Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Industry and governments are extremely sensitive even to the appearance of<br />
threats and vulnerabilities. A collapse of public confidence <strong>in</strong> civil aviation<br />
safety, and a failure to manage public expectation, may have serious and<br />
widespread economic and social consequences.” [14]<br />
These affects may be similar to the events follow<strong>in</strong>g the terrorist attacks on September 11, 2001.<br />
Ken Birman has noted that parallel network-centric evolutions are widespread throughout our<br />
society. He warns that<br />
“We’re poised to put air-traffic control, bank<strong>in</strong>g, military command-and-control,<br />
electronic medical records, and other vital systems <strong>in</strong>to the hands of a profoundly<br />
<strong>in</strong>secure, untrustworthy platform cobbled together from complex legacy software<br />
components.” [15]<br />
The potential scale of harm from a successful electronic attack aga<strong>in</strong>st elements with<strong>in</strong> a<br />
network-centric NAS system, <strong>in</strong>clud<strong>in</strong>g network-connected aircraft, is huge. Adversaries may<br />
be anonymous and range from <strong>in</strong>dividual recreational hackers to well-f<strong>in</strong>anced crim<strong>in</strong>al<br />
enterprises to well-organized, state-led <strong>in</strong>itiatives. To the extent that the NAS builds upon<br />
COTS technologies, the technology employed for electronic attacks will be simple, cheap, and<br />
widely available. Reliance upon advances <strong>in</strong> COTS technology creates an extremely fluid threat<br />
environment as historic security vulnerabilities are addressed and new vulnerabilities discovered<br />
[16]. Fortunately, lessons from <strong>in</strong>dustry (civilian) and military security processes and experience<br />
can be applied to the aviation <strong>in</strong>dustry.<br />
This report, therefore, exam<strong>in</strong>es the safety and security issues <strong>in</strong>troduced by networked <strong>LANs</strong> on<br />
aircraft. It seeks to adapt <strong>in</strong>dustry’s best system security eng<strong>in</strong>eer<strong>in</strong>g (SSE) practices to identify<br />
safety risks caused by aircraft networks. It identifies potential security threats and assesses<br />
evaluation criteria. It leverages best current <strong>in</strong>dustry and military practices. It proposes specific<br />
extensions to ARP 4751 and DO-178B processes to address network security threats and<br />
certification issues that arise from network<strong>in</strong>g airborne systems.<br />
2. OBJECTIVES AND APPROACH.<br />
The purpose of this report is to document evaluation criteria that can be used by certification<br />
authorities and <strong>in</strong>dustry to ensure that onboard networks will not negatively impact aircraft<br />
safety. The results will be used by the <strong>FAA</strong> as <strong>in</strong>put for development of policy, guidance, and<br />
regulations.<br />
This work is divided <strong>in</strong>to two phases. The first phase focused on the potential security risks of<br />
onboard networks that affect safety and explored issues and solutions to critical questions raised<br />
by the aviation <strong>in</strong>dustry as manufacturers consider us<strong>in</strong>g <strong>LANs</strong> <strong>in</strong> aircraft. Initial acceptance<br />
criteria for certify<strong>in</strong>g aircraft that use <strong>LANs</strong> is provided to help evaluators understand the safety<br />
and security issues and specific evidence needed to show that proposed designs and<br />
countermeasures are sufficient to ensure safety of flight.<br />
7