Refine Your Search

Topic

Search Results

Viewing 1 to 14 of 14
Journal Article

The Missing Link: Aircraft Cybersecurity at the Operational Level

2020-07-25
Abstract Aircraft cybersecurity efforts have tended to focus at the strategic or tactical levels without a clear connection between the two. ...CSSEP’s process model postulates that security is best achieved by a balance of cybersecurity, cyber resiliency, defensibility, and recoverability and that control is best established by developing security constraints versus attempting to find every vulnerability. ...CSSEP identifies the major functions needed to do effective aircraft cybersecurity and provides a flexible framework as the “missing link” to connect the strategic and tactical levels of aircraft cybersecurity.
Training / Education

DO-326A and ED-202A An Introduction to the New and Mandatory Aviation Cyber-Security Essentials

2021-03-08
The international standards D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" are the cornerstones of the "DO-326/ED-202 Set" and they are the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber-security airworthiness certification, as of 2019. The "DO-326/ED-202 Set" also includes companion documents DO-356A/ED-203A: "Airworthiness Security Methods and Considerations" & DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness" (U.S. & Europe) and ED-201: "Aeronautical Information System Security (AISS) Framework Guidance" & ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems“ (Europe only).
Standard

Requirements for a COTS Assembly Management Plan

2020-08-03
CURRENT
EIA933C
This document applies to the development of Plans for integrating and managing COTS assemblies in electronic equipment and Systems for the commercial, military, and space markets; as well as other ADHP markets that wish to use this document. For purposes of this document, COTS assemblies are viewed as electronic assemblies such as printed wiring assemblies, relays, disk drives, LCD matrices, VME circuit cards, servers, printers, laptop computers, etc. There are many ways to categorize COTS assemblies1, including the following spectrum: At one end of the spectrum are COTS assemblies whose design, internal parts2, materials, configuration control, traceability, reliability, and qualification methods are at least partially controlled, or influenced, by ADHP customers (either individually or collectively). An example at this end of the spectrum is a VME circuit card assembly.
SAE MOBILUS Subscription

Wiley Cyber Security Collection Add-On

2018-03-23
As an annual subscription, the Wiley Cyber Security Collection Add-On is available for purchase along with one or both of the following: Wiley Aerospace Collection Wiley Automotive Collection The titles from the Wiley Cyber Security Collection are included in the SAE MOBILUS® eBook Package. Titles: Network Forensics Penetration Testing Essentials Security in Fixed and Wireless Networks, 2nd Edition The Network Security Test Lab: A Step-by-Step Guide Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition Computer Security Handbook, Set, 6th Edition Threat Modeling: Designing for Security Other available Wiley collections: Wiley SAE MOBILUS eBook Package Wiley Aerospace Collection Wiley Automotive Collection Wiley Computer Systems Collection Add-On (purchasable with the Wiley Aerospace Collection and/or the Wiley Automotive Collection)
Standard

Standard Best Practices for System Safety Program Development and Execution

2018-11-19
WIP
GEIASTD0010B
This document outlines a standard practice for conducting system safety. In some cases, these principles may be captured in other standards that apply to specific commodities such as commercial aircraft and automobiles. For example, those manufacturers that produce commercial aircraft should use SAE ARP4754 or SAE ARP4761 (see Section 2 below) to meet FAA or other regulatory agency system safety-related requirements. The system safety practice as defined herein provides a consistent means of evaluating identified risks. Mishap risk should be identified, evaluated, and mitigated to a level as low as reasonably practicable. The mishap risk should be accepted by the appropriate authority and comply with federal (and state, where applicable) laws and regulations, executive orders, treaties, and agreements. Program trade studies associated with mitigating mishap risk should consider total life cycle cost in any decision.
Research Report

Unsettled Topics in the Application of Satellite Navigation to Air Traffic Management

2020-05-27
EPR2020010
Contemporary air traffic management (ATM) challenges are both (1) acute and (2) growing at rates far outpacing established ways for absorbing technological innovation. Lack of timely response will guarantee failure to meet demands. Immediately that creates a necessity to identify means of coping and judging new technologies based on possible speed of adoption. Paralleling the challenges are developments in capability, both recent and decades old. Some steps (e.g., Global Positioning System (GPS) backup) are well known and, in fact, should have progressed further long ago. Others (e.g., sharing raw measurements instead of position fixes) are equally well known and, if followed by further flight tests initiated (and successful) years ago, would have produced a wealth of in-flight experience by now if development had continued. Other possibilities (e.g., automated pilot override) are much less common and are considered largely experimental.
Article

SAE International anti-counterfeit standards integral to obsolescence management

2018-07-25
Counterfeit parts prevention is integral to an effective obsolescence management plan, and the focus of anti-counterfeit standards – including Counterfeit Avoidance Standard (AS5553) and Counterfeit Detection Standard (AS6081) – from SAE International in Warrendale, Pa. SAE International officials are bringing the anti-counterfeit discussion and sharing best practices, which include adherence to critical standards, to the Future of Obsolescence Management (FOM) event on October 10 and 11 in Washington.
Article

Nvidia partners with AdaCore to secure self-driving firmware

2019-02-14
As mobility software becomes increasingly complex and connected, so does the risk of human error and system safety. To combat this, New York-based software company AdaCore will work with Nvidia Corporation of Santa Clara, California to apply open-source Ada and SPARK programming languages for select software security firmware elements in highly-complex, safety-critical systems like Nvidia’s DRIVE AGX automated and autonomous vehicle solutions.
Book

Commercial Aviation Cyber Security: Current State and Essential Reading

2016-12-31
In the next decade, commercial aviation will see Next Generation ATM (NextGEN), Single European Skies ATM Research (SESAR), and others utilizing Internet- based air-to-ground communication links for advanced “air traffic control” (ATC) communications. Commercial Aviation Cyber Security: Current State and Essential Reading highlights some of the major issues the industry must confront if the vision of a new, advanced air traffic management is to come to fruition. This will require standardization work to identify key components with built-in cyber security that will guide prototype testing, functionality, and prioritizing implementation efforts to solve the roadblocks to global interoperability. The ten technical papers selected for Commercial Aviation Cyber Security: Current State and Essential Reading span the last decade’s work in commercial aviation cyber security, and aircraft cyber technologies.
X