This probably shows how much I travel though :-P
It would surprise me if such a device had a kernel panic.
The amount of oversight a avionics system must go through when writing code for it is unfathomable for a modern software engineer. I know it sounds "cool" to hack into an avionics system from the in flight entertainment, but the likelihood of that being possible is somewhere around zero if the plane got approved by the FAA to be in the air.
It's doing a TFTP download of an image from a local server (all using martian IP addresses) and booting WinCE.
I find the OP story a bit hard to believe though. When I lived in Toulouse I talked to folks at Airbus about telemetry and I'm near certain that there was plenty of downlinking of data possible from the Trent 900 engines from the QUICK Technology for Engine Health Management and GE has for years provided real-time engine data download via ACARS.
What would be worrying is a connection on the same network between entertainment and controls of any sort. I'd like to see a better sourced story on this, though.
However, back when there was a flap about the Dreamliner networking the FAA gave a long response: http://cryptome.info/faa010208.htm
In it there's the following argument from Airbus:
"AIRBUS Comment (b): Airbus stated that in the sentence ``The design shall prevent all inadvertent or malicious changes to, and all adverse impacts * * *'', the wording ``shall prevent ALL'' can be interpreted as a zero allowance. According to the commenter, demonstration of compliance with such a requirement during the entire life cycle of the aircraft is quite impossible because security threats evolve very rapidly. The only possible solution to such a requirement would be to physically segregate the Passenger Information and Entertainment Domain from the other domains. This would mean, for example, no shared resources like SATCOM (satellite communications), and no network connections. Airbus maintained that such a solution is not technically and operationally viable, saying that a minimum of communications is always necessary."
That appears to allow a network connection between flight and passenger systems. Frankly, I find that idea terrifying.
When I worked on the ground based GRID computing system for their initial system 10years ago the 4 engines on a 747 logged about 1Gb of data locally during a 10hr flight onto hard drives that were removed and copied locally on landing. The grid system was so that all the data didn't need to be shipped back to HQ unless it was needed - all the queries could be farmed out to all the places the engine had landed over it's life.
Now MUCH more data is captured and the engines have their own dedicated satelite link back to RR where there is a vast data center that can pull up second-second measurements of every parameter of an engine for it's 20-25 year life.
There is also a complex system that automatically spots any abnormalities - not just out of 'normal' spec, but looking at the history of that particular engine and other engines on that particular route/flight configuration - but I didn't work on that!
Better hope your SCADA engineers don't believe in security by obscurity or design by "That'll never happen".
So next time you find yourselves on the plane, bored - keep this in mind, try and reproduce :)
I tried to submit this and the followup article a while ago, but the domain was blacklisted by pg so the stories get autokilled.
