, but are probably your best bet, assuming of course that there is some means by which it is physically possible to connect to the F-35 hardware and image those storage systems or otherwise copy the information stored on the aircraft and thus have time to identify exploits at your leisure. I would not be surprised if there was a proprietary method by which one physically connects to the F-35 hardware to prevent this sort of thing. I would be stunned if you could just plug a USB stick into it, for example.

Attempting to hack an F-35 (or any aircraft really) in flight is going to present considerable problems, not least of which is that you are going to have to be transmitting data packets via radio transmission to the F-35 by some means to hack it, so you are either going to be out of range very quickly if using a fixed system or having to keeping pace (or at least in airborne range) with the F-35.

Either way, it is unlikely your efforts will go unnoticed by the aircraft you are trying to hack and you may find that your attempt at exploiting the F-35's network results in a very precise targetting solution being available to said F-35...

Unread postPosted: 28 Mar 2011, 10:54
by munny
popcorn wrote:Hacking into enemy IADS nodes is supposedly one of the future capabilities being considered for the Next Generation Jammer program isn't it?


"Suter 1 allowed U.S. operators to monitor what enemy radars could see. The capability enables U.S. forces to assess the effectiveness of their stealth systems or terrain-masking tactics. Suter 2 permits U.S. operators to take control of enemy networks as system managers and actually manipulate the sensors, steering them away from penetrating U.S. aircraft. Suter 3 was tested last summer to add the ability to invade the links to time-critical targets, such as battlefield ballistic missile launchers or mobile surface-to-air missile launchers."

http://www.smartplanet.com/technology/b ... mmer/6068/

Unread postPosted: 30 Mar 2011, 06:41
by batu731
The data link protocols are the primary target of hacking in cyber warfare (e.g. Link16)

Unread postPosted: 09 Apr 2011, 04:04
by grinner68
For all you know the Chinese have already read every single line of code that has been written for the F-35.

They don't need to re-write the computer code, just to do something small.
Say, have the flight computer reboot while in flight, or just turn off.

Come on folks, surely some of you have seen the scene.

"they lost power just before they came in contact with the enemy, They said it was like someone just turned off a switch"

Unread postPosted: 09 Apr 2011, 12:40
by munny
If only it were that simple. Example ... Linux is an open source computer operating system, yet many web servers are run on Linux and its secure. Even if you know how it works internally, doesn't mean you can get through the firewalls and security measures to do anything to it.

The difficulty with hacking an aircraft remotely is that its interfaces do not allow any commands which are not part of normal operation.

Your scenario with the F-35 is like someone hacking a logged off linux server with a mouse (and no way to physically modify the mouse either).

Re: RE: Can the F35 be hacked ?

Unread postPosted: 11 Apr 2011, 04:03
by aaam
spazsinbad wrote:Meteor said: "...apparently much of the F-35 program was already compromised by Chinese exploitation of contractor networks."

My question: Where is proof of this statement please. Thanks. I can recall some 'not so classified online data' was compromised but recall reading that 'classified' data is NOT online or otherwise on highly secure networks that are not able to be compromised.


Supposedly, it was not the Pentagon or Lockheed that was penetrated, but a number of the subcontractors.