NASA’s work isn’t solely about space. Through a partnership with the University of Michigan, the agency uncovered a security vulnerability in networking technologies that could pose a threat to critical infrastructure, including energy generation systems. Now, they’re working with companies that use this technology to fix the problem.
Simulating an attack
The researchers deployed a test attack, called PCspooF, on a time-triggered ethernet system. TTE is a scalable networking technology for real-time communications that relies on timing and synchronization to separate data traffic and keep it flowing.
NASA adopted TTE for spacecraft communications, and it’s also used in sectors including aviation, industry, and energy generation such as wind turbines. It’s considered a secure way for mission-critical devices and less important devices to share the same network hardware, which improves efficiency and costs.
But the research team found that an intruder could launch a spoofing attack by sending fake messages to the system through an ethernet cable. Over time, the devices fall out of sync and cause time-sensitive information to be lost or delayed.
“Mixing critical systems and noncritical systems into [the] same networks for cost reasons makes sense, but at the same time you may end up being vulnerable to attacks,” said Baris Kasikci, assistant professor of computer science and engineering, in a U-M video.
They used real-life NASA equipment to run the simulated attack at Johnson Space Center, and it caused a simulated spacecraft to veer off course and miss its dock.
“Ultimately, this kind of vulnerability is impacting really important safety-critical components that we depend on and use daily,” Kasikci said. “It’s very important for me as a researcher to identify potential issues in the protocols that are used in these systems to make sure we can actually eliminate those issues and build safe and secure systems.”
The researchers say network fixes are possible to prevent an attack, but they come at a cost. On the upside, they say the vulnerabilities do not pose an immediate threat to TTE users or the public, but they are still serious and should be fixed.
Replacing the copper ethernet wires with fiber optic cables eliminates the risk of interference. Companies can also change their network layout so spoofed messages can’t access the same pathways as legitimate messages.
The vulnerability only occurs with devices hardwired to the network, so intruders cannot remotely breach the system. But that underscores the need to screen and trust employees as well as equipment suppliers and installers.
The research team already contacted major companies and organizations that use TTE, and many are implementing the fixes.