Three key points from the document: 1. Aviation cybersecurity mandates from EASA and FAA are expected in the next two years, which will likely make current voluntary standards and guidelines into requirements for all new aircraft systems. 2. Connecting aircraft to the internet and wireless technologies introduces new cybersecurity vulnerabilities that standards aim to address, but legacy military systems present unique challenges due to older designs without connectivity in mind. 3. Adopting a "defense in depth" approach with layers of protection like secure boot and operating system hardening can help mitigate vulnerabilities in connected aircraft systems.

1.  
Business & GA (/category/business-ga), Commercial (/category/commercial), Connectivity (/category/connectivity), Embedded Avionics
(/category/embedded-avionics), IIOT (/category/iiot), IIOT Aerospace (/category/iiot-aerospace), Military (/category/military), Regulation
(/category/regulation), Unmanned (/category/unmanned)
Will Today’s Cybersecurity Guidelines and Standards Become Mandates
for Connected Aircraft Systems?
By Frank Wolfe (/author/fwolfe) | April 9, 2020
Send Feedback (/contact-us/)
connected aircraft (/?s=&facets[taxonomy_post_tag][]=connected+aircraft), connectivity (/?s=&facets[taxonomy_post_tag][]=connectivity), Cybersecurity (/?
s=&facets[taxonomy_post_tag][]=cybersecurity), standards (/?s=&facets[taxonomy_post_tag][]=standards)
     
Wind River says the singular architecture of its Helix Virtualization Platform for running embedded systems is more secure from cyber attack than the alternative of running each embedded system independently. EASA and FAA
cybersecurity mandates are likely to ramp up in the next two years. Photo: Wind River
Aviation cybersecurity mandates by the European Union Aviation Safety Agency (EASA) and the Federal Aviation Administration (FAA) are coming in the next two
years, according to participants in an Avionics International Apr. 7 webinar, Clearing the Skies of Cybersecurity Vulnerabilities from the Ground Up, .
(https://event.webcasts.com/viewer/event.jsp?ei=1285183&tp_key=f0641b3b03)
This year, EASA may adopt AMC 20-42 (NPA 2019-1) (https://www.easa.europa.eu/sites/default/ les/dfu/NPA%202019-01.pdf) that will link information
security guidelines to the high-level cyber standards of RTCA DO-326A or the EUROCAE ED-202 series.

2. Asked during the webinar how the avionics industry has thus far embraced airworthiness cybersecurity standards in RTCA DO-326A, 355 and 356, Alex Wilson,
the director of aerospace and defense at Wind River, said that cybersecurity standards "have been adopted slowly, but I think we’ll see a more rapid adoption
throughout this year and the coming year.”
"Currently, the standards are more voluntary or applied on a case by case basis on aircraft systems as they go into certi cation," he said. "These standards have
been around in embryonic form since the [Boeing] 787 [Dreamliner] rst went through its airworthiness process [a decade ago]."
Wilson predicted that "once we see those standards being mandated through rules and regulations, we’ll start to see a massive adoption and a requirement of all
new avionics systems to go through [these] standards."
Such mandates may spark, or re-ignite, the operational red teaming of aircraft cyber systems.
It has been unclear what the path forward is for cyber vulnerability testing of airliners in the United States after last month's decision by the Department of
Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to end the testing of a Boeing 757-200 (https://www.aviationtoday.com/wp-
admin/post.php?post=88111&action=edit) at the Federal Aviation Administration (FAA) William J. Hughes Technical Center in Atlantic City.
Cyber vulnerabilities are not the exclusive domain of commercial airliners, but also are faced by military and business aircraft and future urban air mobility
platforms and by diverse systems, such as onboard radar altimeters, Global Positioning System receivers, and military Identi cation Friend or Foe (IFF) systems.
Paul Hart, the chief technology of cer at Curtiss-Wright Defense Solutions, said that combat search and rescue helicopters can have up to 60 computers
onboard to run ight control processes, such as take-off and landing, and complex synthetic vision systems, while UAVs normally have less than 10 processors for
ight control and detect and avoid systems, and airliners "typically have more than 100 computing platforms."
While e-Enabled aircraft provide ight and cost advantages for operators, they also come with cybersecurity vulnerabilities.
“The obvious question is, 'Isn’t it just safer to separate from the Internet?'" Wilson asked at the start of his webinar presentation. "Why should we e-Enable and
connect our aircraft? There’s a whole list of reasons why we might want to do that. In this modern age, everyone is going through a process of digital
transformation, moving to more intelligent platforms, and that gives us huge bene ts in terms of operational ef ciency, the ability to implement new advanced
technologies, such as predictive maintenance so that we can reduce operational costs of our aircraft systems and allow us to update more ef ciently the aircraft
systems themselves, such as weather data on the aircraft and other data sources."
"That also allows us to increase the amount of revenue we’re getting from our passenger systems and provide a better passenger experience while we y," Wilson
said. "There are huge challenges when we look at aviation systems that are very different to those we see in the IT world. Within the IT world we tend to see
applications moving to the Cloud-based systems and moving very quickly with new updates daily and new features and functionality. The security standards
within the IT world are certainly not well suited to the aviation world so we need to think about how we manage that. Also, within the IT world we tend to see
systems being updated very rapidly compared to the update cycle that we see within our aircraft. So there are lots of challenges as we start to connect and
provide that Internet connectivity.”
(https://www.aviationtoday.com/wp-content/uploads/2020/04/screen-shot-2020-04-09-at-9-29-46-am.png)
These are the guidelines for cybersecurity associated with connected aircraft systems, which as of today, are not mandated by civil aviation authorities. Photo: Wind River
Indeed, while relatively isolated ACARS and VHF video data links and, more recently ADS-B (In) and ADS-B (Out) were the major features of aircraft electronics,
aircraft wireless connectivity has opened up a range of vulnerabilities, Hart said. Instead of leather ight bags with paper charts, aircrews now can carry aboard
Electronic Flight Bag (EFB) tablets and iPads that are able, through aircraft Wi-Fi, to obtain ight parameters to calculate take-off performance, for example.

3. Maintenance engineers can also connect wirelessly to avionics systems of ight line aircraft through laptop Portable Maintenance Aids (PMA) for troubleshooting
aircraft systems.
To update its cybersecurity policy as new threats emerge, Wind River uses the CIA Triad technique, which maps requirements against the three pillars of
cybersecurity: Con dentiality, sustaining data the privacy of data being transmitted and stored, such as map data; Integrity--the accuracy of data during and
after software updates, for example; and Availability for the uninterrupted ow of data, even in the face of common denial of service cyber attacks.
Want to hear more on aircraft connectivity applications? Check out the Global Connected Aircraft Podcast
(https://www.gcasummit.com/podcasts/), where Avionics editor-in-chief Woodrow Bellamy III interviews airlines and industry in uencers on
how they're applying connectivity solutions.
Michael Mehlberg, vice president of marketing at Star Lab, a Wind River subsidiary, said that Wind River has adopted a cybersecurity rst holistic approach
through an examination of how cyber components interact with one another and a "defense in depth" with layers of cyber protection. Linux-based embedded
systems, for example, while exible, also have vulnerabilities, which Wind River mitigates through such means as operating system-level hardening, Linux LSM
(Security-Enhanced Linux stacking), immutable deployment con gurations, and multiple le systems, such as the authentication and/or encryption of
applications, libraries, and data.
In addition, a secure boot process is a "massively important part of the cybersecurity process" to ensure no cyber intrusion happens while computer systems are
at rest.
"The security policy and con guration really has to be a combination of products, product features, advanced security features, professional services to provide
and mitigate a security assessment and add additional security where required and a combination of partnerships, for instance the Curtiss-Wright hardware with
the Wind River software, in order to implement a secure system," Wilson said.
The upcoming EASA and FAA mandates may have implications for military systems as well.
Cybersecurity for military aircraft and legacy platforms is "one of the classic challenges we face in not just aircraft systems, but all systems," Wilson said.
"A lot of these systems have really not been designed to be connected in the way we imagine, and so we are exposing them to more and more threats, as we start
to connect them to the Internet or even to any communications system," he said. "Adding a communications interface to an aircraft system or any system is really
starting to open that out to vulnerabilities that weren't planned into the system when it was originally designed. For any legacy platforms or military aircraft, you
have to think about what are the consequences of adding that connectivity."
"In some cases, they already have communication links," Wilson said. "We need to make sure that the communication links we are using have been secured in the
right way for deployment in the eld. We already know from experience that some very early unmanned aircraft systems that were deployed straight from the lab
in effect into operational scenarios were exposed to security issues that hadn't been taken into account."
"As we start to think about security more and more and start to implement security across all embedded systems, in fact all computer systems, and we become
more aware about how security operates, we need to gure out how we protect all of these types of systems," he said. "If you are going to connect a legacy
platform to the network, instantly that opens that vulnerability up and you should go through a security assessment to see what vulnerabilities you would need to
protect against through that data link. Are you using an encrypted data link, for example, to that system? Are you using secure boot on the data link to make sure
nothing can in ltrate it and get in? All those kinds of techniques, we would have to gure out how we implement that, and of course that is going to have a cost
effect on our systems."
Receive the latest avionics news right to your inbox
SIGN UP (/s
More On This Topic