Arm IDA and Cross Check: Reversing the Boeing 787's Core Network

Presented at Black Hat USA 2019, Aug. 7, 2019, 4 p.m. (50 minutes)

In 2008 the FAA issued several Special Conditions for The Boeing 787 Dreamliner. There were serious safety and security concerns about the brand-new network design Boeing had implemented, which provided the Dreamliner with some "e-enabled" capabilities never seen before.

This scenario raised some alarms in certain security circles that eventually faded out.

10 years later, this talk will provide the first public analysis of the Boeing 787's Core Network, revealing previously unknown vulnerabilities that would allow an attacker to compromise the security of the original design. The talk will also elaborate on the additional implications of these security flaws.


Presenters:

  • Ruben Santamarta - Principal Security Consultant, IOActive
    Ruben Santamarta is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, AMI, vulnerability research, exploit development, and malware analysis. As a principal consultant at IOActive, Mr. Santamarta performs penetration testing, identifies system vulnerabilities, and researches cutting-edge technologies. Mr. Santamarta has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Ekoparty and Black Hat USA.

Links: