Professional Documents
Culture Documents
•
The Transition of Aircraft Systems
•
The Difference Between Cyber Security in Aircraft
Systems and Information Technology (IT)
•
Potential Cyber Security Threats to Aircraft
Systems
•
FAA Aircraft Systems Cyber Security Activities
The Transition of Aircraft Systems
Aircraft systems are transitioning to complex integrated systems with
internal and external connectivity
:�..--------.
(802, 1x
+ " link)
t'S
Wi
rPlane
I
(SATCOM or 802.1x link)
Determinism No Yes
Anti-virus Countermeasures Common & widely used Uncommon and can be difficult to deploy
Time Critical Content Delays are usually accepted Critical due to safety
Incident Response and Forensics Well defined and deployed (some regulatory Uncommon beyond system resumption,
requirements), extensive forensics possible no forensics beyond event re-creation
Cybersecurity Testing and Audit Can use widely available tools and methods Widely available tools and methods often
(methods) inappropriate or dangerous
Security Compliance e.g. SARBOX (Limited regulatory oversight) Limited - Issue Papers, Special
Conditions
Secure Systems Development Integral part of development process Traditionally not an integral part of
systems development
Security Testing/Audit Scheduled and mandated Occasional testing / audit for event
recreation
Recognizing Potential Cyber Security
Threats
General IT Exploits Malicious Code
High Morphing
"Stealth"/Advanced
_·_·---a Scanning Techniques
_
......
•
Q) . BOTS
Denial of Service
C) c:: "
Zombies
"'C 0
.-
•
« Self-Replicating Code
,
Password Guessing
Low
1980 1985 1990 1995 2000 2005 2012
Lipson, H. F., Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, Special Report CMS/SEI-2002-SR-009, November 2002, page 10.
Recognizing Potential Cyber Security
Threats
Exploits of Specific Systems
Automobiles
March 2011 - Research team hacks into cars through GM OnStar, Ford
Sync, and Bluetooth wireless interfaces
Aviation
2009 - FAA Server Compromised
•
48,000 employee Name and Social Security numbers stolen
o
Ale Internal Threat
Internal Connectivity
8 eNS/ATM Threat
• Special Conditions
- May be issued when the current FAA regulations do not contain adequate or
appropriate safety standards for protection and security of aircraft systems.
- Contain the additional safety standards that the FAA Administrator considers
necessary to establish an equivalent level of safety.
- Are issued for specific airplane models.
- Address new or novel design features.
- Are published in the Federal Register for public comment
- FAA has published Special Conditions on security for airplane systems
FAA Aircraft Systems Cyber Security
Activities
•
RTCA SC-216 Aeronautical Systems Security
- 00-326 Airworthiness Security Process Specification published
(Security Risk Manag ement Process)
•
Training
- Aircraft Systems Cyber Security Desig nated Eng ineering
Representative (DER) Seminar (first course g iven in March 2011)
- Rulemaking
- The implementation of SC-216 products
- The development of FAA guidance (directives)
- The development of training
- Coordination and Collaboration of Industry and other
Government Agencies
- Research and Development
Questions?
;J
•