Nevermind Asking If The Dreamliner Will Hack It... Can Someone Hack The Dreamliner?

Unless it's an order announcement -- or photos from its first flight -- Boeing would probably prefer to keep its delayed 787 Dreamliner out of the news cycle right now. As interest in the composite-bodied airliner increases, however, so do the headlines... which is likely why news of a potential security flaw in the design of the aircraft made the rounds in the general media last week.

It's not a flaw, per se... and the FAA wants to make sure it stays that way. In a document posted to the Federal Register last week, the agency states it wants additional precautions to preclude possibility a passenger -- or someone else outside the cockpit -- could gain access to the 787's flight control systems, through the plane's inflight entertainment network.

The risk lies in the high degree of multiplexing throughout the Dreamliner's systems. Some data networks onboard the plane that in the past were separate systems -- such as IFE, and flight control and navigation software -- are shared on the Dreamliner, presumably to decrease wiring complexity and reduce weight.

"The proposed architecture of the 787 is different from that of existing production (and retrofitted) airplanes," the FAA says. "It allows new kinds of passenger connectivity to previously isolated data networks connected to systems that perform functions required for the safe operation of the airplane. Because of this new passenger connectivity, the proposed data network design and integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate this type of system architecture or electronic access to aircraft systems that provide flight critical functions.

"Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities that could be caused by unauthorized access to aircraft data buses and servers," the agency adds. "Therefore, special conditions are imposed to ensure that security, integrity, and availability of the aircraft systems and data networks are not compromised by certain wired or wireless electronic connections between airplane data buses and networks."

News of the document first surfaced on Wired.com. Boeing spokeswoman Lori Gunter told the tech website the FAA document was misleading, and that the Dreamliner's systems aren't fully interconnected.

"There are places where the networks are not touching, and there are places where they are," she said, adding "there are protections in place" to ensure passenger internet services cannot access flight-critical systems "under any circumstance."

Gunter noted the planemaker is taking a number of steps related to both hardware and software to combat the issue, but wouldn't elaborate.

The ruling comes following a request for comments on the FAA's proposed special conditions, made in April 2007. The Air Line Pilots Association responded by "strongly" recommending the FAA require a backup system for the flight crew to regain control of the aircraft; the FAA responded it would prefer safeguards be in place to prevent such a scenario in the first place.

Interestingly, European planemaker Airbus responded with several concerns of its own. One stated the FAA's call for special conditions wasn't "high level" enough, and is open to too much interpretation. Airbus -- no stranger to complex computer flight control systems -- also noted it would impossible for Boeing, or anyone, to demonstrate complete security in such systems, as technology is constantly evolving.

FMI: Read The FAA Document (Provided By Cryptome.org), www.faa.gov, www.boeing.com