Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
General<br />
Threat<br />
Identifiers<br />
FAILURE<br />
DENIAL<br />
Access<br />
Control<br />
Passive<br />
Attack<br />
<strong>Aircraft</strong> Data Network Threats<br />
Safe state of the aircraft system could<br />
be compromised <strong>in</strong> the event of a<br />
security penetration<br />
<strong>Aircraft</strong> system resources exhausted<br />
due to denial of service attack, system<br />
error, malicious actions<br />
Individual other than an authorized<br />
user may ga<strong>in</strong> access to the aircraft<br />
system via phantom controller,<br />
masquerade or spoof<strong>in</strong>g system error or<br />
an attack for malicious purposes.<br />
Snoop<strong>in</strong>g or eavesdropp<strong>in</strong>g<br />
compromis<strong>in</strong>g security (misdirection).<br />
Design Flaws may lead to back door<br />
access.<br />
Aviation Infrastructure<br />
Mission and Operational<br />
Impact<br />
Access to the flight controls<br />
by unauthorized <strong>in</strong>dividuals<br />
affect<strong>in</strong>g safety<br />
Critical services disrupted by<br />
system overload or traffic<br />
jamm<strong>in</strong>g<br />
Unauthorized Access<br />
Unauthorized corruption or<br />
destruction of data caus<strong>in</strong>g<br />
unsafe flight conditions.<br />
Figure 7. Network Threat Mission and Operational Impact [22]<br />
Threat Targets<br />
<strong>Aircraft</strong> Operation<br />
Assets<br />
F<strong>in</strong>ancial<br />
Human<br />
Public Perception<br />
Threat Effects<br />
Serious degradation or loss of mission capability, airl<strong>in</strong>e<br />
is not able to perform its primary function<br />
Major damage to airl<strong>in</strong>e assets<br />
Major f<strong>in</strong>ancial loss<br />
Serious or catastrophic physical harm to <strong>in</strong>dividuals<br />
Total loss of confidence <strong>in</strong> air traffic by passengers,<br />
disclosure of security <strong>in</strong>formation<br />
Figure 8. Airborne Network Threat Targets [22]<br />
The subsequent sections describe technical mechanisms to mitigate these risks.<br />
4.1 DIFFERENT UNIVERSES: STAND-ALONE VERSUS NETWORKED.<br />
It is commonly recognized that the safety and security assurance properties of stand-alone<br />
systems are much more easily ascerta<strong>in</strong>ed than the assurance of systems with<strong>in</strong> networked<br />
environments. This difference is primarily due to the fact that the assurance of stand-alone<br />
entities is a function of the <strong>in</strong>herent design of that system itself. These <strong>in</strong>clude the repertoire of<br />
issues currently considered by DO-178B such as hardware and software design, <strong>in</strong>put-output,<br />
direct memory access, <strong>in</strong>terrupt and <strong>in</strong>terrupt process<strong>in</strong>g, design and development process<br />
controls, operat<strong>in</strong>g system (OS) issues, and security modes. The assurance of networked<br />
systems, by contrast, is a function of not only that system’s own <strong>in</strong>ternal design and processes,<br />
21