Search Results

Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. ...Network security is a core component of the overall cyber-security and defense-in-depth capability for distributed architectures. Protection mechanism for information, interface and system integrity, communication availability, and data confidentiality are required for design of safe and secure integrated embedded infrastructure.

The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).

The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy. More than ever before, commercial aviation relies on information and communications technology.

SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing

Innovations in Mobility: Aerospace Digital Summitaerospace mobility leaders convene leverage cutting-edge technology, design, develop safety measures, integrate current regulations, suggest future policies, expand markets, diversify revenue streams.

SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing

SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing

The purpose of this document is to provide an industry standard for ACARS Message Security (AMS), which permits ACARS datalink messages to be exchanged between aircraft and ground systems in a secure, authenticated manner using a uniform security framework. The security framework described herein is based on open international standards that are adapted to the ACARS datalink communications environment.

Newer generations of aircraft in production and use today are equipped with security applications that rely on digital certificates. It is expected that future aircraft will use certificates for increasing numbers of applications. The purpose of this document is to provide guidance for key life-cycle management, which refers to the phases through which digital certificates and associated cryptographic keys progress, from creation through usage to retirement. The guidance is based on open international standards that are adapted to the aviation environment, recognizing that a typical commercial airplane has a long lifespan, its operational environment is highly complex and regulated, and multiple stakeholders operate ground-based systems that communicate with airplanes. Using a standardized and consistent key management approach, as proposed in this document, helps to reduce cost of design, implementation, and operation even across a heterogeneous fleet.

This document sets forth guidance for life-cycle management of public/private (i.e., asymmetric) keys that are used to secure interactions among systems.

This report sets forth guidance for IP-based onboard networks and systems residing in the Airline Information Services (AIS) and Passenger Information and Entertainment Services (PIES) Domains by establishing a common set of security related data elements and format(s) that are produced by aircraft systems, suitable for use by airline IT and/or avionic supplier analytical ground tools.

We describe how we apply the SAE AS 5506 Architecture and Analysis Design Language (AADL) [4] to reason about contextual and architectural concerns for cyber security. A system’s cyber security certification requires verification that the system’s cyber security mechanisms are correct, non-bypassable, and tamper-resistant. We can verify correctness by examining the mechanism itself, but verifying the other qualities requires us to examine the context in which that mechanism resides. Understanding that context and validating the system’s evolving design against that context is an objective for the Architecture Centric Virtual Integration Process (ACVIP), an AADL-based approach to model and detect system design defects before they become too costly to fix. We describe our work to apply AADL to assess non-bypassability and tamper-resistance. The results of our research - tool plugins for cyber security architectural validation - support system developers today in their ACVIP activities.

This standard sets forth the desired characteristics of a second-generation aviation Ku-band and Ka-band satellite communication (satcom) system intended for installation in all types of aircraft.

The purpose of this document is to provide recommended guidance and provisions for ACARS Message Security (AMS) key management. The key management framework described herein is based on open international standards that are adapted to the ACARS datalink communications environment.

The purpose of this document is to provide operational guidance for key life-cycle management, which refers to the phases through which digital certificates and associated cryptographic keys progress, from creation through usage to retirement. Additionally, this document provides implementation guidance for online certificate provisioning of aircraft systems. The scope includes both the onboard part (aircraft system) as well as the ground part (PKI provider and Ground Infrastructure). Consideration of both onboard and ground provides the benefit of security considerations being included in the process flow and chain of custody. Specifically, the management to and from the aircraft is defined within a workflow.

This document provides background and detailed technical information on existing methods to secure loadable software parts.

The purpose of this document is to facilitate an understanding of aircraft information security and to develop aircraft information security operational concepts. This common understanding is important since a number of subcommittees and working groups within the aeronautical industry are considering aircraft information security. This document also provides an aircraft information security process framework relating to airline operational needs that, when implemented by an airline and its suppliers, will enable the safe and secure dispatch of the aircraft in a timely manner. This framework facilitates development of cost-effective aircraft information security and provides a common language for understanding security needs.