* Posts by tangohead

2 publicly visible posts • joined 5 Mar 2020

Fancy that: Hacking airliner systems doesn't make them magically fall out of the sky

tangohead

Good point, though I should clarify that the first sentence is referring to the fact that in the paper, we did not argue whether pilots should be making cost based decisions either way. I mainly wanted to say that we were instead highlighting how the security of systems has consequences beyond the obvious ones.

I'm sure some airlines do have pilots factor this in, but it's not something we built into our analysis as it is hard to get reliable information on pilot performance review. Not to mention participants who would be happy to put their name to it!

tangohead

Hi - one of the authors here! Just want to clarify something on this as I think this is quite an important point.

The point about cost is a little bit more nuanced than that. We don't suggest that the cost should come into the pilot's decision at all. They should do what is safest in their judgement, and indeed our participants consistently did this.

We used cost in the paper as a way to explain why the kinds of disruption that these attacks cause actually matters - it's easy to write off attacks which don't have some kinetic effect as unimportant, but we believe this is not the case. The line of thinking is that sure, you can't straight up crash an aircraft with the GPWS attack, for example, but you might be able to force the pilot to cause missed approaches. In turn, this has a real economic cost which needs to be accounted for. This is a cost which you may be able to either preempt or remove if you come up with a way to safely mitigate the attack.

If you're interested in more of our analysis on this, we cover it quite extensively towards the end of our paper - or feel free to get in touch with one of us by email or on Twitter.