Back door for hackers? F-35 cyber weaknesses in the spotlight

Recent reports have highlighted how some of the F-35’s enabling systems could be vulnerable to hacking or other malicious activity, which could affect the operational availability of the aircraft. Grant Turnbull finds out more about the cyber vulnerabilities of the F-35’s logistics systems and asks what damage a cyberattack could do.

The next few years will see the F-35 enter service with several air forces, giving them a quantum leap in air power capabilities and an edge over peer threats such as Russia and China. The aircraft uses a host of sensors that gather data from the electromagnetic spectrum and, with powerful onboard computer processors, present it to the pilot in their advanced helmet-mounted display system and the cockpit’s large touch screen display.

This rich intelligence stream is also transferred to various nodes across the battlefield – including naval vessels, ground-based command centres, or other aircraft – using the latest communication and datalink technology.

The F-35’s next-generation logistics

Even the F-35’s logistics system – not the most exciting aspect of the Joint Strike Fighter – will be a first-of-its-kind capability, allowing operators from across the world to share key platform data and use over 60 apps to manage different areas including training, maintenance and the wider supply chain.

This is known as the Autonomic Logistics Information System (ALIS), effectively the fleet management “backbone” for the advanced fighter. “ALIS is integral to maintaining and operating F-35s,” says Lockheed Martin in accompanying literature. “It is a system-of-systems approach to fleet management that connects maintenance, supply chain and sustainment information into a single management tool to support all F-35 operations.”

“The F-35’s data will be stored in a centralised server located at each squadron, and then pushed to a centralised location.”

A big part of ALIS is assisting ground technicians in identifying problems with the aircraft, including preventative actions, and also pushing out software fixes where necessary. Normal practice will see a maintainer download the F-35’s data using a rugged laptop, to be stored in a centralised server located at each squadron, and then pushed to a centralised location known as a Central Point of Entry (CPE).

This data is then forwarded further to Lockheed Martin’s Autonomic Logistics Operating Unit (ALOU) in Fort Worth, Texas, where all F-35 data is stored.

Speaking in 2015, the officer in charge of the programme, Lieutenant General Chris Bogdan, noted that ALIS was now considered a “weapon system” and an integral part of the air system itself, rather than a support system, owing to its complexity and huge price tag.

F-35 cybersecurity: points of failure

A year later, however, the Government Accountability Office (GAO) highlighted ongoing security concerns among personnel using ALIS, especially when transferring data between classified and unclassified servers and how CPEs and the ALOU are single points of failure.

“The big concern about ALIS is that it is so interconnected and pulls data together from all F-35 users globally that there are lots of potential entry points for a would-be hacker to get in there,” says Douglas Barrie, senior fellow for military aerospace at the International Institute for Strategic Studies.

That concern has also been echoed by US officials working on the programme.

“It’s a software-based aircraft, and any software-based platform is going to be susceptible to hacking,” Brigadier General Stephen Jost, director of the Air Force F-35 Integration Office, told Defense News in November 2018. He noted that systems such as ALIS, as well as the Joint Reprogramming Environment, were “nodes of vulnerability” and that defenses had to be shored up.

“A malicious attack could disrupt maintenance periods if key software updates were not available or parts could not be ordered.”

In 2012, it was reported that a special team of US Navy hackers had managed to break into the advanced logistics system, prompting Lockheed to shore up its cyber defences for ALIS. Despite this, increasing cyber activity from countries such as China, North Korea and Russia means that concerns still persist over programmes that rely on a high degree of data sharing across various worldwide nodes.

A possible scenario for F-35 users is a malicious attack on one of those vulnerable nodes that, owing to the interconnection between ALIS and other systems, infects the wider international network. Hypothetically, it could disrupt maintenance periods if key software updates were not available or parts could not be ordered, meaning aircraft would be out of action for longer.

In 2017, US Marine Corps F-35Bs flying out of Yuma Air Station had to be temporarily grounded after “anomalies” were discovered in an ALIS software update. While the incident was not malicious, it did reveal the extent to which a corrupted version of ALIS could cripple the F-35 fleet. “On paper it’s a really good idea,” said Barrie. “But if it doesn’t work as well as it ought to, then you have an issue.”

Malware could also spoof systems to stealthily feed false information into ALIS, taking perfectly serviceable aircraft out of service. And as ALIS tracks so many parameters of the F-35, in a worst-case scenario, enemy hackers could syphon off critical performance data to use to their advantage. So while disabling a radar-evading F-35 in-flight would be near impossible, a rogue nation’s elite hacker unit could ground the jet before it even takes off.

Protecting the F-35 from an evolving cyber threat

In October 2018, the GAO highlighted in a report that the Department of Defense (DoD) faced mounting challenges in protecting its weapon systems from increasingly sophisticated cyberattacks. “Automation and connectivity are fundamental enablers of DoD’s modern military capabilities. However, they make weapon systems more vulnerable to cyberattacks,” said the GAO report.

“Nearly all major acquisition programs that were operationally tested between 2012 and 2017 had mission-critical cyber vulnerabilities that adversaries could compromise.”

In August 2018, Lockheed Martin was awarded a $26m contract for work on ALIS Security Architecture Phase III, which consists of the design, development, integration and test of the Sovereign Data Management (SDM) system. “This effort provides F-35 international partners the capability to review and block messages to prevent sovereign data loss. Additionally, the effort includes studies and recommendations to improve the security architecture of ALIS,” the DoD said in a statement.

“Lockheed Martin and the US DoD are likely in a constant unseen battle to ensure that the fortress is not breached.”

Another scenario theorised by analysts involves the US Government using the F-35’s enabling systems to “punish” a non-cooperative ally, potentially by withdrawing software upgrades or feeding information that would ground the entire fleet. That has become even more relevant as US-Turkey relations sour, despite the latter being a key partner on the F-35 programme and receiving its first aircraft in 2018.

Due to the project’s highly classified nature, it is impossible to say just how vulnerable the F-35’s sub-systems really are – Lockheed Martin and the US DoD are likely in a constant unseen battle to ensure that the fortress is not breached. “Both the military and industry have no doubt redoubled their efforts to look at this and ensure that the potential for any external mischief is absolutely minimised,” said Barrie.