Topics

•
The Transition of Aircraft Systems

•
The Difference Between Cyber Security in Aircraft
Systems and Information Technology (IT)

•
Potential Cyber Security Threats to Aircraft
Systems

•
FAA Aircraft Systems Cyber Security Activities
The Transition of Aircraft Systems
Aircraft systems are transitioning to complex integrated systems with
internal and external connectivity

------ ( Airplane B )"1 .---__ ( UAS

)
Traffic beacons Traffic beacons,
(ADS-B link) entertainment data

:�..--------.
(802, 1x
+ " link)

t'S
Wi
rPlane

Loadable software, health

data, IFE, EFB, etc.
Traffic beacons
I
Entertainment data
(802.1 x link)

I
(SATCOM or 802.1x link)

Airport X Ground Stations Airport Y

~ Third Party
Providers
Differentiating Cyber Security in Aircraft
Systems and IT Systems

• Tenants of Information Security

Prima fI
ry
aircraft ocus for
system
ntegrity - data has a complete or whole
s
structure

ailability -proportion of time a system is

a functioning condition
Differentiating Cyber Security within IT
and Aircraft Systems
AIRCRAFT!
SECURITY TOPIC INFORMATION TECHNOLOGY
CONTROL SYSTEMS
Host Application Broad Focus Narrow Focus

Determinism No Yes

Anti-virus Countermeasures Common & widely used Uncommon and can be difficult to deploy

Support Technology Lifetime 2 to 3 years Up to 20 years

Change Management/Patches Regular/scheduled Legacy based - unsuitable for modern

security - strategic scheduling

Time Critical Content Delays are usually accepted Critical due to safety

Availability Delays are usually accepted 24 x 7 x 365 x forever

Incident Response and Forensics Well defined and deployed (some regulatory Uncommon beyond system resumption,
requirements), extensive forensics possible no forensics beyond event re-creation

Cybersecurity Testing and Audit Can use widely available tools and methods Widely available tools and methods often
(methods) inappropriate or dangerous

Security Compliance e.g. SARBOX (Limited regulatory oversight) Limited - Issue Papers, Special
Conditions

Secure Systems Development Integral part of development process Traditionally not an integral part of
systems development

Security Testing/Audit Scheduled and mandated Occasional testing / audit for event
recreation
 Recognizing Potential Cyber Security
Threats
General IT Exploits Malicious Code
High Morphing
"Stealth"/Advanced
_·_·---a Scanning Techniques
_
......
•

Q) . BOTS
Denial of Service
C) c:: "
Zombies
"'C 0
.-
•

Q) ... Network Management Diagn �tics Distributed Attack Tools

-
co
� (J
.- Sweepers " WWW Attacks
0 ...
Back Doors Automated Probes/Scans
c:: en
.-
� · GUI
J': Disabling Audits
L- a. Packet Spoofing
Q) 0 Sniffers "
"'C CJ)
•

:::l ijacking Sessions

" . Attackers
L- � ""'"
...
(J Exploiting Known Vulnerabilities · """'- .
c:: -- . -- .
co Password Cracking .......
... .
"
.
...

« Self-Replicating Code
,
Password Guessing
Low
1980 1985 1990 1995 2000 2005 2012
Lipson, H. F., Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, Special Report CMS/SEI-2002-SR-009, November 2002, page 10.
Recognizing Potential Cyber Security
Threats
Exploits of Specific Systems
Automobiles
March 2011 - Research team hacks into cars through GM OnStar, Ford
Sync, and Bluetooth wireless interfaces

Industrial Control Systems

July 2010 - Stuxnet worm delivered to Programmable Logic Controller

Aviation
2009 - FAA Server Compromised
•
48,000 employee Name and Social Security numbers stolen

2008 - 800 Cyber Incident Alerts at ATO/ATC Facilities

•
Over 150 incidents not remediated

2007 - Virus Loaded into Thai Airways EFB

•
Virus disabled EFB and spread to other EFBs

2006 - Virus Spread to FAA's ATC Systems

•
FAA forced to shut down a portion of its ATe systems in Alaska

1997 - Hacker broke into a Bell Atlantic Computer System

•
FAA tower's main radio transmitter and another transmitter that activates runway lights

were shut down

Recognizing Potential Cyber Security
Threats
•
Today's Aircraft Systems - grouped into
domains

(0 Ale External Threat

Non-ATS Provider

o
Ale Internal Threat

Internal Connectivity

8 eNS/ATM Threat

Air Traffic Services Provider

FAA Aircraft Systems Cyber Security
Activities
•
Issue Papers/Special Conditions (e.g. A380, B787, B747-8,
A350, Gulfstream VI, BD-700-1A10, Bombardier DHC-8-40, ATR
42-500, numerous wireless connectivity for Internet access)

• Special Conditions

- May be issued when the current FAA regulations do not contain adequate or
appropriate safety standards for protection and security of aircraft systems.
- Contain the additional safety standards that the FAA Administrator considers
necessary to establish an equivalent level of safety.
- Are issued for specific airplane models.
- Address new or novel design features.
- Are published in the Federal Register for public comment
- FAA has published Special Conditions on security for airplane systems
FAA Aircraft Systems Cyber Security
Activities
•
RTCA SC-216 Aeronautical Systems Security
- 00-326 Airworthiness Security Process Specification published
(Security Risk Manag ement Process)

- ED-203 Airworthiness Security Methods and Considerations (how to)

planned for publication April 2013

- ED-204 Guidance for Instructions for Continued Airworthiness planned

for publication April 2013

•
Training
- Aircraft Systems Cyber Security Desig nated Eng ineering
Representative (DER) Seminar (first course g iven in March 2011)

- Aircraft Systems Cyber Security Awareness - Available in elMS

January 2012
FAA Aircraft Systems Cyber Security
Activities

FAA Aircraft Systems Cyber Security Plan

• The plan addresses topics such as

- Rulemaking
- The implementation of SC-216 products
- The development of FAA guidance (directives)
- The development of training
- Coordination and Collaboration of Industry and other
Government Agencies
- Research and Development
Questions?

;J
•