Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
9.3 USING PUBLIC IPs.<br />
The model and architecture presented <strong>in</strong> this study does not rely upon any unique IP address<strong>in</strong>g<br />
posture. The only IP requirements of the model are that<br />
• the nonenclaved devices with<strong>in</strong> the airplane (e.g., the airplane’s firewall, ASBR, etc.)<br />
need to be IP addressable by other airplane and NAS ground entities. The architecture<br />
simply does not care whether this is achieved by us<strong>in</strong>g public IP addresses, whether the<br />
entire aeronautical network uses the same common private address space, 35 or whether a<br />
comb<strong>in</strong>ation of private IP addresses and an airplane-local NAT is used.<br />
• the entities with<strong>in</strong> each VPN enclave must be addressed from the same IP address space.<br />
The architecture does not care whether this IP address space is public or private.<br />
The IETF community has had extensive <strong>in</strong>ternal discussions about whether private IP addresses<br />
are more secure than public IP addresses. While this rema<strong>in</strong>s a highly controversial topic, the<br />
majority’s position is that private addresses have no appreciable security benefit over public IP<br />
addresses. The most powerful argument <strong>in</strong> favor of us<strong>in</strong>g private IP addresses for security<br />
purposes is that because private addresses have no uniqueness property outside of their enclave,<br />
use of private addresses cloaks <strong>in</strong>ternal networks from external visibility and limits access. The<br />
force of this argument dim<strong>in</strong>ishes the more closely one exam<strong>in</strong>es the details for ma<strong>in</strong>ta<strong>in</strong><strong>in</strong>g<br />
private addresses with<strong>in</strong> public spheres.<br />
9.4 ELECTRONIC FLIGHT BAGS.<br />
AC 120-76A [8] provides guidance for the certification, airworth<strong>in</strong>ess, and operational approval<br />
of electronic flight bag (EFB) comput<strong>in</strong>g devices. EFB equipment refers to the replacement of<br />
historically report-based aviation data and calculations by onboard comput<strong>in</strong>g equipment (e.g.,<br />
auxiliary performance computers or laptop auxiliary performance computers) to assist aircraft<br />
operations. EFBs may also host new types of database <strong>in</strong>formation and applications. Three<br />
dist<strong>in</strong>ct classes of EFB hardware devices are def<strong>in</strong>ed accord<strong>in</strong>g to their relative <strong>in</strong>tegration with<br />
onboard resources such as electric power, data connectivity, and mount<strong>in</strong>g.<br />
• Class 1 hardware are portable COTS laptop or pen tablet computers with software<br />
applications that can <strong>in</strong>clude electronic documents, performance calculations and charts.<br />
Class 1 do not require certification, but they must be stowed for takeoff and land<strong>in</strong>g.<br />
These devices are mostly employed <strong>in</strong> tra<strong>in</strong><strong>in</strong>g and flight plann<strong>in</strong>g and for use with<br />
reference manuals and <strong>in</strong> performance calculations.<br />
• Class 2 hardware are semipermanent <strong>in</strong> that they can dock with a certified crashworthy<br />
mount, can be powered all of the time and can tap <strong>in</strong>to noncritical aircraft systems,<br />
allow<strong>in</strong>g for cab<strong>in</strong> video displays and aircraft health monitor<strong>in</strong>g and report<strong>in</strong>g, or l<strong>in</strong>ks to<br />
an onboard file server.<br />
35<br />
If the NAS does not use public IP addresses, then this alternative would mean that a NAT would be needed to<br />
provide airplane connectivity to non-NAS IP networks such as the Internet.<br />
125