【Qin An Comment】The wind in cyberspace has risen, and the thunder is heard in the silent place. Network security is not only a national security issue, but also a major people's livelihood issue, Qin'an Strategic Headlines specially launched the "Network Idle Talk" special topic, in-depth analysis of the new qualitative productivity, cultural power, national defense power contained in cyberspace, the hot spots, focus, difficult issues in the new field, and everyone's life, work, study, is conducive to the popularization of network security knowledge and the enhancement of the awareness of network power, so that everyone has more sense of gain, happiness and security in the new era of cyberspace. The author of this article is a classmate and a cybersecurity guru, who asked him to talk about the risks of cyberattacks using vulnerabilities to break into weapon systems.
A recent article by Shaun Waterman, a freelance journalist and content strategist focused on government IT, defense technology and cybersecurity, "this vulnerability puts the future of u.s. warfighting at risk" unravels the vulnerabilities of the military standard MIL-STD-1553 data bus protocol that has been in service for nearly 50 years.
The U.S. military is betting on a new technological revolution to win the war of the 21st century. The Pentagon's futurists are working to manage the battlefield digitally, with commanders using cloud-based software tools to command autonomous weapon systems anywhere in the world, or even launching coordinated attacks on land, sea and air with a single finger. What the Department of Defense officially calls Joint Global Command and Control, or JDC2, would fundamentally change the military's course of development — not just their IT systems, but also their guns and bombs. Later this year, the U.S. Joint Chiefs of Staff will unveil new requirements that all weapon systems must be compatible with the JADC2 network requirements or funding will not be available.
However, this innovative application of the military IoT is risky. Jadc2 has a potential Achilles heel. According to the results of cybersecurity experts, military technologists, and peer-reviewed academic research, a 48-year-old technical standard on which nearly all major weapons and avionics systems rely — the 1553 serial data bus — is vulnerable to hacking.
U.S. military sources have acknowledged the existence of loopholes
Josephine Micallef, senior research director for systems and cybersecurity at defense electronics contractor Peraton Labs, said bus 1553 "never took security into account." Peraton Labs is a privately held research firm that provides networking and physical security products and services to government and industry.
David Goodman, CEO of Vitro, a startup that works with the Air Force, said the vulnerabilities in the 1553 bus could undermine the vision of a networked military — potentially enabling U.S. adversaries to disrupt advanced weapons systems and even take them over and use them to attack U.S. forces.
"The really big question is, how do we have networked, long-range (controlled) forward offensive weapons? God will not allow someone to control them and let them attack us," he said, "and that's the worst-case scenario." ”
In a paper published in January, scholars at the Aeronautical Institute in Italy revealed that they had actually built a device that could carry out cyberattacks on aircraft on bus 1553. The paper discusses vulnerabilities in specific avionics platform protocols, the mil-std-1553 standard. Analyzes the design and implementation of network devices capable of exploiting identified vulnerabilities. The relevant equipment will also be tested to prove the effectiveness of the proposed solution.
Pentagon weapons testers seem to agree with this view — they have repeatedly highlighted the weaknesses of non-Internet protocol communication systems such as the 1553 bus. In its 2020 annual report, released earlier this year, the Department of Defense's Operational Testing and Evaluation Council acknowledged that there is no good way to measure, let alone ensure they can counter cyberattacks. The report states: "The tools and techniques required to test specialized protocols such as 1553 ... Not enough at the moment. ”
"The more new features you add to the plane, the more connections you add to the bus, the more trouble you run into," said Frank Konieczny, the Air Force chief technology officer who retired in February. "Because it opens up the possibility that someone might do something that disrupts the bus, or build some malware that can be injected somewhere to cause problems."
In that dry military jargon, Pentagon weapons testers throw out a frightening truth: As the Department of Defense begins deploying jamdc2 units in the coming years, defense contractors and military scientists are desperately trying to secure the 1553 bus to keep it safe before it goes live, thus avoiding exposing the U.S. military's fatal weakness to enemy hackers.
The Press Office of the Joint Chiefs of Staff of the U.S. Military Did Not Respond to Several Requests for Comment from Reporters. The Air Force Research Laboratory, the Operational Test and Evaluation Council, and several former officials declined interview requests, saying their work on 1553 was sensitive and/or confidential. However, in addition to public sources, Readme (the media of cybersecurity) spoke with three former or current defense officials who declined to be named or quoted, but did not deny the issue.
MIL-STD-1553 is an engineering standard that defines the mechanical, electrical, and functional characteristics of a serial data bus. A serial data bus is an electronic subsystem that enables different computer components to communicate with each other. The simplest way to put it is that the bus is a connector, just like the USB (Universal Serial Bus) you plug into your laptop.
Since 1978, the standard has been notified of changes six times. For example, the 1986 change to Pass 2 changed the title of the file from "Aircraft Internal Time Division Command/Response Multiplexing Data Bus" to "Digital Time Division Command/Response Multiplexing Data Bus". Mil-STD-1553c was last revised in February 2018. The MIL-STD-1553 standard is now jointly maintained by the U.S. Department of Defense and the Society of Automotive Engineers Aerospace Chapter.
The 1553 bus is a connector that allows the flying computer on the aircraft to connect with the rest of the aircraft, thereby communicating with the embedded computer that controls sensors, flight, and weapon systems. It allows flying computers and pilots to receive data from sensors such as radar or GPS receivers through it and send commands to engines, flaps, and weapons.
Before the 1553 bus was developed, the electronic subsystems on the aircraft were point-to-point connected — just as they were when they were controlled by physical lines or hydraulics, rather than by digital commands. But as the number of controllable subsystems multiplies, the complexity of point-to-point cabling begins to become an issue, not to mention the space and weight it takes up.
Engineer Erwin Gangl, considered inventor of the 1553 bus airplane, told Aviation today that he first came up with the idea in the late 1960s. In the early 70s, the F-15 used an earlier version. The standard was first adopted by the U.S. Air Force in 1973 and became a Department of Defense standard two years later. It was updated once in 1978, but other aspects remained unchanged.
Like USB, the 1553 bus standard ensures compatibility. A printer, mouse, or other peripheral from one manufacturer can be connected to a laptop made by another manufacturer with a cable from a third manufacturer, because all manufacturers follow the same USB standard.
Similarly, the 1553 bus solved another problem that plagued the U.S. military at the time: how to ensure that the increasingly complex weapons systems and sensors on the plane were organically integrated — when they were designed and manufactured by competing suppliers.
Just like USB, the 1553 bus ensures that every component in a military avionics system — radar, engine, weapon — can be manufactured by different companies. Open standards allow competing manufacturers to produce products that work together without requiring manufacturers to provide any confidential data. Partly because it ensured compatibility, the 1553 bus became ubiquitous. Every major U.S. and NATO fighter, most helicopters, and even land vehicles like the Abraham main battle tank are on board.
But research shows that it's extremely insecure: vulnerable to the crudest denial-of-service attacks, man-in-the-middle eavesdropping, all the way to more sophisticated data breaches and replacements. "When the standard was released that year," Mikalef said, "people weren't worried about cybersecurity." ”
In traditional application deployments on the 1553 bus, they still don't need to worry too much. The aircraft is a closed system with a corresponding small attack surface. The weakness of the 1553 bus was hidden.
But JDC2's cyber-based military vision changed everything about the U.S. system. The 1553 bus, along with several other key components built into legacy standards, will massively expand the attack surface, with weapons and avionics systems that are really online in its control — connected to a cloud architecture designed to synchronize them as part of a networked U.S. military force.
Unfortunately, the design features of the 1553 bus make this nightmarish result possible.
The impact is not limited to U.S. military weapons and avionics systems
Because it's an open standard that anyone can use, in addition to U.S. and NATO weapon systems, the 1553 bus is used on the International Space Station and many other satellites, the Airbus A350 jet, and military avionics from Israel, Japan, India, and even China and Russia.
With 1553, the radar photoelectric detection, navigation, native sensing, cockpit display, plug-in management and fire control computer can be perfectly integrated and integrated, forming the iconic distributed centralized control system of the third generation of fighters. The F-16A was the first combat aircraft to use the 1553a standard. After years of development, the 1553 bus has been widely used in different military platforms (aviation systems, ground vehicle systems, ship systems) systems, and has developed into an internationally recognized data bus standard. Most of the weapons platforms in Western developed countries use the mil-std-1553b bus as a neural hub connecting various subsystems, which can be said to basically realize the informatization of the weapon platform. These weapons platforms include: fighter jets, helicopter gunships, tanks, tanks, warships, and even missiles.
Public information in the early years shows that China's new fighters have been fully equipped with gjb289a (mil-std-1553b) data buses, such as: J-VIIIII, J-11, "Mountain Eagle" new generation trainer aircraft, fc-1, etc. China's warships are also using mil-std-1553b data bus, such as 167 destroyers. Other weapons platforms will also gradually adopt the GJB289A (MIL-STD-1553b) data bus. In terms of aerospace, China has applied the mil-std-1553b data bus to the application system of satellites/spacecraft, and has achieved certain results. The use of mil-std-1553b data bus can not only organically combine the various subsystems of satellites/spacecraft, but also greatly improve the scalability and maintainability of the system. For example, the GX-1 satellite uses the mil-std-1553b data bus. The MIL-STD-1553B bus has been widely used in the aerospace field. With the strengthening of modern avionics integration requirements, the importance of avionics communication systems continues to increase, and the key role of mil-std-1553b as the preferred avionics bus is also becoming increasingly prominent.
China's military standard gjb289a-97 was formulated on the basis of mil-std-1553b tracking research.