Published in Air Transport World, October 25, 2016
Republished by permission of Air Transport World
We are in an age of near-instantaneous data delivery that is colored by the increasing incidence and complexity of cyberattacks. So it is troubling—and you can cut the irony here with a knife—that the concern over air transport and business aviation digital security is preventing the development of processes and procedures that would enable us to work together more efficiently, secure our products more effectively, and make the work of hackers and cyberterrorists a lot more difficult.
This is a growing challenge for the aviation industry. Two overarching areas demand particular attention:
- We must fundamentally agree on a framework that spells out the shared responsibilities of suppliers, original equipment manufacturers (OEMs), and airlines for creating, delivering and maintaining aircraft digital security; and,
- We must evolve the three determiners of aviation digital security: how we assess risk, how we deliver software updates, and how we ensure software authenticity and integrity.
First, we must have an approved framework for delineating shared responsibilities. Just as OEMs have established responsibilities to demonstrate the safety of the aircraft to the certifying agency, we must follow a similar path so that digital security can respond appropriately in a dynamic environment driven by the speed of connectivity. This framework for shared responsibilities is crucial. Without it, we will not effectively address the following issue.
Second, we must evolve the three determiners of aviation digital security. Here is a high-level look at each:
How we assess risk
There is no question that the evolution of digital operations is progress. Yet, with this digital evolution, risk is introduced through the use of open systems, especially processes that use connectivity and internet-like connections that can be accessed by others. So this progress brings with it an environment that attracts new and more malicious digital threats. This means we, as an industry, are addressing more risks to secure information exchanges on and off of the aircraft.
However, suppliers, OEMs and airlines assess risk differently and have different processes for determining vulnerability. Because there is little commonality among these assessments, the process of determining and agreeing on the level of risk is inefficient and time intensive. As systems become more complex and cyberthreats become more sophisticated, this could lead to increased security vulnerabilities.
How we deliver software updates
Avionics system software may contain millions of lines of code. When this software is updated with new component features or fixes, the recertification is as rigorous as certifying the original software. Further, it can take a substantial amount of time to update all the aircraft in service.
We must become more nimble in delivering software updates in response to current and future threats. There are ways to simplify the recertification process without losing confidence in the integration of updated software. These processes and procedures should be explored in depth.
How we ensure software authenticity and integrity
Suppliers of software deliverables need to provide a consistent means for installers to validate their software’s authenticity and integrity; authenticity—ensuring the software comes from the supplier, and integrity—ensuring the software has not been modified since it was created. Historically, authenticity was assumed and integrity was assured by a simple cyclic redundancy check, methods that don’t hold up in a world of cyberthreats.
Today, digital signatures enable suppliers to ensure their software’s authenticity and integrity, but the usage and application of digital signatures is inconsistent in avionics systems. Chasing different implementations makes it inefficient for OEMs and operators to manage software delivery.
Despite these challenges it’s important to note that we are making progress. Industry partners and competitors alike are examining the process for delivering digital security more efficiently through the Digital Signature Working Group and the Aviation Information Sharing and Analysis Center. And just recently, the RTCA program-management committee (the Federal Aviation Administration’s top technical advisors), approved language making it clear that cybersecurity protections will be part of future standards used industrywide.
Chasing different implementations makes it inefficient for OEMs and operators to manage software delivery
This is welcome news because the aviation industry is not convinced that the government is doing everything it can and should do to ensure cybersecurity. At MRO Europe in October, Penton Research reported the results of its global Aviation Cybersecurity Study. Among other data and insights, the study confirmed that just 30 percent of aviation industry respondents agree that the government is doing enough to support the industry to keep aviation secure.
So while we are making progress, we have much more work to do.
If current mechanisms and government/industry groups are not appropriately tasked to successfully address the two overarching areas of concern, then our industry should stand up a new digital security task force. The risk of not addressing these issues to their full depth and breadth is worrisome. But, if we get it right, the result will be an aviation industry that works together more efficiently, secures our products more effectively, and makes the work of hackers and cyberterrorists a lot more difficult.
This is reason enough for us to embrace these challenges and move forward expeditiously toward solutions that better ensure aircraft digital security in a cyber-connected world. And, as a bonus, we may spend less time deciphering ironical headlines in industry commentaries.