Security News > 2022 > November > Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could

Eggheads show how network flaw could lead to NASA crew pod loss. Key word: Could
2022-11-15 23:45

A vulnerability in network technology widely used in space and aircraft could, if successfully exploited, have disastrous effects on those critical systems, according to academics.

In a study published today, boffins at the University of Michigan in the US, with some help from NASA, detailed the flaw and a technique to exploit it, which they dubbed PCspooF. Exploiting PCspooF can cause critical systems on a network to malfunction by disrupting their timing.

TTE allows critical, time-triggered network traffic - tightly synchronized, scheduled messages between important systems - to share the same switches and networks with non-critical traffic without disruption.

This type of design, which blends critical and non-critical device traffic on a single network, allows mission-critical systems to run on lower-cost networking hardware while preventing the two types of traffic from meddling with each other.

"Normally, no device besides a network switch is allowed to send this message, so in order to get the switch to forward our malicious message, we conducted electromagnetic interference into it over an Ethernet cable," explained Andrew Loveless, a U-M doctoral student in computer science and subject-matter expert at the NASA Johnson Space Center.

A successful attack can cause TTE devices to lose synchronization for up to a second, thus failing to forward "Tens" of time-triggered messages and causing critical systems to fail.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/11/15/pcspoof_tte_flaw/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Nasa 7 0 9 9 0 18