Security Problems in operational navy systems, Industrial point of view

No ratings

Presented at HackLu 2011 by

Patrick Hebrard

Laurent Comte

Most of navy systems (on a battleship or navy base operational centre) integrate harware/software civilian technologies (PC windows, PC Linux, IP Network, IP Phones, WIFI, WEB server, SQL ) and as a consequence integrate also their vulnerabilities. With the increase of the risk level and because of these systems handle military devices (Radar, Electronic Warfare systems, Weapons, Missiles, Drones) the consequences of corruption could be very dangerous on both combat system (e.g. illicit weapon usage) and ship management system (e.g motors and navigation bare management system corruption). The specificities of a battleship at sea increase the problem complexity (updating of antivirus bases, security management SIEM). Another point is the difficulties the industry has to protect critical software against retro engineering, particularly for exportation under TOT requirements.