Cyber Senate Podcast
The Cyber Senate is a niche, high-value platform dedicated to bringing Operators of Essential Services together with global subject matter experts to address the challenges of evolving cyber threats to critical infrastructure. Our podcasts and conferences facilitate information sharing, they educate and inspire public and private sectors to work collectively to overcome barriers to their success. Our audience and guests consist of the most knowledgable high profile subject matter experts in the cybersecurity domain. The Cyber Senate is considered by our community as one of the few platforms "where conversations count." Our focus is on the quality of engagement; quality of guests and attendees, actionable intelligence and relationships that foster progress.
Cyber Senate Podcast
More Than Turbulence - Aviation Software Vulnerabilities & Exploitation Podcast with Cyber Senate and Chris Kubecka CEO of Hypasec
•
James Nesbitt and Chris Kubecka
•
Season 1
•
Episode 1
The Cyber Senate welcome special guest, Chris Kubeck, CEO of Hypasec, who will be speaking on our 3rd annual Aviation Cybersecurity Summit in London on November 5/th and 6th. www.aviationcybersec.com
Her presentation: More Than Turbulence- Aviation Software Vulnerabilities & Exploitation
- Introductions to the challenges of modern aviation and technology
- Maintenance and asset management
- FAA requirements and recalls
-Weaknesses in exposure of various parts databases
- Lack of required security testing by FAA on maintenance software
- Software utilized in a modern airframe
-Explanation of what types of software is in use on both planes and weight balancing
- Buffer overflows, the FAA requires memory checks to ensure they stay within hardware operating parameters. But, no full boundary checks.
- Explanation of current challenges: F35a has buffer overflow issues requiring a manual reboot of the flight computer, in-flight
- Gate logic doesn't equal good code or secure code: explanation of how the software is written whilst pointing out memory leaks, incompatibility with ease of patching unless substantial downtime (except the 787) and the lack of any security testing for any aviation software on a plane.
- Exposure of various airframe manufacturer systems.
- Exposure of various airport ticketing and maintenance systems