Addressing Cyber Security: Collaboration is the Key
Just as RTCA brings together competing companies to make aviation safer across the world, entities working to prevent cyber threats are coming together in partnership to address threats to aviation, says Jeff Troy, President, CEO of the Aviation Information Sharing and Analysis Center (AISAC), one of approximately 24 such organizations in the U.S.
“We bring together companies in the industry to share cyber threats, collaborate on incident response, secure networks, and share best practices to protect and defend networks and products,” says Troy. “This trusted community increases the speed at which companies can find threats, develop solutions, and secure the entire aviation eco-system.”
For example, threat data is gathered by intel analysts, who then pass this information along to network security architects (NSAs). The NSAs are then better equipped to design more secure infrastructure. Similarly, Product security experts look at best practices and make recommendations, such as increasing their engagement with cyber security researchers in the aviation field and by setting up a vulnerability disclosure program. Over the past several years, this outreach has led to several security design improvements of products.
Airport technology is also an important arena, as at airports many companies merge on single systems, such as common use ticketing kiosks. Other airports technology such as flight information display systems have also been hacked. Several airports have been hit with ransomware in the past two years.
To combat all of these threats, the Aviation ISAC has formed communities such as the threat actor working group, which tracks known bad actors and builds profiles that seek to understand intent and identifying characteristics of each attacker. This includes how the attackers break into systems and move around within systems. By working together the industry has built comprehensive profiles, says Troy, which help each company understand how best to respond to the attack. In some fraud cases, many companies have suffered a small attack, however we were able to bundle the cases together as we proved it was one common attack group and the total financial damages justified law enforcement resources to address the case.
While threats to cyber security will continue to occur and increase in their level of sophistication, Troy is optimistic the collaborative atmosphere of the industry and its government partners will keep the aviation industry resilient and operational.
“We’ve seen a lot of wins through this global collaboration,” said Troy. “As more trusted partners become a part of the Aviation ISAC community, the more effective we will become in discovering threats earlier, innovating on best practices and strengthening the cyber security of the global aviation network.”
Errata for Software Standards
The joint EUROCAE/RTCA Forum on Aeronautical Software (FAS) has been established to provide a forum for those involved in the development of aeronautical software to share experiences and good practices and to provide a platform for the exchange of information regarding subjects addressed in the “software document suite”, new and emerging technologies, development methodologies, interesting use cases and other topics related to aeronautical software and related technologies.
One of the tasks of the FAS is to review the standards in the software document suite and the group identified some issues to be corrected.
EUROCAE and RTCA have issued errata identified against ED-12C/DO-178C and the suite of supporting documents for developing software for aviation. The following RTCA documents have errata available in the RTCA Store https://my.rtca.org/nc__store:
DO-178C Software Considerations in Airborne Systems and Equipment Certification
DO-278A Software Integrity Assurance Considerations for Communication, Navigation, Surveillance and Air Traffic Management (CNS/ATM) Systems
DO-248C Supporting Information for DO-178C and DO-278A
DO-330 Software Tool Qualification Considerations
DO-331 Model Based Development & Verification Supplement
For more information see the FAS website at: https://www.rtca.org/sc-240/forum-for-aeronautical-software/
RTCA Hosts Webinar: Industry Harmonization on Guidance & Certification
Free Webinar, April 21, 1pm ET: Join panelists from GE Aviation, Boeing and others as we discuss the landscape of current guidance and certification work being done throughout the cybersecurity community. We’ll discuss how the aviation standards are harmonized among organizations both in the US and abroad and what these important documents are accomplishing. An inside look at upcoming document updates will be shared during this session to prepare you for what’s ahead. Join us for an interactive Q&A session with the panelists. Read more: https://www.rtca.org/events/virtual-events/
RTCA Welcomes New Member, Shift5
Shift5 is a transportation data company offering a hardware/software solution to unlock data from vehicle platforms (such as planes, trains, and tanks) to help fleet operators run smarter, safer, and with less risk from cyber attack. Shift5 customers employ this data to automate menial tasks, improve reliability and safety, and make smarter business decisions. https://www.shift5.io/
Check out this clip from RTCA President and CEO, Terry McVenes and Shift5 CEO, Josh Lospinoso, regarding his take on current cyber security challenges and what keeps him up at night!
See full interview here: https://www.youtube.com/watch?v=TAR2K0byd9o
SC-216, Aeronautical Information Systems Security
SC-216, chaired by David Pierce (GE Aviation), was established on June 26, 2007, in response to a request by Boeing to provide guidance for compliance with new Special Conditions for airplane systems information security.
Prior to 2007, existing aircraft system safety guidance did not specifically address airborne network and data security issues, which results in non-standardized and potentially inequitable agreements between the various applicants and the various regulatory agencies on an acceptable process and means of compliance for ensuring safe, secure and efficient aircraft network design and operations.
This SC brought aircraft manufacturers and systems designers, CNS/ATM systems designers and operators, airlines maintenance and operations personnel and government (primarily civil aviation authorities) to form a consensus and document guidance for security of aircraft systems.
SC-216 has produced three documents (along with three updates), to address these areas. These documents are DO-326A – Airworthiness Security Process Specification), DO-355A – Information Security Guidance for Continuing Airworthiness, and DO-356A – Airworthiness Security Methods and Considerations. The latest versions of these documents were developed jointly with EUROCAE Working Group 72 (WG-72) and have technically equivalent versions.
The joint collaboration is currently working on a new document to address gaps in current Security Event Management processes. This document will serve to provide clarification for use of existing processes and possible additional process steps related to cybersecurity activities related to the safety of the aircraft. Publication release is expected in mid-2021.
Additionally, they are working on a harmonized document equivalent for EUROCAE ED-201A – Aeronautical Information System Security (AISS) Framework Guidance, to provide direction for use of the other documents and the context of information system security in the National Airspace. As well as EUROCAE ER-013, Aeronautical Information System Security Glossary. This glossary will maintain common definitions for all the documents developed by the two groups. Both expected publications in late 2021.And a final effort, is a harmonized document equivalent for EUROCAE ED-205 – Process Standard for Security Certification/Declaration of Air Traffic Management/Air Navigation Services (ATM/ANS) Ground Systems. This effort will address cybersecurity for ground systems and is also expected to be published later this year.
The next joint meeting is scheduled for 7-11 June.
SC-224, Airport Security Access Control Systems
SC-224, led by Christer Wilkinson (AECOM Technology Solutions) and Alan Paterno (Transportation Security Administration), is preparing to release the “K” version DO-230, Standards for Airport Security Access Control System, for Final Review and Comment (FRAC). This document is a performance standard, not a technical specification or how to operate an airport. The document provides guidance on acquiring and designing such systems, testing and evaluating system performance, and operational requirements. These guidelines and standards are not regulatory in nature but represent the industry’s derived consensus on standards and provisions to be met in achieving consistency and interoperability in an airport access control environment.
This new version includes many updated sections to include Video Surveillance, Integration Systems, Credentialing, Biometrics, Procurement, and adding two sections on cybersecurity and facilitation. These many updates are due to the rapid evolution of the broad range of technologies inherent in a physical security system and the need for them to always work smoothly together as each technology evolves independently with differing capabilities over disparate timelines.
Of note, DO-230K will be dedicated to J. Leonard Wood, LTC (USA-Ret). Upon his retirement from the military (recognized as a Viet Nam hero), he began a civil airport career with the Maryland Aviation Administration, advancing to Associate Administrator – Operations. As a long-time aviation consultant, he designed airport security systems for 34 airports and 3 air carriers. He was one of the early participants in the development of DO-230 and was active in later version until recent years. Mr. Wood passed January 1, 2020.
The next meeting for SC-224 is set for April 29th for FRAC resolution. They are scheduled to present DO-230K to the Program Management Committee for publication this summer.
SC-240, Topics on Software Advancement
SC-240 and EUROCAE Working Group (WG) 117 are working hard to have their new Software Supplement ready for Open Consultation and Final Review and Comment before the end of 2021.
Established in March of 2020 by the RTCA Program Management Committee, SC-240 is tasked to complete two documents this year. Work by Sub Group (SG) 2 of the joint committee will create a new Software Supplement addressing Commercial-Off-The-Shelf (COTS) Software, Open Source Software, and the use of Service history. The new document will follow in the footsteps of DO-331/ED-218, Model Based Development & Verification Supplement, DO-332/ED-217, Object Oriented Technology and Related Techniques Supplement, and DO-333/ED-216, Formal Methods Supplement.
Led by Mark Lillis of Triumph Software Group and Patrick Serrot of the Thales Group, SG-2 meets every other week in working sessions to complete the new supplement. Both EASA and the FAA have welcomed the creation of this new document to expand the options available for assurance of aviation software.
The next plenary of SC-240 and WG-117 will take place May 16-18, 2021 and will be held virtually. Please see https://www.rtca.org/sc-240/ for more information.
For more information about RTCA Special Committees, click here.
Introduction to Formal Methods, taught by Jeff Joyce of CS Labs
This full-day training course provides an introduction to methods and software tools that can be used to produce verification results suitable for use in certification. Collectively known as “formal methods,” these methods and tools are based on elements of discrete mathematics such as symbolic logic and set theory.
A variety of different kinds of formal methods will be described in this training, including model-checking, theorem-proving, satisfiability solving, program verification and abstract interpretation. Software tools that support such methods will be demonstrated along with detailed examples. Participants will learn how to choose an appropriate kind of formal method for specific objectives, along with strategies for integrating the use of formal methods into the overall software development process.
Prior knowledge of formal methods is not necessary to benefit from this training course. However, it will be assumed that participants are familiar with the fundamental elements of a software development process such as the specification of system and software requirements, and requirements-based testing.
While designed for the airborne software industry, this training should also be of interest to individuals from other industries such as automotive and rail signaling where formal methods can also be used to specify, analyze and verify software functionality.
This training course complements the RTCA DO-333, Formal Methods: DO-178C Supplement training course by offering participants an opportunity to learn how to use formal methods, including enough “hands-on” knowledge to be able to repeat some of the examples demonstrated in this training using open source software tools.
All courses are set to take place in a virtual setting until further notice. See below for all upcoming training. Visit our training page for more detailed information.
DO-178C DAL D Systems – April 6-7
Introduction to Formal Methods – April 7
DO-333 – April 8
DO-160G – April 19, 2021
DO-254 – April 26, 2021
Airworthiness Security Certification – May 10
DO-178C/Supplements – June 21
email: training@rtca.org for more information