Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Aircraft</strong> network security is a systems issue. System development (ARP 4754), <strong>in</strong> conjunction<br />
with the system safety assessment process (ARP 4761), is responsible for def<strong>in</strong><strong>in</strong>g network<br />
accesses, vulnerabilities, detection, and protection requirements. Some of the vulnerabilities will<br />
be mitigated by limit<strong>in</strong>g and controll<strong>in</strong>g access by us<strong>in</strong>g hardware and software capabilities.<br />
Some identified vulnerabilities will be mitigated by monitor<strong>in</strong>g and detection capabilities. The<br />
security protection should be def<strong>in</strong>ed by the system and then by appropriate system requirements<br />
allocated to hardware, software, and hybrids. This study assumes that best current IA practice<br />
will be followed, <strong>in</strong>clud<strong>in</strong>g deployment of traditional IA security controls when appropriate.<br />
After implementation, these protections, mitigations, and monitor<strong>in</strong>g will also likely be verified<br />
and validated at the system level, as well. Consequently, aircraft network security is an ARP<br />
4754 issue.<br />
However, approv<strong>in</strong>g networked systems <strong>in</strong> some ways should be recognized as be<strong>in</strong>g a<br />
significant extension to ARP 4754. Networked systems differ from the current ARP 4754<br />
environment <strong>in</strong> several significant ways. Networked elements are systems that <strong>in</strong>clude all of the<br />
networks and their constituent elements and users to which the network is directly or <strong>in</strong>directly<br />
attached. <strong>Networks</strong> are therefore arbitrarily huge, and the many <strong>in</strong>terrelationships of the system<br />
items are often too subtle to discern. <strong>Networks</strong> are <strong>in</strong>herently complex systems <strong>in</strong> which every<br />
item <strong>in</strong> the network is <strong>in</strong>advertently <strong>in</strong>tegrated, regardless of whether those items share any<br />
common functional goal. Approval of networked entities must now also address possible<br />
network <strong>in</strong>teractions that occur dur<strong>in</strong>g, and result from, network attacks. The various networked<br />
elements potentially have a fate shar<strong>in</strong>g relationship with each other, because any compromised<br />
network entity theoretically can be used to attack other networked items or their shared network<br />
environment.<br />
Therefore, networked airborne LAN environments are <strong>in</strong>herently “highly <strong>in</strong>tegrated or complex<br />
aircraft systems,” with attributes that extend the complex relationships for which ARP 4754 was<br />
created. Section 4 and appendix A will <strong>in</strong>troduce some of the risks that characterize networked<br />
systems and underlie the follow<strong>in</strong>g observations:<br />
• In networked environments, ARP 4754 needs to be extended to consider each item with<strong>in</strong><br />
the LAN to be <strong>in</strong>tegrated, even if that item has no functional relationship with anyth<strong>in</strong>g<br />
else. For example,<br />
- If the LAN experiences a successful denial of service (DoS) attack, then each<br />
networked item <strong>in</strong> that LAN may potentially be unable to fulfill its function.<br />
Therefore, ARP 4754 must be extended <strong>in</strong> networked environments to ensure<br />
availability.<br />
- If an item <strong>in</strong> the LAN becomes hostilely compromised by an attacker, then it<br />
potentially can be used by that attacker to attack the network itself or other items<br />
on the LAN. Therefore, ARP 4754 must be extended <strong>in</strong> networked environments<br />
to address LAN and item <strong>in</strong>tegrity. To ensure LAN and item <strong>in</strong>tegrity, ARP 4754<br />
needs to be extended to require verifiably secure software <strong>in</strong>stallation procedures<br />
as well as mechanisms to ensure the cont<strong>in</strong>ued <strong>in</strong>tegrity of deployed items and<br />
systems.<br />
17