Almost certain he said FADEC there. (Boeing's EEC is FADEC)

He also mentions hacking IntelliBus. IntelliBus is Boeing's proprietary networking protocol. This is from Boeing:



IntelliBus is a MIL-STD-1553B derivative databus developed by The Boeing Company with hopes that it would be used for automotive X-by-wire.

RE: EEC and the claim of controlling thrust via a pax seat hack...

• The CDS interface is a downlink from the EEC for cockpit indications only.
• The AT interface is an uplink from the thrust lever/autothrottle resolvers. They are not hackable.
• That leaves the FMS. AFIAK, there is no function in the FMS that controls the thrust of a single engine independent of the other.
• There area also 'interactive' ground maintenance modes that are not described here.

The threat is well-known to the FAA and manufacturers.

In 2009, the DOT published DOT/FAA/AR-09/27, DATA NETWORK EVALUATION CRITERIA REPORT, a two-year study on replacing design-specific PCI backplane architecture with commercial off-the-shelf (COTS) box-to-box networks.

EXECUTIVE SUMMARY
Databus and data network technology continues to play an ever-increasing role in aviation digital electronics architectures. The evolution of integrated modular aviation digital electronics architectures with multiple subsystem integration into single and redundant data networks is increasing the influence of the data network at the airframe level. The criticality of data networks has long been recognized in the avionics industry. This previously has led avionics manufacturers and aircraft original equipment manufacturers to design specific aerospace solutions to meet these requirements. However, the costs associated with such special-purpose designs run contrary to the current cost pressures on aviation digital electronics. In recent years, these cost challenges have led to the adoption of commercial off-the-shelf (COTS) data communication solutions for aviation digital electronics. Although attractive from a cost perspective, the adoption of COTS present issues, particularly as the complexity and increased leverage of technology continues to evolve. Subtleties in data network characteristics may escape the system designer and leave dependability holes. Allied with this trend is the emergence in the consumer marketplace of COTS labeled as “safety-critical COTS.” As industries face increasing safety requirements while maintaining low cost due to large volumes, they may develop low-cost, safety-critical data networks that could be applicable to aviation digital electronics. However, it is necessary to ensure that the technology is consistent with real-world requirements for safety-critical aviation digital electronics systems. This report covers a 2-year research effort aimed at creating evaluation criteria to be used in assessing the design of existing and new data networks for their applicability to safety-critical aviation digital electronics systems. This report contains a list of issues and evaluation criteria creat ed by these activities.

9. SECURITY. Historically, data communication security has not been an important issue in commercial aviation digital electronics. This began to change with the growing awareness and sensitivity relating to cyber security in the 1990s. Subsequent terrorist activities accelerated this awareness and sensitivity trend. At the same time, some developments in aviation digital electronics design have made aviation digital electronics systems more vulnerable. Higher levels of integration and more internetworking connectivity have increased the chances for entrance paths into critical aviation digital electronics functions. Possible gateways onto these paths include, but are not limited to radio frequency (RF) in the airplane (e.g., portable maintenance access terminals, cabin crew tablets), off-aircraft radio, external gatelink and maintenance ports (optical, RF), and passenger networks. The increasing use of COTS protocols and networking technologies (with their known weaknesses) has the potential of attracting attackers who are familiar with these weaknesses. With ever-increasing bandwidth of modern network technologies, there are also increasing pressures to fully utilize spare network capacity. Hence, the mixing of critical and noncritical end-systems and associated data on common network infrastructure is another increasing trend. A network should protect itself against security threats (e.g., denial of service attacks) and should not allow itself to be used as a means for supporting attacks against its clients. The ability of the network to suitably secure and authenticate private transmissions between different clients on the 68 network should also be evaluated, if such usage scenarios are also anticipated. Network firewall schemes should also be evaluated, especially if critical and open systems share the same network infrastructure. While it may be only “security through obscurity,” aviation digital electronics systems really are more secure when COTS is not used.

ARINC 664 and Avionics Full-Duplex Switched Ethernet (AFDX) is a data network family derived from Ethernet. AFDX uses replicated full-duplex communication channels and central switches. AFDX will serve as the avionics backbone on the Airbus A380 and has been chosen for the Boeing 787 as its central communication system.