Search Results

SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing

SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing

The purpose of this document is to provide an industry standard for ACARS Message Security (AMS), which permits ACARS datalink messages to be exchanged between aircraft and ground systems in a secure, authenticated manner using a uniform security framework. The security framework described herein is based on open international standards that are adapted to the ACARS datalink communications environment.

Newer generations of aircraft in production and use today are equipped with security applications that rely on digital certificates. It is expected that future aircraft will use certificates for increasing numbers of applications. The purpose of this document is to provide guidance for key life-cycle management, which refers to the phases through which digital certificates and associated cryptographic keys progress, from creation through usage to retirement. The guidance is based on open international standards that are adapted to the aviation environment, recognizing that a typical commercial airplane has a long lifespan, its operational environment is highly complex and regulated, and multiple stakeholders operate ground-based systems that communicate with airplanes. Using a standardized and consistent key management approach, as proposed in this document, helps to reduce cost of design, implementation, and operation even across a heterogeneous fleet.

This document sets forth guidance for life-cycle management of public/private (i.e., asymmetric) keys that are used to secure interactions among systems.

This report sets forth guidance for IP-based onboard networks and systems residing in the Airline Information Services (AIS) and Passenger Information and Entertainment Services (PIES) Domains by establishing a common set of security related data elements and format(s) that are produced by aircraft systems, suitable for use by airline IT and/or avionic supplier analytical ground tools.

We describe how we apply the SAE AS 5506 Architecture and Analysis Design Language (AADL) [4] to reason about contextual and architectural concerns for cyber security. A system’s cyber security certification requires verification that the system’s cyber security mechanisms are correct, non-bypassable, and tamper-resistant. We can verify correctness by examining the mechanism itself, but verifying the other qualities requires us to examine the context in which that mechanism resides. Understanding that context and validating the system’s evolving design against that context is an objective for the Architecture Centric Virtual Integration Process (ACVIP), an AADL-based approach to model and detect system design defects before they become too costly to fix. We describe our work to apply AADL to assess non-bypassability and tamper-resistance. The results of our research - tool plugins for cyber security architectural validation - support system developers today in their ACVIP activities.

This standard sets forth the desired characteristics of a second-generation aviation Ku-band and Ka-band satellite communication (satcom) system intended for installation in all types of aircraft.

The purpose of this document is to provide recommended guidance and provisions for ACARS Message Security (AMS) key management. The key management framework described herein is based on open international standards that are adapted to the ACARS datalink communications environment.

The purpose of this document is to provide operational guidance for key life-cycle management, which refers to the phases through which digital certificates and associated cryptographic keys progress, from creation through usage to retirement. Additionally, this document provides implementation guidance for online certificate provisioning of aircraft systems. The scope includes both the onboard part (aircraft system) as well as the ground part (PKI provider and Ground Infrastructure). Consideration of both onboard and ground provides the benefit of security considerations being included in the process flow and chain of custody. Specifically, the management to and from the aircraft is defined within a workflow.

This document provides background and detailed technical information on existing methods to secure loadable software parts.

The purpose of this document is to facilitate an understanding of aircraft information security and to develop aircraft information security operational concepts. This common understanding is important since a number of subcommittees and working groups within the aeronautical industry are considering aircraft information security. This document also provides an aircraft information security process framework relating to airline operational needs that, when implemented by an airline and its suppliers, will enable the safe and secure dispatch of the aircraft in a timely manner. This framework facilitates development of cost-effective aircraft information security and provides a common language for understanding security needs.

Abstract Despite more and more rigorous defense mechanisms in place for cyber-physical systems, cybercriminals are increasingly attacking systems for benefits using a variety of means including malware, phishing, ransomware, and denial of service. Cyberattacks could not only cause significant economic loss but also disastrous consequences for individuals and organizations. Therefore, it is advantageous to detect and fix potential cyber vulnerabilities before the system is fielded. To this end, this article presents a language, VERDICT, and a novel framework, Cyber Vulnerability Analysis Framework (CyVAF) to (i) define cyber threats and mitigation defenses based on system properties, (ii) detect cyber vulnerabilities of system architecture automatically, and also (iii) suggest mitigation defenses. VERDICT is developed as an annex to the Architecture Analysis and Design Language (AADL) but can also be used independently.

This document defines a standard implementation for strong client authentication and encryption of Wi-Fi-based client connections to onboard Wireless LAN (WLAN) networks. WLAN networks may consist of multi-purpose inflight entertainment system networks operating in the Passenger Information and Entertainment System (PIES) domain, dedicated aircraft cabin wireless networks or localized Aircraft Integrated Data (AID) devices operating in the Aircraft Information Services (AIS) domain. The purpose of this document is to focus on the client devices requiring connections to these networks such as electronic flight bags, flight attendant mobile devices, onboard Internet of Things (IoT) devices, AID devices (acting as clients) and mobile maintenance devices. Passenger devices are not within the focus of this document.

Cyber security in the aviation industry, especially in relation to onboard aircraft systems, presents unique challenges in its implementation and management. The cyber threat model is constantly evolving and will continually present new and different challenges to the aircraft operator in responding to new cyber threats without either invoking a lengthy software update and re-certification process or limiting aircraft-to-ground communications to the threatened system or systems. This presentation discusses a number of system architectural options and developing technologies that could be considered to enhance the aircraft cyber protection and defensive capabilities of onboard systems as well as to minimize the effort associated with certification/re-certification. Some of these limit the aircraft?s vulnerabilities or in cyber terms, its ?threat surface?.

The aircraft lifecycle involves thousands of transactions and an enormous amount of data being exchanged across the stakeholders in the aircraft ecosystem. This data pertains to various aircraft life cycle stages such as design, manufacturing, certification, operations, maintenance, and disposal of the aircraft. All participants in the aerospace ecosystem want to leverage the data to deliver insight and add value to their customers through existing and new services while protecting their own intellectual property. The exchange of data between stakeholders in the ecosystem is involved and growing exponentially. This necessitates the need for standards on data interoperability to support efficient maintenance, logistics, operations, and design improvements for both commercial and military aircraft ecosystems. A digital thread defines an approach and a system which connects the data flows and represents a holistic view of an asset data across its lifecycle.

This brief User Guide recaps the content of the AS6518B UCS Architectural Model. The purpose of the UCS Architecture Model is to provide the authoritative source for other models and products within the UCS Architecture as shown in the AS6512B UCS Architecture: Architecture Description.

This Recommended Practice defines the technical requirements for a terrestrial-based PNT system to improve vehicle (e.g., unmanned, aerial, ground, maritime) positioning/navigation solutions and ensure critical infrastructure security, complementing GNSS technologies.

Facial recognition software (FRS) is a form of biometric security that detects a face, analyzes it, converts it to data, and then matches it with images in a database. This technology is currently being used in vehicles for safety and convenience features, such as detecting driver fatigue, ensuring ride share drivers are wearing a face covering, or unlocking the vehicle. Public transportation hubs can also use FRS to identify missing persons, intercept domestic terrorism, deter theft, and achieve other security initiatives. However, biometric data is sensitive and there are numerous remaining questions about how to implement and regulate FRS in a way that maximizes its safety and security potential while simultaneously ensuring individual’s right to privacy, data security, and technology-based equality.