Connecting entertainment systems to flight control sounds very wrong. Connecting entertainment systems to flight management would be common; it should be one-way communication (entertainment can only read FMS data, not send any), for the purpose of driving the moving map displays for passengers.
> it should be one-way communication (entertainment can only read FMS data, not send any), for the purpose of driving the moving map displays for passengers.
Would you agree that this logical boundary should be physically enforced? Such as an opto-isolator?
No fancy circuitry is needed. Just use one fiber. I suspect that 100BASE-T can pull this off with one pair and some hackery. RS232 should work work only one direction connected.
The funny thing is that LEDs (granted, not all types of diodes) can be used to read data as well as transmit it. Videos of such interfaces can be found on YouTube. So, they are not as one-way as some folks may think.
Well it can not only be a LED that is supposed to be one-way, but the whole circuitry driving it. Likewise for the receptor. With some appropriate review of the physical design, you can have a reasonable expectation that the comm will be limited to one-way, with no way for arbitrary SW to modify the direction.
"security barrier" is a vague, meaningless phrase that they don't define. There shouldn't be any connection at all between flight systems and the in-flight entertainment.
There should actually be three distinct "air-gaped" networks (or at least classifications of network).
Secure: The network that connects and controls the airplane. Absolutely only essential things allowed on, and if possible isolated using mathematically proven secure vlan/isolation techniques.
"Employee": pilots, crew, etc. This is more just a distinct network for corporate operations security.
"Customer": Still try to keep this one secure so that virus and just don't spread, but this is the 'DMZ' area.
Communication from the secure network should be outbound only, and might best be done over a fixed rate serial data connection of some sort.
The modern version might be to configure a point to point network link on a CDMA based system and just disconnect the secure side's RX path entirely. Then you just export the data blind via UDP with like 10X redundancy.
Most Boeing planes (though not the 787 discussed here) don't use fly-by-wire, so you could argue that the most essential control plane is perfectly isolated by virtue of not having any sort of network at all, just hydraulics into the cabin.
But wasn't the 737-max issue that a software system was forcing an elevator change to pitch the nose down? That sounds pretty fly-by-wire (even if hydraulics are involved).
You could say that the problem was lack of fly-by-wire - if 737-MAX had FBW, the necessary corrections would be bundled as part of flight envelope protection, and that tends to work pretty well and the required checks on FBW systems would catch stuff like "only one AoA sensor used".
Instead we got MCAS which was messing with autotrim signals and escaped scrutiny.
This sounds like a good idea, until you realize that the head unit is typically the thing in the car with the most computing power (think AI workloads as well as a GPU and multiple ARM cores) and the thing in the car with the network connection.
A trivial use case which requires write access to the CAN bus is the navigation system informing cruise control of an upcoming hill.
Equally trivial would be the seat position memory or profiles being applied through the main touchscreen.
(I work for a company that is developing infotainment systmes)
The moving map could easily be fed from a separated consumer grade GPS. Same for all other metrics that the median passenger would care about (height, speed over ground), except for the ever-impressive outside temperature.
Most/all international flights I've been on are really terrible at providing an accurate flight plan or ETA to the passengers via the entertainment system. I would not be surprised if it is already a manual update done when convenient by a member of the flight crew.
They tend to use what's programmed in the FMS. Pilots will have the cleared route in there, even if they already know that they'll probably get several short cuts along the way.
I have never seen one that showed a flight plan. They only had a straight-line (well, a great circle route) to the destination. ETA was pretty clearly straight-line distance divided by (average?) speed.
Consumer grade GPS actually won't work at 30,000+ feet at speeds the plane would be flying. This is to prevent someone from using the GPS system to steer a ballistic missile.
The gps on my phone begs to differ. You can (sometimes) acquire enough gps locks to get a signal and subsequent gps data like speed, position, etc. Worth a shot trying because there's very few other times where you'd be able to see your gps sensor read 600mph. You're probably right though, it's just that the cutoff speed is higher than whatever a commercial jetliner speed is.
My cell phone GPS works at cruise on an airplane. I can't attest to how location accurate it is but the altitude and speed are usually right on with what the infotainment system says.
reply