Security in Avionics Systems

There is a shift in the industry driving avionics manufactures to provide more interactive connectivity than they have had to in the past. The increasing threat of cyber security attacks in our communication systems is an increasing problem in our society and the avionics industry cannot ignore the fact that the threats are real and they must protect the systems from these attacks. Another element driving these concerns is the implementation of the FAA's NextGen or EASA's SESAR technologies which will require avionics vendors to replace their proprietary, relatively isolated embedded computer systems with information systems that interoperate and share data throughout FAA's/EASA's operations. In order to make the National Airspace (NAS) operate in the most efficient way all aircraft and ground systems will need to share information. The FAA and EASA have released standards to address these systems. This paper is only going to address aspects of security from a software perspective; more specifically, what an operating system and its environment should provide as a foundation for the security requirements. It is important to note that a generic solution to any security problem does not exist. Providing a complete security solution is the result of going through and addressing the airworthiness security process (AWSP).