Abstract
The general trend towards ubiquitous networking has reached the realm of airplanes. E-enabled airplanes with wired and wireless network interfaces offer a wide spectrum of network applications, in particular electronic distribution of software (EDS), and onboard collection and off-board retrieval of airplane health reports. On the other hand, airplane safety may be heavily dependent on the security of data transported in these applications. The FAA mandates safety regulations and policies for the design and development of airplane software to ensure continued airworthiness. However, data networks have well known security vulnerabilities that can be exploited by attackers to corrupt and/or inhibit the transmission of airplane assets, i.e. software and airplane generated data. The aviation community has recognized the need to address these security threats. This paper explores the role of information security in emerging information technology (IT) infrastructure for distribution of safety-critical and business-critical airplane software and data. We present our threat analysis with related security objectives and state functional and assurance requirements necessary to achieve the objectives, in the spirit of the well-established Common Criteria (CC) for IT security evaluation. The investigation leverages our involvement with FAA standardization efforts. We present security properties of a generic system for electronic distribution of airplane software, and show how the presence of those security properties enhances airplane safety.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
DO-178B: Software Considerations in Airborne Systems and Equipment Certification. Radio Technical Commission for Aeronautics (RTCA) (1992)
Information Assurance Technical Framework, Release 3.1. US National Security Agency, http://www.iatf.net/framework_docs/version-3_1/
Common Criteria, http://www.commoncriteriaportal.org/
Federal Aviation Administration, 14 CFR Part 25, Special Conditions: Boeing Model 787–8 Airplane; Systems and Data Networks Security—Isolation or Protection from Unauthorized Passenger Domain Systems Access, [Docket No. NM364 Special Conditions No. 25–07–01–SC], Federal Register, vol. 72(71) (2007), http://edocket.access.gpo.gov/2007/pdf/E7-7065.pdf
Federal Aviation Administration, 14 CFR Part 25, Special Conditions: Boeing Model 787–8 Airplane; Systems and Data Networks Security—Protection of Airplane Systems and Data Networks From Unauthorized External Access, [Docket No. NM365 Special Conditions No. 25–07–02–SC], Federal Register, vol. 72(72) (2007), http://edocket.access.gpo.gov/2007/pdf/07-1838.pdf
Adams, C., Lloyd, S.: Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd edn. Addison-Wesley, Reading (2003)
Bird, G., Christensen, M., Lutz, D., Scandura, P.: Use of integrated vehicle health management in the field of commercial aviation. NASA ISHEM Forum (2005), http://ase.arc.nasa.gov/projects/ishem/Papers/Scandura_Aviation.pdf
Brostoff, S., Sasse, M.: Safe and sound: a safety-critical approach to security. In: ACM workshop on new security paradigms, pp. 41–50 (2001)
Ibrahim, L., Jarzombek, J., Ashford, M., Bate, R., Croll, P., Horn, M., LaBruyere, L., Wells, C.: Safety and Security Extensions for Integrated Capability Maturity Models, United States Federal Aviation Administration (2004), http://www.faa.gov/about/office_org/headquarters_offices/aio/ documents
Leveson, N.: Safeware: System Safety and Computers. Addison Wesley Longman, Reading, Massachusetts (1995)
Lintelman, S., Robinson, R., Li, M., von Oheimb, D., Sampigethaya, K., Poovendran, R.: Security Assurance for IT Infrastructure Supporting Airplane Production, Maintenance, and Operation. National Workshop on Aviation Software Systems (2006), http://chess.eecs.berkeley.edu/hcssas/papers/Lintelman-HCSS-Boeing-Position_092906_2.pdf
Pfitzmann, A.: Why Safety and Security should and will merge, Invited Talk. In: Heisel, M., Liggesmeyer, P., Wittmann, S. (eds.) SAFECOMP 2004. LNCS, vol. 3219, Springer, Heidelberg (2004)
Robinson, R., Li, M., Lintelman, S., Sampigethaya, K., Poovendran, R., von Oheimb, D., Bußer, J.: Impact of Public Key Enabled Applications on the Operation and Maintenance of Commercial Airplanes. In: AIAA Aviation Technology, Integration and Operations (ATIO) conference (to appear, 2007)
Robinson, R., von Oheimb, D., Li, M., Sampigethaya, K., Poovendran, R.: Security Specification for Distribution and Storage of Airplane-Loadable Software and Airplane-Generated Data, Protection Profile, Available upon request (2007)
Rodriguez-Dapena, P.: Software safety certification: a multidomain problem. IEEE Software 16(4), 31–38 (1999)
Stavridou, V., Dutertre, B.: From security to safety and back, Conference on Computer Security. Dependability and Assurance, 182–195 (1998)
Weaver, R.: The Safety of Software - Constructing and Assuring Arguments, DPhil Thesis, Department of Computer Science, University of York, UK (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Robinson, R. et al. (2007). Electronic Distribution of Airplane Software and the Impact of Information Security on Airplane Safety. In: Saglietti, F., Oster, N. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2007. Lecture Notes in Computer Science, vol 4680. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75101-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-75101-4_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75100-7
Online ISBN: 978-3-540-75101-4
eBook Packages: Computer ScienceComputer Science (R0)