How safe is TCP/IP technology in Aircraft Network Architecture
New aircraft designs use TCP/IP technology for the main aircraft backbone, connecting flight-critical avionics and passenger information and entertainment systems in a manner that virtually makes the aircraft an airborne, interconnected network domain server. What are the implications? Are there or should there be security concerns? Don’t forget to provide details!
By implementing TCP/IP technology for the main aircraft backbone and connecting flight-critical avionics, passenger information and entertainment systems allowing the aircraft to become an interconnected network exposes the aircraft to new security challenges which could lead to system failures and can result in intentionally malicious attacks.
The interconnected system will allow access to external systems (wireless airline operations and maintenance systems), satellite communications, email, World Wide Web etc. There is also security issues regarding wireless devices that may gain access to the aircraft's DDBs which provides flight-critical functions.
To address security issues the Federal Aviation Agency (FAA) implemented a new Operations specification (OpSpec) D301, Aircraft Network Security Program (ANSP). All e-Enabled aircrafts must meet the requirements of the OpSpec to become operational. E-Enabled aircrafts are vulnerable to the misuse/attacks and include the following: 1. Infection of an aircraft system from Malware (Malicious software).2. An attacker can use on board wireless to access aircraft system interfaces.3. Denial of service of wireless interfaces, safety critical systems.4. Passive attacks eg. Eavesdropping and Traffic analysis5. Active attacks eg. Masquerading and Replay attack. Aircraft network threats can lead to operational failure which could cause systems failure and can result in hundreds of human fatalities.
To address security issues the Federal Aviation Agency (FAA) implemented a new Operations specification (OpSpec) D301, Aircraft Network Security Program (ANSP). All e-Enabled aircrafts must meet the requirements of the OpSpec to become operational. E-Enabled aircrafts are vulnerable to the misuse/attacks and include the following: 1. Infection of an aircraft system from Malware (Malicious software).2. An attacker can use on board wireless to access aircraft system interfaces.3. Denial of service of wireless interfaces, safety critical systems.4. Passive attacks eg. Eavesdropping and Traffic analysis5. Active attacks eg. Masquerading and Replay attack. Aircraft network threats can lead to operational failure which could cause systems failure and can result in hundreds of human fatalities.
Proper countermeasures needs to be implemented to provide security assurance which include the following:
1. Security Incident and Event Management (SIEM)
2. Security Log Management and review, alerting and validation.
3. Encryption of data. (Public Key Infrastructure – PKI) (Digital signatures)
4. Monitoring of security logs to identify Policy violations, fraudulent activity and Operational problems.
5. Physical Access Control – Limiting access to network data ports and hardware.
6. Proper security training of personnel – Vulnerability monitoring, Verify security settings, disable unauthorised network devices.
7. Up to date software. (Technology used for communication between controller and pilots are outdated) In conclusion, the implementation of the TCP/IP technology brings about freedom to passengers to use wireless device while 35000km above sea level but also brings about many risks as mentioned in a recent post the FBI is investigating whether Chris Roberts (IT expert) claims of hacking into the entertainment system of a passenger jet several times and manipulated the plane's engines during a flight is true.
1. Security Incident and Event Management (SIEM)
2. Security Log Management and review, alerting and validation.
3. Encryption of data. (Public Key Infrastructure – PKI) (Digital signatures)
4. Monitoring of security logs to identify Policy violations, fraudulent activity and Operational problems.
5. Physical Access Control – Limiting access to network data ports and hardware.
6. Proper security training of personnel – Vulnerability monitoring, Verify security settings, disable unauthorised network devices.
7. Up to date software. (Technology used for communication between controller and pilots are outdated) In conclusion, the implementation of the TCP/IP technology brings about freedom to passengers to use wireless device while 35000km above sea level but also brings about many risks as mentioned in a recent post the FBI is investigating whether Chris Roberts (IT expert) claims of hacking into the entertainment system of a passenger jet several times and manipulated the plane's engines during a flight is true.
Very well answered. I have found the answer very useful. Thanks for the post
ReplyDeletethis was helpful
ReplyDelete