Computer Chip 'Back Door' Discovered By UK Researchers
A computer chip used in Boeing's Dreamliner may be vulnerable to cyber attacks via the Internet, according to a pair of Cambridge University researchers. The two said in a draft paper published online that hackers could connect to the Actel chip, reprogram it, or cause permanent damage over the Internet.
In a report appearing in the UK newspaper The Guardian, the two researchers say they have presented their data to government agencies, but the response is classified. But Chris Woods of Quo Vadis Labs told the paper that "the real issue is the level of security that can be compromised through any back door." He said the access was easy to find and exploit.
Woods said that Actel may have included the "undocumented feature" on purpose as a way to gain additional functionality for the device, which is used for applications ranging from medical to military. He said that the access cannot be removed as it is integral to the way the chip is designed. While a cryptographic key is normally needed to access the ProASIC3 chip, the back door bypasses that security measure. If a device using the chip is connected to the Internet, Woods says it is fairly easy to access.
The chip can be found in some flight-critical hardware in the Dreamliner, as well as UAVs and other surveillance systems.
The final paper will be presented by Woods and Cambridge University's Sergei Skorobogatov at a conference in September. (Dreamliner file photo provided by Boeing)