Optimizing Cyber Security and Trusted Computing on Today’s Connected Military and Commercial Aircraft

Military & Aerospace Electronics

Published in Military & Aerospace Electronics

Bournemouth, England – The number of data communication links and interactions between an aircraft and the ground systems supporting it are ever-increasing. If not properly protected by taking trusted computing measures, every system, sensor, and module on the aircraft can create a potential vulnerability that unauthorized users can exploit to obtain confidential sensitive data or, worse, disrupt the safe operation of an aircraft.

Such threats are of paramount concern for all areas of aviation, including military aircraft and the increasingly top-of-mind unmanned aerial vehicle (UAV) market. Systems developers must safeguard the exchange of tactical information and the integrity of command and control links between ground stations and airborne platforms.

Designers also must incorporate additional cyber security features into avionics systems to minimize the number of different points at which an unauthorized user can input or extract data -- also known as the “attack surface."

The electronic connectivity onboard commercial or military aircraft includes wireless data links for downloading flight recorders or uploading terrain databases and navigation databases. On commercial aircraft, it also includes the networks within the aircraft that support passenger in-flight entertainment and passenger satellite communications (SATCOM) connectivity that enables passengers to surf the Internet while in-flight.

Today, it’s not uncommon for aircraft pilots to use tablet computers in the cockpit. These tablets, known as electronic flight bags, connect through a Wi-Fi receiver integrated into an avionics interface device in the cockpit. This connects to various avionics databuses to transfer data from the avionics systems to the tablet, which the pilot then uses to run applications like calculating takeoff V-speeds and load sheets.

Connectivity means potential targets of opportunity for malicious actors. There may be a computer hacker flying as a passenger, who has the duration of the flight in which to attempt access to the in-flight entertainment system, or more seriously, to the avionics interface device. There also may be a disgruntled airline employee with a valid pass and access to the aircraft and its equipment, who can operate inside the wire with no questions asked. The challenge is how to protect avionics against these sorts of vulnerabilities?

Protecting Data-at-Rest

Nearly every aircraft operating in controlled airspace today is equipped with a flight management system (FMS). This enables flight crews fly pre-programmed routes from an onboard database containing important information such as airspace structures, ground-based navigational beacons, and airport information like runways and taxiways. The database also contains the flight trajectories for standard instrument departures (SIDs) and standard arrival routings (STARS) that can fly the airplane automatically after takeoff and during approach.

The FMS typically updates every 28 days under the aeronautical information regulation and control (AIRAC) cycle. The database content comes from official state sources by service providers, but the ultimate responsibility of data integrity rests with the end-user.

FMS database updates typically are uploaded by USB memory stick as a line-maintenance function; the USB content having been downloaded from a secure website or FTP server. This crucial FMS data is stored in non-volatile memory and, if compromised, could prevent an aircraft from operating or landing safely. However, using authentication and encryption techniques, it is possible to guarantee to the end-user that the data flow from the FMS service provider to the onboard aeronautical database has not been violated.

Read the full article here