[145720] in cryptography@c2.net mail archive
Re: Fw: [IP] Malware kills 154
daemon@ATHENA.MIT.EDU (Thierry Moreau)
Mon Aug 23 17:06:53 2010
Date: Mon, 23 Aug 2010 17:17:56 -0400
From: Thierry Moreau <thierry.moreau@connotech.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
CC: cryptography@metzdowd.com, perry@piermont.com
In-Reply-To: <E1OnYg5-00052f-Nm@wintermute02.cs.auckland.ac.nz>
Peter Gutmann wrote:
> "Perry E. Metzger" <perry@piermont.com> forwards:
>
>> "Authorities investigating the 2008 crash of Spanair flight 5022
>> have discovered a central computer system used to monitor technical
>> problems in the aircraft was infected with malware...."
>>
>> http://www.msnbc.msn.com/id/38790670/ns/technology_and_science-security/?gt1=43001
>
> Sigh, yet another attempt to use the "dog ate my homework" of computer
> problems, if their fly-by-wire was Windows XP then they had bigger things to
> worry about than malware.
>
FYI, avionics firmware/software is subject to RTCA DO-178b certification
and fly-by-wire will inevitably require a "level A" certification which
is quite demanding (i mean *QUITE*DEMANDING*) for software development
process certification. There is no chance that an XP-based
application/system would ever meet even the lower certification levels
(but for the lowest one which corresponds to passenger entertainment
systems).
Commercial avionics certification looks like the most demanding among
industrial sectors requiring software certification (public
transportation, high energy incl. nuclear, medical devices, government
IT security in some countries, electronic payments, lottery and casino
systems).
--
- Thierry Moreau
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
