Ansys’ vice-president & general manager systems and platform business unit, Eric Bantegnie explains why today’s companies require comprehensive cybersecurity to protect passengers who rely on aircraft every day.
Both commercial aircraft and small planes are vulnerable to hacking, according to recent US Department of Homeland Security reports. In response, the European Aviation Safety Agency will soon recommend new cybersecurity amendments, referring to RTCA DO-254A, DO-356A and DO-355, that outline acceptable means of compliance for safeguarding aircraft.
Modern aircraft have unprecedented connectivity, creating numerous vulnerabilities to cyberattack. The potential for attacks increases when wider access to aircraft systems also creates back doors for hackers to exploit.
These attacks range from introducing malicious code to hacking aircraft communication data links, making it a difficult job for engineering teams to identify and address vulnerabilities across every interface, control, and connection.
To overcome this challenge, companies require comprehensive cybersecurity analysis that verifies system-level security for aircraft, identifying vulnerabilities throughout its lifecycle to eliminate risks. This will ultimately help protect the public and business commuters who rely on aircraft every day.
Determining what to protect
Waiting to handle attacks after they occur could have disastrous consequences. However, preventing attacks remains no easy task as the sheer volume of digital components, software modules and interconnections that require protection overwhelms many aircraft electronics engineering teams.
Engineers continue to grapple with today’s traditional workflow tools which cannot find problems in the early stages of design, making security assessments a very labour-intensive and expensive task. This requires teams to fix security issues as late as the prototype stage — drastically stalling development and slowing the aircraft’s path to market.
Instead, modern engineers are using new model-based security analysis tools to systematically identify and address system vulnerabilities across electronics architectures early in the design phase. Standards for electronics in aerospace systems have been established by bodies such as the FAA and EASA for a number of years and all software-based aerospace systems must comply with documents such as DO-178C, DO-297 and DO-254 to prove their airworthiness. Consequently, by using a tool that models the requirements of the regulations and builds them into a workflow, systems engineers can minimise the risk of attack by deciphering every possible means of cyberattack and estimating both their impact and their probability.
This step-by-step approach reduces much of the manual analysis surrounding cybersecurity assessments, empowering small engineering teams to streamline and accelerate common cybersecurity assessment tasks, rapidly generate highly accurate results, and eliminate the chance of human error.
Remain vigilant to threats
With cybersecurity, what may be deemed secure today may not be secure tomorrow. The process of identifying threats, assessing risks and updating the assessment and when necessary, the design, continues across an aircraft’s lifetime — from development to operations and maintenance — as new threats will require continuous evaluation.
Tracking all the threats and assessing the likelihood of attack remains a significant challenge. Success requires teams to determine the public’s familiarity with a system, understand the latest attacker technologies for defeating security and accurately estimate the probability of those technologies breaching any given system. This will enable engineers to design cybersecurity countermeasures into the system from the start.
Therefore, many organisations are using threat analysis tools to perform systematic and repeatable risk analyses with a catalogue that records their vulnerabilities and known threats, reducing new system development time and keeping in-service aircraft safe. As these catalogues collect and store market intelligence, cybersecurity teams can analyse the different domains that experienced attacks, flow that data back into their cybersecurity assessments, derive new security requirements, update catalogues, and precisely reassess risk.
For example, after a catalogue publishes a new threat, an organisation may learn that one of its aircraft components remains vulnerable to attacks. The threat analysis tool then scans the architecture, deciphers which system any components are connected to, analyses the vulnerability, and advises teams on the risk level. Without that tool, organisations may fail to find all the systems that could be affected if a component gets hacked.
Right Levels of security
Aerospace engineers also need to ensure that cybersecurity operates at an optimal level. For example, engineering teams should neither underestimate actual risks — which may introduce new vulnerabilities — nor overengineer systems with extra security features that would make the system too expensive and too difficult to maintain or introduce new safety issues. Leveraging a model-based security analysis tool can provide this functionality to help ensure that aircraft are highly secure, satisfy key industry standards, increase profit margins, and decrease development time.
As modern aircraft become more complex and connected, and autonomous flight continues to evolve and accelerate, aerospace manufactures face more challenging considerations than ever before. However, by leveraging a model-driven approach, manufacturers can track and mitigate modern and historic threats and establish a means to balance risk and investment. This will spur the development of secure and therefore safe aircraft and help ensure significant revenue for years to come.