FAA demands connectivity security for Boeing 787 control and information networks

Washington DC
Source:
This story is sourced from Pro
See more Pro news »

The US FAA will require Boeing to demonstrate that certain 787 flight critical domains – digital systems and networks that for the first time will be accessible externally via wireless and other links to airline operations and maintenance systems – cannot be tampered with.

“The architecture of the Boeing Model 787-8 computer systems and networks may allow access to external systems and networks, such as wireless airline operations and maintenance systems, satellite communications, electronic mail, the Internet, etc. On-board wired and wireless devices may also have access to parts of the airplane’s digital systems that provide flight critical functions,” says the FAA in a special conditions document published today. “These new connectivity capabilities may result in security vulnerabilities to the airplane’s critical systems.”

In order to “ensure the security, integrity, and availability” of critical systems, the FAA will require Boeing to demonstrate that unauthorized access to the hardware, software and databases of the aircraft control and airline information domains is not possible.

The regulator also wants Boeing to demonstrate that unauthorized access is not possible when field-loadable software applications and databases for those domains are electronically transmitted onto the aircraft from external sources.

Boeing’s network architecture for the 787 includes embedded software and electronics used for flight critical control and navigation systems, called the aircraft control domain, as well as for airline business and administrative support, known as the airline information domain.

Special conditions are issued when a new aircraft has “novel” or “unusual” design features “compared to the state of technology envisioned in the airworthiness standards for transport category airplanes,” FAA says.