22 mai 2020 | International, C4ISR, Sécurité
Remzi Seker May 22, 2020
With the expansion across the aviation industry of connectivity and computing services, cybersecurity has become ever more important. Connecting people, processes and assets creates new vulnerabilities and multiple attack points—from flight-critical avionics to passenger inflight entertainment networks and airline backend operations. Information about systems, protocols and technologies such as software-defined radio are now readily available well beyond the industry. Demand for greater efficiency meanwhile continues to increase connectivity and accelerate computerization within aviation infrastructure, including aircraft.
Fortunately, ongoing efforts to protect aircraft, airlines and passengers from cybersecurity threats have been largely unaffected by the global pandemic, suggesting an opportunity for the industry to ramp up cybersafety programs and training amid the current slowdown. The comprehensive, coordinated nature of aviation cybersecurity initiatives means committees have long carried out their work primarily through virtual meetings, so those efforts are able to continue in full swing. With slowdowns taking place in other areas, the industry can address cybersafety at a more rapid pace.
The aviation industry and its stakeholders have been working hard to tackle cybersecurity challenges comprehensively—from the supply chain and the maintenance of aircraft to operations. Such efforts remain essential so that cyberthreats affecting safety can be mitigated before they materialize, whether that happens during flight through physical access to a bus, by interfering with equipment through Wi-Fi or remotely disrupting operations.
The need to weigh cyberthreats according to their safety impact, a practice referred to as “cybersafety,” requires a different perspective than that of IT cybersecurity. Cybersafety differs from traditional IT cybersecurity because of the need for safety certification, which relies on guaranteeing a system's behavior, or “determinism.” This unique characteristic of aviation cybersafety means that solutions widely used across traditional computing systems may pose serious certification challenges. Imagine rolling out security patches for every avionics component on a commercial aircraft.
Tackling cybersafety challenges requires a coordinated, comprehensive, global effort. Multiple agencies are cooperating to establish much-needed standards. For example, the U.S. FAA and the European Union Aviation Safety Agency have been working with the RTCA and the European Organization for Civil Aviation Equipment to set harmonized cybersecurity standards.
Efforts to secure the aviation ecosystem also include dedicated committees such as the FAA's Aviation Rulemaking Advisory Committee Aircraft System Information Security/Protection working group. Similarly, the Aerospace Industries Association has established the Civil Aviation Cybersecurity Subcommittee.
In the U.S., the Aviation Cyber Initiative (ACI) is led by the Defense Department, Department of Homeland Security and FAA. The ACI includes experts representing government, defense, industry and academia who collaborate to tackle aviation cybersecurity threats. The Aviation Information Sharing and Analysis Center shares global threat intelligence among aviation companies.
Globally, the International Civil Aviation Organization (ICAO) leads this work. Its Trust Framework Study Group (TFSG) includes experts from the FAA, EASA, commercial industry and academia and has established three important working groups.
Academic institutions play a critical role in advancing cybersecurity research and training, too. Embry-Riddle Aeronautical University, for example, develops engineering solutions and provides degree, certification and training programs in aviation cybsersecurity. Faculty researchers contribute expertise to cyberdefense and preparedness efforts by serving on national and international committees and working groups and by organizing the annual Aero-Cybersecurity Symposium.
Aviation's impeccable safety culture positions it well to combat and defeat cybersafety risks. In the years ahead, the industry will need to invest in expanded education and training as well as research to secure high-assurance systems that can be updated with minimal impact on certification.
Computerization and Cyberphysical Systems
As computing becomes ever more affordable, functions that were traditionally implemented through hardware are now being realized through software, and inclusion of software has supported increased customization. Cyberphysical systems are designed to perform a set of functions with limited impact on the physical environment, such as temperature control, welding and parts assembly. One feature of cyberphysical systems is a failsafe property that involves shutting down—an approach that is clearly not desirable midflight.
Connectivity
Inexpensive and ubiquitously available computing, combined with advancements in networking, have accelerated the networking of devices. The Internet of Things concept does not require any form of certification or service-quality assurance, let alone any safety requirement or oversight. Rather than leveraging the Internet of Things, the aviation industry might consider using “networked wings” to underscore its safety commitment.
Remzi Seker is the associate provost for research at Embry-Riddle Aeronautical University.
The views expressed are not necessarily those of Aviation Week.
28 août 2023 | International, Aérospatial, C4ISR
“The software and hardware is stable,” U.S. Army Brig. Gen. Ed Barker said in an interview at TechNet Augusta. “I think we’re in pretty good shape.”
1 novembre 2023 | International, Aérospatial
Major U.S. airlines and aviation companies joined ethanol companies to send a letter to the Biden administration on Wednesday backing a regulatory change that would make it easier for sustainable aviation fuel (SAF) made from corn-based ethanol to qualify for federal subsidies.
11 mars 2020 | International, Terrestre
By: Christina Mackenzie PARIS – France's spectacular 72 percent jump in weapons' exports in the 2015-2019 period from five years prior is largely thanks to two companies: Dassault Aviation and Naval Group. The first of those companies sold Rafale fighters to Egypt, India and Qatar, while the second has become the most successful exporter of warships in the world — if one includes orders — selling submarines to Brazil and India, frigates to Malaysia and the United Arab Emirates, and mine-sweepers to Belgium and the Netherlands. A report released on March 9 by the Stockholm International Peace Research Institute notes that “French arms exports reached their highest level for any five-year period since 1990 and accounted for 7.9 percent of total global arms exports in 2015-19.” Diego Lopes Da Silva, a SIPRI researcher adds: “The French arms industry has benefited from the demand for arms in Egypt [which accounted for 26 percent of France's defense exports], Qatar and India [14 percent each].” Both politicians and defense industry leaders in France have understood that without exports they cannot afford to provide France's own armed forces with the most innovative and high-performing weapons. Furthermore, buying weapons from the United States brings red tape, including requirement for congressional authorization on all foreign military sales, which can delay the process and some argue shackle France's sovereignty. In the words of Hervé Guillou, the out-going CEO of Naval Group, “no European country can maintain the competitivity of its defense industry based on just its own domestic market.” https://www.defensenews.com/global/europe/2020/03/10/heres-whats-behind-frances-72-jump-in-weapons-exports/