A team of researchers at the University of Michigan and NASA have discovered a major vulnerability in a networking technology called time-triggered ethernet (TTE), which is used in a range of critical infrastructures, including aircraft, energy generation systems, industrial control systems and spacecraft. The technology is designed to allow mission-critical devices and less important devices to coexist on the same network hardware, reducing costs and improving efficiency. However, the team’s new attack, called PCspooF, has exposed a weakness in the system that allows the two types of network traffic to interfere with each other.
In a demonstration using real NASA hardware, the team was able to introduce disruptive messages to the system using a small malicious device, causing a cascading effect that resulted in a simulated crewed capsule veering off course and missing its dock entirely. The attack works by emulating network switches and sending out fake synchronization messages, which are normally only sent by network switches. These messages keep network devices on a shared schedule, enabling the most important devices to communicate quickly. By introducing electromagnetic interference over an Ethernet cable, the team was able to send fake synchronization messages that disrupted the normal operation of the switch, causing the TTE devices to lose synchronization repeatedly and leading to time-sensitive messages being dropped or delayed.
While the researchers have suggested several ways to prevent the PCspooF attack, including replacing copper Ethernet with fiber optic cables or installing optical isolators between switches and untrusted devices, they have also stressed the importance of thoroughly testing network designs and protocols to ensure that they are resilient against attacks.