Meeting the Information Needs of Aviation

For more information please contact:

Copyright © 2008-2016 Air Informatics® LLC

The e-Enabled airplane brings forward a new generation of digital, software intensive, and wirelessly enabled aircraft. This class of aircraft present a new management challenge - cyber security. To meet this challenge both the FAA and EASA now require the operators develop and maintain an Airplane Network Security Program. The Air Informatics LLC e-Enabled Airplane Network Security Program (e-Enabled ANSP®) is a comprehensive program that goes beyond regulatory compliance.

e-Enabled Airplane Network Security Program

Air Informatics® LLC directly address your regulatory and security challenges. We will develop e-Enabled ANSP® document, implement the program, conduct an assessment, identify the gaps, close those gaps and provide continuous surveillance and e-Enable Security® support. Our team includes those who developed the OEM airplane security guidelines, conducted the Red Team cyber security investigation of the airplane, built an OEM airplane cyber security penetration lab and have written FAA D301 OpSpec response documents. We have the direct knowledge, experience, certification and training to respond to FAA and CAA requirements, provide a robust Defense-in-Depth, multi-layered e-Enabled Aviation® Security (e-Enabled AvSec®) technology solution, including:

  1. FAA, EASA and CAA based e-Enabled Airplane Network Security Program (e-Enabled ANSP®) development, regulatory and certification response

  2. Effective Cryptographic, non-cryptographic, e-Enabled Digital Certificate, and e-Enabled PKI® development, distribution, storage, management and monitoring

  3. Full tracking, recording, auditing, security verification and validation

  4. e-Enabled Security Incident and Event Management (e-Enabled SIEM®) response, e-Enabled Security Log Management and review, alerting and administration

The Federal Aviation Agency has defined a National Policy (N8900.189) defining a new Operations specification (OpSpec) D301, Aircraft Network Security Program (ANSP), to support the operations o Next Generation (NextGen) e-Enabled Aircraft. When an airline operator intends to add an e-Enabled Aircraft to the fleet the requirements of the OpSpec must be met.

  1. New aircraft designs use TCP/IP technology for the main aircraft backbone, connecting flight-critical avionics and passenger information and entertainment systems in a manner that virtually makes the aircraft an airborne, interconnected network domain server.

  2. The architecture of this airborne network may allow access to external systems and networks, such as wireless airline operations and maintenance systems, satellite communications (SATCOM), email, the World Wide Web, etc. Onboard wired and wireless devices may also have access to portions of the aircraft’s DDBs that provide flight-critical functions.

  3. OpSpec D301 is necessary to verify that operators have the skills, tools, and procedures in place to accomplish the requirements of the manufacturer’s aircraft security document and the recommended best practices appropriate to their operations.

  4. The existing regulations did not anticipate this type of system architecture or electronic access to aircraft systems that provide flight-critical functions.

  5. The FAA Inspectors will ensure that their assigned operators address all of the special conditions or airworthiness limitations during compliance inspections prior to accepting delivery of e-Enabled aircraft.

  6. OpSpec D301 should be issued when the operator’s ANSP is authorized, and before placing the aircraft in service.

  7. The airline will implement all requirements of the manufacturer’s aircraft security document, along with the recommendations appropriate to its operations.

  8. The airline will establish an appropriate event recognition, response processes and e-Enabled Security® awareness training program.

The FAA requires, with regards to aircraft networks, including the associated hardware, software, and information that could impact the safety and continued airworthiness of the aircraft, the e-Enabeld ANSP® must be sufficiently comprehensive in scope and detail to:

  1. Ensure security protection sufficient to prevent access by unauthorized sources external to the aircraft.

  2. Ensure that security threats specific to the certificate holder’s operations are identified and assessed, and that risk mitigation strategies are implemented to ensure the continued airworthiness of the aircraft.

  3. Prevent inadvertent or malicious changes to the aircraft network, including those possibly caused by maintenance activity.

  4. Prevent unauthorized access from sources onboard the aircraft.