Cybersecurity vulnerabilities are relatively new regarding airworthiness in comparison with those encountered in terrestrial networks. The latest generation of aircraft such as Boeing and Airbus have included onboard aircraft data networks, which, on the one hand, offer innovative and robust ways of communications but, on the other hand, also introduce cybersecurity vulnerabilities to avionic communications. If these vulnerabilities are exploited, they may lead to irreparable damage to the information system that may cause a catastrophic failure. With this in mind, protection to the onboard data network and the data links between the air and ground communication infrastructure are of paramount importance. This chapter focuses on defining the future avionics communication system security architecture with security risk assessment and risk mitigation. It identifies the security requirements that future avionics communication system needs to comply with.A risk analysis is carried out to identify security assets and their security perimeters, vulnerability points, threats and attacks, the impacts of such threats, and the risk levels of threats with reference to the target future avionics communication network architecture. According to the risk analysis, security countermeasures are identified, which leads to the target network security architecture design. The method in the identification of the target network security architecture primarily follows the guidelines specified in EUROCAE ED-202 and CESG IAS standards. The future avionics communication network security architecture is directly related to airworthiness security, which is defined as the protection of the airworthiness of an aircraft from information security threats. EUROCAE and ARINC define frameworks in assessing security threats and the risks that they impose on aircraft safety. Examples of security countermeasures to detect and prevent malicious attacks on information security will also be provided. This chapter mainly serves as a recommendation for defining security processes and their implementation concerning the target network architecture.
|Title of host publication
|Subtitle of host publication
|Foundations, principles, and applications
|Institution of Engineering and Technology
|Number of pages
|Published - 1 Jan 2021