Tag Archives: Airbus

eEnabled Aircraft So Whats the Difference

An eEnabled aircraft is an aircraft that has one or more IT networks on board and requires a connection to a ground based network for its operation.

Both the A380 and B787 are classed as eEnabled aircraft and their respective airframers have heralded that eEnabled aircraft will provide opportunities for airlines to operate aircraft more effectively.

For this to become a reality, the main airline challenge is the successful uploading/downloading of aircraft information. This has to be carried out securely and with the confidence that information will be delivered without any external interference.

Consider the diagram’s below, traditionally aircraft security was contained physically on board with no major external interfaces. With the introduction of eEnabled aircraft, you can see this has opened up multiple channel’s of communications with several external IT networks, each having their own independent IT security.

This slideshow requires JavaScript.

IT Security and infrastructure are key to the successful operation of these new aircraft and for the first time, the regulatory meaning of  ‘Airworthiness’ now includes the IT networks involved in the servicing of the aircraft.

Assume one of these eEnabled channels had been proven to be weak. Potentially, because IT Security is only as strong as its weakest link, we could assume all communication channels had been compromised.

Airframers have put a lot of effort considering these types of scenarios and provde tools to protect the aircraft.  Airlines however have to consider not just the successful operation of new eEnabled aircraft but the wider protection of their existing IT network operations.

Related Links

About these ads

Leave a comment

Filed under Aviation

Did A Software Virus Contribute To Fatal Air Crash

Preliminary investigation into the 2008 crash of Spanair Flight 5022, released in August 2009 by the U.S. National Transportation Safety Board, states that the probable cause of the crash was the flight crew’s failure to ensure that the plane’s flaps and slats were extended for takeoff.

Its early days to be sure but from what is leaking out in the media ( Spanish newspaper El Pais) it being reported that malware may have been a contributed to the accident.

An internal Spanair report indicated that a central computer system used to monitor aircraft problems had been infected with malware, according to El Pais. The infected computer system, located at the airline’s HQ in Palma de Mallorca, failed to detect several technical problems with the airplane.

In a previous article ‘A Case For Aircraft Security’ I emphasised the importance of IT Security in the operation of modern aircraft. If the final investigation due later this year in December confirms that a trojan was a contributor to the accident it will draw attention to the more advanced software systems being used in the operation of the Boeing 787 and Airbus A380.

When it comes to ‘IT/Aircraft Security’ airlines are ultimately responsible and this event will have airlines around the world re-evaluating their operational processes. For those airlines flying or have orders for the B787 or A380 they must focus on this tragic event, even if malware took little or no part in the accident the fact that it is being considered, highlights what is possible as aircraft evolve into mobile ‘IT networks’.

1 Comment

Filed under Aviation

A Case For Aircraft Security

Comments on Connectivity crossover and the case for cockpit security’ do highlight an interesting debate on the subject of security for the new generation of eEnabled aircraft.

This is not the first discussion on the subject, as since the FAA Special Conditions No. 25-356-SC and 25-357-SC were published in Jan 08 a number of interesting debates have been triggered.

I have observed the many issues in this area for a number of years and here are some of my personal opinions.

With major airlines worldwide investing in a variety of IFE and connectivity solutions, keeping an ever-increasing techno aware passenger informed and entertained, is an important requirement for operators.

Retro- fitting of new IFE systems has been carried out successfully for many years … but todays newer IFE systems are introducing for the first time TCP/IP connectivity as an integral part of the aircraft and for airlines this introduced a new set of security risks and challenges.

Since the successful first flight of the 787 Dec 2009 and previous entry into service of the A380, Airline operational focus switched to the challenge of the new safe operation of eEnabled aircraft fleets, in particular Connectivity, Integration and Security. Airlines needed to understand the wider operational challenges of eEnablement.

One of the most obvious new challenges of eEnablement is the exposure of an airlines existing (in some cases substantial) ground based back office IT systems to what is essentially a hostile Aircraft environment.

Protecting both aircraft and ground based networks, became a operational requirement and airline operators of eEnabled Aircraft needed to be satisfied they had an appropriate IT architecture in place.

Companies with global business interests issue employees with network ready devices for connecting to back office systems from any worldwide location. They consider each other as hostile until successful authentication has been achieved.

Today’s eEnabled aircraft have the same requirement, but with one major exception, connected passenger devices could not be successfully authenticated and could never be trusted. Yet they will be connected to the operators onboard networks via WiFi, USB, RJ-45 etc. which in turn will have connections to the Airlines operational systems.

Airframer’s such as Airbus and Boeing are aware of the connectivity issues and have solutions to help control the different connectivity options. However given the potential complexity of an Airlines back office systems and operational processes, they do point out that integration and security are the operators responsibility and that any weakness may impact on an aircrafts airworthiness.

It is accepted by the aviation industry individuals and groups exist who have subversive agendas. These individuals (see diag) could be onboard the aircraft, at the airport, in fact, practically any location globally.

Q – Will the aircraft become a target for attack
A – Absolutely, the challenge exists. Airline security solutions will be tested.

Q – What if an attack succeeded.
A – Without doubt the impact to an Airlines safety and security would be brought into question and could subsequently impact the airlines Brand.

Q – Should IT networks be physically isolated onboard eEnabled aircraft.
A – Yes, this would help Airlines manage Connectivity, Integration and minimise the overall risk to the aircraft Security.

Leave a comment

Filed under Aviation

New Generation Aircraft Challenges

Over the last decade commercial aviation has been engaged in a major transition towards a ‘digital aircraft’. With the next generation of aircraft (A380, A350 & B787), the industry is moving towards the ‘connected aircraft’ or ‘eEnabled aircraft’ This evolution is propelled by the need for increased efficiency and interoperability at a reduced overall operational cost.

In the past, specialized avionic systems provided predictable interactions with the aircraft, the introduction of commercially available ‘off-the-shelf’ hardware and software components has expanded the scope for aircraft interactivity. To maintain the predictability and security of the aircraft, the new systems have safeguards built in, to interoperate without unintended consequences. The systems design and certification onboard the aircraft are handled by the airframe and equipment manufacturers.

However this new generation of eEnabled aircraft has extensive requirements for external interaction. Here lies the greatest challenges. Whether it is aircraft systems transferring data to a ground station, or a passenger in the aircraft accessing a service using the Internet, great care has to be taken to ensure that only legitimate communication or ‘information transfer’ is occurring.

Check this link out for an interesting debate by Bruce Schneier in this area.

Airlines must have the ability to identify individual components, to a high level of assurance, this is important for the security of the aircraft and its operating environment. This is also true for the identities of the people that interact within the aircraft environment, such as pilots, cabin crew, mechanics, and other airline employees. Additionally, it is important to verify the integrity and the origin of data (including software) loaded onto the aircraft.

Architectural design challenges faced by airlines, are to provide a secure, reliable, flexible and adaptable ground based IT environment that will grow with the business and its operational requirements.

As eEnabled aircraft are added to airline fleets verifying the integrity and origin of data flows will become an ever-increasing challenge for airlines. A particular problem for airlines that operate both Airbus and Boeing ‘connected aircraft’, would be, how to create common processes, workflows and data feeds for the different fleets, that will require updating in many different worldwide locations and communication channels.

This new aircraft evolution will bring lots of challenges and opportunities for airlines but providing the right ‘Network Architecture’ foundation will be key to supporting the airline operation of the next generation aircraft.

Leave a comment

Filed under Aircraft

Airbus A380 Simulator

September 2008 I visited Airbus in Toulouse France on a business trip, where I had the opportunity to fly in the A380 simulator. Now I should say upfront that my flying skills amount to zero and frankly this realistic experience confirmed why I should never consider flying as a career.

As luck would have it my captain on this journey was a pilot with many hours of flying under his belt … even if it was only a few feet above ground on this occasion.
What struck me was the joystick, how small it was for such a large aircraft, the slightest movement of the controls would send this 500-ton aircraft (OK much lighter simulator) off to the right or left.
When asked by the Airbus simulator manager to try and roll the aircraft (turn it upside down), I replied ‘you kidding me’, I needn’t have worried however, immediately the electronics assumed I had lost leave of my senses it automatically corrected itself …… Impressive…

4 Comments

Filed under Aircraft