Publication


Secure Network-Enabled Commercial Airplane Operations: IT Support Infrastructure Challenges

1st CEAS European Air and Space Conference 2007


Author(s): Richard Robinson, Krishna Sampigethaya, Mingyan Li, Scott Lintelman, Radha Poovendran, David von Oheimb
Year: 2007
Publisher: Council of the European Aerospace Societies
Editors:
Keywords:Airplane software, information technology, infrastructure, software engineering, safety, security, certification
Abstract: The next-generation commercial airplane models have networking facilities that enable onboard systems to communicate between themselves as well as with off- board systems. This new feature allows network applications to realize many benefits for airplane manufacturing, operations and maintenance processes. However, at the same time vulnerabilities are introduced that can threaten the onboard systems. Regulatory bodies such as the EASA and FAA recognize that the unprecedented network-enabled airplane model may impact long-established safety regulations and guidance. In this paper, we focus on securing a specific network application, i.e. the electronic distribution of airplane loadable software. The use of data networks provides opportunities for corruption of safety-critical and business- critical airplane software. The paper presents a security framework that we have proposed for identifying threats to the airplane software distribution, and mitigating them. Additionally, challenges to securing the distribution, and open problems in the security of network-enabled airplanes are discussed.


Copyright © 2007 Boeing, Siemens, and University of Washington
Preprint

BibTeX entry:

@inproceedings{CEAS-Boeing-Siemens-UW, author = {Richard Robinson and Krishna Sampigethaya and Mingyan Li and Scott Lintelman and Radha Poovendran and David von Oheimb}, title = {Secure Network-Enabled Commercial Airplane Operations: IT Support Infrastructure Challenges}, booktitle = {Proc. of the 1st International CEAS European Air and Space Conference}, publisher = {Council of the European Aerospace Societies}, year = 2007, note = {\url{http://ddvo.net/papers/CEAS07.html}}, abstract = { The next-generation commercial airplane models have networking facilities that enable onboard systems to communicate between themselves as well as with off- board systems. This new feature allows network applications to realize many benefits for airplane manufacturing, operations and maintenance processes. However, at the same time vulnerabilities are introduced that can threaten the onboard systems. Regulatory bodies such as the EASA and FAA recognize that the unprecedented network-enabled airplane model may impact long-established safety regulations and guidance. In this paper, we focus on securing a specific network application, i.e. the electronic distribution of airplane loadable software. The use of data networks provides opportunities for corruption of safety-critical and business- critical airplane software. The paper presents a security framework that we have proposed for identifying threats to the airplane software distribution, and mitigating them. Additionally, challenges to securing the distribution, and open problems in the security of network-enabled airplanes are discussed.} }