Professional Documents
Culture Documents
Volpe/UK Communications and Electronics Security Group (CESG) EFB Project Objectives
Identify Security Threats to the EFB Environment using classic software techniques and tools
Define a repeatable process to associate security architectures within a systems functional model
Produce security related requirements from identified threats Produce commonly understood artifacts o Information Asset Characterization (FIPS 199) o Use Case and Mis-Use Case (UML2) o Risk Assessment (NIST 800-30)
Analysis Approach
Develop an EFB Reference Implementation as a basis of Threat Assessment
Transfer software and data via a digital authenticated point to point channel such as a VPN, Consider hostbased firewalls
AntiVirus and Integrity Checkers can verify the integrity of the platform. Signed Applications can ensure applications are authorized to operate on the platform.
Current Situation
Air Traffic Service Providers
Airline
C L O S E D
VHF / HF / SatCom
Airline Info Services Domain AirGround Network Interface Admin Functions Flight Support Cabin Support
P R I V A T E
Maintenance Support
Wireless LAN
Relatively Uncontrolled
P U B L I C
Broadband / Cellular
Passenger-Owned Devices
Passenger Use
Computers
Wireless Devices
Gaming Devices
Mission-critical aircraft systems have increased in complexity & bandwidth requirements, in some cases accessing the Internet
10
AviationSimNet is a distributed simulation bridging environment in that it allows dissimilar simulation environments to operate together in a single simulation domain. To accomplish this, AviationSimNet hosts voice and data communications that allow facilities to interoperate within the same domain. AviationSimNet is focused towards supporting real-time human-in-the-loop Air Traffic Management simulations which can include a wide range of simulation components.
11
Internet
Load & Balance Data Performance Calculation
Operations Sim
OPS Controller
Control Domain
Information Domain
Gatelink
TWLU
EFB
Passenger Domain
ANSS Operational Enclave
Aircraft Network
ANSS at WSU
12
Demonstration Scenario
Hacker
13
Contact Information
Kevin Harnett, Volpe Center Cyber Security Program Manger Email: kevin.harnett@dot.gov Email: Phone: 617-699-7086 Chris Riley, Volpe Center Cyber Security Researcher Email: riley@info-tools.com Email: Phone: 508-672-6032
14