Cyber Security Enhancements for a Safety-Critical Avionics Platform 2018-01-1940
Safety-critical software standards and processes for avionics software have facilitated the development and deployment of safety-critical software in avionics systems on many civil and military aircraft. Historically, these avionics systems have often been isolated from external security threats through physical isolation or air-gap security. The evolution of airborne networking, and increased network connectivity through satellite broadband to aircraft and the advent of the Internet of Things (IoT) means that avionics systems now need to be developed with both safety and security in mind. In this paper, we discuss the role of avionics security standards RTCA DO-326A, DO-355 and DO-356 and their impact on the development of safety-critical avionics systems, and their on-going assurance post deployment. In addition, we present a case study in relation to the security enhancement of an ARINC 653-compliant avionics software platform to address specific Confidentiality, Integrity and Availability requirements, and the implementation approach undertaken using Secure Boot, AES encryption, Digital Signature Verification and other techniques.
Arlen Baker, Paul Parkinson
Wind River Systems
Aerospace Systems and Technology Conference