Trojan-ridden warning system implicated in Spanair crash Malware may have been a contributory cause of a fatal Spanair crash that killed 154 people two years ago. Spanair flight number JK 5022 crashed with 172 on board moments after taking off from Madrid's Barajas Airport on a scheduled flight to Las Palmas on 20 August 2008. Just 18 survived the crash and subsequent fire aboard …
1 Microsoft Way
Redmond, WA 98052-8300
When are companies gonna stop using a windows operating system for this kind of tasks! It's not fit for these kinds of duties.
The airplanes embedded systems of course work fine until they upload data to "the airlines central computer" running Microsoft Windows. This pc like any other Windows pc is riddled with viruses and malware.
It's also time to make Microsoft apply proven scientific safety measures in their operating system. It's a disgrace that the most used OS is not secure only because the maker refuses to implement those security standards! Now even Intel -by buying MCafee- takes it upon their tasks to protect users from Windows and the US government needs special Cyber Warfare regulation to take out Windows botnets! It's the world upside down.
I really hope Microsoft get's suit over this.
What makes you think it was a Windows system? I use Windows, OS-X (on my girl friend's computer), and Ubuntu. All have had malware issues. The OS-X being the worst, as my girl friend suffers from the delusion that "Mac's can't get viruses" and "all crashes are due to Flash even when the only thing running is Excel", and so refuses to put anti-virus on the POS.
really it would not had matter what OS they were using wether be MS or MAC or LINUX including anu open source OS that is out there. if malware writers decide to use single or multiplaform deliverysystem it eventually get delivered. so suing MS over this is useless. as for anit virii monitoring the best cure is prevention but even then it is impossible to prevent infection as any IT proffesional worth their weight in caffeine will tell you.
but what can be done is this find the authors of the malware and after proven guilty execute them very painfully say like making them die and be revived for each death until they are ready to go to great beyond. it is not as to be cruel but to set world wide example that even writing that crap iand thinking about it is way too dangerous.
I think the point of this article, if you read it, is that a mechanic or other person who had *direct* access to the computer may have planted the trojan. Whether the trojan was installed in the airplane's computer or the airport's central computer system doesn't matter. The person had direct access to the network, possibly with the credentials required to propagate the malware through the system.
If someone has direct, possibly privileged, access to a computer, how do expect the OS to fend off whatever the user is trying to plant?
"I really hope Microsoft get's suit over this." - If it really was the mechanic or supervisor who installed the trojan, Microsoft has nothing to do with it, so no, they won't get sued.
Microsoft probably has some of the securest OS around given that they have had 10 years of near constant onslaught to deal with. And they are getting better both in programming practice and design.
I use Windows 7 and BSD at work and OSX at home.
I would make an educated guess that the potential to find flaws in Windows might be 25% or less.
Whereas in OSX this quantity could well be 75% or more.
Microsoft also do a good job of fixing flaws found monthly.
It can only get better.
If market uptake of the OSX platform advances to where it becomes of interest to malware writers, you can expect it to get worse long before it gets better.
You are such an idiot for writing that.
Do you read the register?
"Good job at fixing flaws"? Well yes probably. However "if they did a good job at the start, they wouldn't need to fix the flaws so often", could also be said?
And 15 years of being crap makes them so very good at fixing stuff.
You may not be an idiot, but you may be very ignorant of what "secure" is.
If I park my car in my garage and don't lock the doors, it is more secure than leaving it in a downtown parking lot with a cell phone on the dash.
Security is not an absolute state of something, it is relative to the environment, to the number and sophistication of those who see a target.
Windows is targeted MUCH more often, making it less secure even with fewer security holes (which is arguable in itself).
You conceded this yourself with the remark about OSX, except you are wrong that things can only get better because they keep increasing the complexity of the code, and that with no real competitive need to keep the software quality high. Their interest is as expected, to sell the product, not to make it the best it can be beyond what effects sales. You can't blame them for that, if only they had not tried to have a captive market so in mission critical uses like an airplane, there were competitive solutions contending for the same TCO for the airline.
Some operating systems simply should not be used in mission-critical tasks, and that probably includes Linux as well. A system like QNX, Tandem, etc. should be used instead and leave it closed. The level of attention to detail needed for such tasks (think nuclear power stations) needs a completely different category of OS
Read. They were running Windows. Not on the plane of course. Those usually have three separate independent embedded (non-windows) systems for fail over purposes.
The plane should however, never have been allowed to take off.
And that decision was made by the central computer of the airline. This computer should have told the planners that the plane was not ready for duty. Maybe it should have been sent to maintenance. Unfortunately, that central computer was running Windows with all the viruses and malware that comes along with that. So the plane never got flagged for maintenance.
Horrible. And hopefully a wakeup call!
"They were running Windows. Not on the plane of course. Those usually have three separate independent embedded (non-windows) systems for fail over purposes.
The plane should however, never have been allowed to take off.
And that decision was made by the central computer of the airline."
From reading the article the pilots should have actually picked up issues and aborted the take-off. A bug-ridden control system is one thing, two complacent pilots in control is another.
In fact, this totally applies this time. Windows has never been designed to run in stuff requiring real-time responses, and as a matter of fact, plain vanilla Linux isn't designed for that either. Fortunately, this might give a good warning to those idiots who insist on putting Desktop OSen in real-time hardware.
Many flights are planned on laptops, which are provided by the company and that are used in flight in the cockpit. Stories were in the press a few years ago about security procedures intended to prevent passengers from bringing destructive items dressed up as working laptops, but which some over-zealous security types were also trying to apply to flight crew, unaware that the items in question contained flight plans, crew manifests, schedules etc.
http://www.usatoday.com/travel/flights/2009-11-18-laptops-ban-pilots_N.htm - dealing with one flight, but shows another pilot using a laptop and mentions one airline's policy.
So, if these are networked on the ground to download various items, potentially there is a way for Trojan-infested devices to get into the cockpit.
It's more likely that the Trojans were introduced in the scheduled service updates.
This is ridiculous - not only does the plane have its own self redundancy in its control systems the pilots should have gone through preflights and such. Not to mention the ground crews.
I'd be very interested to find out what the suspected cause of this crash is - because I get the feeling its something utterly stupid - and the PHB's are blaming anything they can get their hands on because they would be covered in lawsuits if it came out.
Modern avionics systems have at least three different computer control circuits built into them which are self monitoring - not to mention other safeguards - I find it hard to believe that a groundside computer running windows of all things would be responsible for the *entire* maintenance and troubleshooting of an airlines fleet...
Fail is just piling up in this one..
The article mentions the cause of crash - they took off in the middle of summer without flaps and slats set. As aa result they could not achieve enough lift to get off the ground, and quickly ran out of runway, when they did try and lift off, they veered off to the side and crashed.
I believe from reading elsewhere that the horn which should alert pilots to an incorrect takeoff config had been disabled, therefore they were not alerted to the fact they had not lowered the flaps + slats. Having said that, their own checks should have picked this up, but in this case they didnt, and the backup system was disabled.
....there was a fault causing the air temperature probe for the autothrust system to read high. This fault was what caused the crew to return the aircraft to the stand. It was part of the power distribution panel that had a failed relay.
The high temperature reading (it affected the automatic thrust calculation for takeoff) was isolated by tripping a circuit breaker but while this masked the fault and allowed the thrust to be set manually, it did not cure the fault itself. The same fault also led to the takeoff configuration warning system thinking that it was in the air and hence when the power was advanced with the flaps and slats not selected it did not sound an alarm as it should have done.
The crew had retracted the flaps on the way back to the stand, but they did not re-run the before take off checklist and hence did not re-select the flaps and slats.
...was that they had a fault that effectively disabled their configuration warning so that when the thrust was increased to take off power the computer monitoring the flap positions did not sound an alarm.
The flaps were not re-extended because the check list for take off was not restarted on their second departure from the gate, hence they thought they had already extended the flaps and slats and did not remember retracting them due to all the interruptions from the maintenance engineers while they tried to get the apparent fault (auto thrust calculation not working) fixed.
Exactly right. The aircrew had the aircraft in "flight" mode, causing the first abort, and negating the warning horn for the flaps/slats. Then, the aircrew stated that the flap/slats were in the correct position, without checking the actual location of the flaps/slats on the wings. The aircrew successfully defeated three safety measures and then killed themselves (and their passengers).
The infection of the maintenance computer system has zip-all to do with this crash. It MAY have an impact in future mishaps, and should be investigated to determine what, if anything, needs to be done.
"Um, don't run windows on critical systems on an airplane? (semi-serious)"
I'm not semi-serious! Running Windows for something like this is madness, absolute madness. Normally for critical systems in something like an airplane (i.e. *actually* critical, not "mission critical" like "oh my E-Mail is mission critical"...), they don't even consider Linux reliable enough, and it's FAR more reliable than Windows. There are specialized OSes for this kind of thing, like Green Hills Integrity OS.
"Just reading this it looks as though the safety of the plane depended on a central computer. Surely a plane has a log book that pilots should look at."
RTFA please. There were 2 faults logged the previous day, apparently they wait until 3 faults before not permitting a plane to take off.
In my view though, there were 2 causes for this: 1) Pilot error, since they didn't check the flaps. 2) Gross negligence on McDonald Douglas' part. They can try to blame the maintenance guys if they want. I'd assume some PC got a trojan, then in transferred to a diagnostic "box" they plug into the plane periodicially, then from there to the plane. But when going from a "PC" to a tool or embedded system, one should simply not have to worry about trojans and viruses -- as a tool or embedded system they don't need the flexibility of a full PC so they should not run random executables. The on-plane computer should absolutely never haphazzardly run executables, it should be running a high-reliability real time OS. The diagnostic box should be running something more reliable too, and really the PC should too, but they are at least not flight critical.
It wasn't the plane's computer which had the malware. It was the *airline's* fault logging computer which had the problems and didn't flag up that there were now 3 faults logged.
Nothing to do with the plane's systems. And, I'd imagine that for something as critical as the flaps there would be an independent warning system which would have worked even with a total computer failure - even your car's mechanical systems function if the on-board electronics fail.
As somebody pointed out, read it again. It wasn't the airliner (that is plane's) central computer that was infected, but one of the Airline's. That is the central system the company used to track faults.
I'd be absolutely amazed if a critical flight control or logging system on the actual 'plane was infected. Such systems run bespoke, highly redundant hardware and software systems. General purpose operating systems, like Windows, are singularly unsuited (and unlicensed) for such use. Just about the only place you might find Windows running in a plane is (possibly) on the passenger entertainment systems which will be completely separate from the flight control systems.
@Henry Wertz 1
Your presumed second cause is misplaced. Nothing in the article summary ("RTFA please") suggests that there was any fault (much less trojan) in the _jet's_ on-board computer systems. Rereading carefully, the fault is placed with the _airline's_ central computer system that logs jet incidents:
"The airline's central computer which registered technical problems on planes was infected by Trojans at the time of the fatal crash and this resulted in a failure to raise an alarm over multiple problems with the plane"
The excerpt contains no reference to any possible infection scenario via plug-ins from maintenance diagnostic boxes. (Not that it's impossible--a speculated concern with latest on-board flight control systems entirely dependent upon computer controls--but it's not the infection mechanism described.)
If *you* RTFA, you'll see that the computer that was infected was not on the plane, but was the airline's central maintenance computer. It didn't flag cumulative previous faults logged on the plane. There is no suggestion that the onboard computer was infected, just that the onboard wetware didn't do the pre-flight checks properly.
Very scary, on the second anniversary of the accident a spanair plane going from Las palmas to Madrid (ie the same route in the opposite direction) had an engine explode in flight. Fortunately they managed to get to madrid on one engine.
Maintenance is obviously where a lot of cost cutting has gone on at Spanair, think I'll be paying a few extra euros to fly with someone else in future.
Wasn't Spanair owned by SAS at the time? a few years ago when the Q400 was having lots of gear collapses, all the aircraft with failures (or signs of imminant failures) were owned and maintained by SAS, no other operator's aircraft were affected. IIRC it was eventually found that SAS were not maintaining them properly (though they still junked the Q400 fleet and tried to blame the manufacturer)
"Modern avionics systems have at least three different computer control circuits built into them which are self monitoring - not to mention other safeguards - I find it hard to believe that a groundside computer running windows of all things would be responsible for the *entire* maintenance and troubleshooting of an airlines fleet..."
The aircraft itself certainly wasn't running Windows, but I certainly expect that the maintenance system does. Big fail there, folks.
I *do* hope that Lloyds increases their premiums enough that the PHBs see that getting serious about security (start with chucking Windows) is less expensive than the increased premiums. That's all the PHBs understand, so this is the way to get them to improve both safety and security.
it is clear from the number of SCADA-affecting viruses and trojans (Conficker comes to mind) that a change in tactics is called for, in the form of an international declaration that writing or distributing any malicious software targeted at these systems is classed as information terrorism.
At the very least it would free up more resources to deal with this threat, which has the potential to cause massive loss of life (think power grid shutdowns, etc) and cause untold long term harm to the fabric of society.
I'd also like to see the RIPA Act extended to increase the penalty where the "key" being withheld has to do with the control of botnets, to life without parole.
Its AC, Jim but not as we know it
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
