Aviation and Digital Transformation
-
Innovation driving “big data”
-
Increased dependence on digital systems
-
Increasing connectivity interdependence across value chain
-
Analytics and business intelligence – better customer service/experience, security, efficiency and operations
-
Aviation changing from a…
centralized, proprietary, closed point-to-point system
⇩
decentralized, standards based, open IP based network
-
Networked IT (TCP/IP) replacing analog systems (for better or worse)
-
Avionics evolving from multiple discrete Line Replaceable Units (LRU) to few integrated Integrated Modular Avionics (IMA)
-
Implementing Controller Area Network (CAN) data buses – dramatically reduces wiring
-
Software Defined Radios (SDR) generally available – allows communication with aircraft
-
Systems were not designed to be used in an adversarial environment
-
Complex and expanding attack surface with additional vulnerabilities
-
Business aviation cyber attacks much greater than commercial aviation
-
High-dollar, time-sensitive market makes extracting payments easier
-
Increasing and complex accountability
-
Aviation cybersecurity market growing CAGR 11% (2019-24 - pre-COVID)*
Cybersecurity Developments
Not about cyber-kinetic risks
-
More nuisance (disruption) than safety risk
-
On-the-ground systems not as protected as in-flight
-
"Pilot-in-the-Loop" prevents errors
-
Financial risks - Non-operation, fines/penalties and lost customer reputation large
-
Cascading effects high due to sharing and interconnected systems
Motivations
-
Theft of financial or operational data – Stealing of assets or blackmail victims
-
Tracking of aircraft – Obtain competitive advantage by predicting business actions
-
Financial traders used aircraft movements to track potential deals and for insider trading
-
Other – Personal data/identity theft, political action, hactivist, financial gain, weakening competitor, cyber espionage and physical damage
Theoretical attacks
-
Eavesdropping – e.g. ACARS
-
DDoS / jamming – Disruption of any component
-
Masquerade - e.g. MITM attack on ATC messages
-
Replay attacks - e.g. CPDLC or ACARS
-
Message alteration - Delay, modify, redirect, forge any component
-
Disabling ground systems – e.g. ticketing, baggage, etc…
-
Control / remote hijacking – e.g. malware introduced onto aircraft via infected maintenance laptop
-
Spoofing – GPS information, flight plans
Aeronautical Telecommunication Network (ATN)
vs. OSI Layer
Let us help you with Aviation