The aerospace industry is planning to set up defences against security threats to communications, datalinks, and onboard avionic systems such as electronic flight bags (EFB), says the European Organisation for Civil Aviation Equipment (EUROCAE).
Action has been spurred by the increased use of Ethernet and internet protocols (IP), says the organisation.
International standards-setting body the Airlines Electronic Engineering Committee (AEEC) is sponsoring a working group to assess the nature of the threats and produce guidelines for protecting specific equipment or networks against “acts of unlawful interference” as defined by the International Civil Aviation Organisation, says EUROCAE. Apart from the increasing use of Ethernet and IP, EUROCAE says emerging areas of risk include:
■ Increased use of air/ground datalink technologies for communications by passengers, airlines and air traffic control;
■ more general use of data and software transfer using networks on aircraft and between ground sites for production, delivery, maintenance or update purposes;
■ the multiplication of software viruses and hacker attacks, plus the search for confidential data through interconnected networks.
Two areas have been identified for attention by the working group: the development of solutions specific to a product, and the need for a total systems-level analysis of security requirements as well as interdependencies. EUROCAE says there is awareness in the industry of a need to address these issues, and in some product areas such as EFBs, datalinks and passenger internet access, manufacturers are now implementing degrees of protection.
There are priority levels that depend on whether safety can be threatened, confidentiality lost or compromised, or business systems – such as passenger handling at airports – can be made to fail.