NASA Helped Find A Network Security Hole In Spacecraft Networks

SHARE THIS ARTICLE

REACH US

GENERAL INQUIRY

[email protected]

ADVERTISING

[email protected]

PRESS RELEASE

[email protected]

HOTLINE

+673 222-0178 [Office Hour]

+673 223-6740 [Fax]

Upcoming Events

Prayer Times

The prayer times for Brunei-Muara and Temburong districts. For Tutong add 1 minute and for Belait add 3 minutes.

Imsak	: 05:01 AM
Subuh	: 05:11 AM
Syuruk	: 06:29 AM
Doha	: 06:51 AM
Zohor	: 12:32 PM
Asar	: 03:44 PM
Maghrib	: 06:32 PM
Isyak	: 07:42 PM

The Business Directory

Space & Science

Home > Space & Science

NASA Helped Find A Network Security Hole In Spacecraft Networks

NASA/Bill Ingalls

November 16th, 2022 | 12:55 PM | 352 views

WASHINGTON, D.C., UNITED STATES

The vulnerability also affects aircraft and power plants, but it's relatively simple to fix.

NASA and University of Michigan researchers have found a security flaw that could pose a threat to spacecraft in the right (or rather, wrong) conditions. The team has discovered that time-triggered Ethernet (TTE), a feature that lets critical systems sit alongside minor ones on the same networking hardware, is vulnerable to a spoofing attack. An intruder can send fake sync messages by conducting electromagnetic interference through copper Ethernet cables into network switches, creating a "gap" in a switch's activity that lets bogus data slide through. Over time, the TTE device will lose sync and behave erratically.

The attack requires placing a small device on the network, so remote breaches are unlikely. However, the consequences could be serious. The scientists tested the vulnerability using real NASA machinery to recreate a planned asteroid redirection test. In a simulation, the TTE exploit produced a knock-on effect severe enough that the crew capsule strayed from its course and missed a crucial docking procedure.

There are simple safeguards, if not necessarily problem-free. Vehicle designers could replace copper Ethernet with fiber optic cables or place optical isolators between switches and devices, so long as they're willing to accept sacrifices in cost and performance. Engineers could also change the network layout to prevent fake sync messages from taking the same path as legitimate ones, although that will clearly take time.

NASA and the university stress that there's no "current" known threat. However, the method could also be used to compromise aircraft, power plants and industrial control systems that rely on TTE. Theoretically, a saboteur with physical access could disrupt critical infrastructure in a way that might not be immediately obvious.

Source:
courtesy of ENGADGET

by Jon Fingas

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]