Aircraft and avionics systems have become increasingly sophisticated, connected, and technologically advanced. The intricacies associated with advanced technology, however, introduce complexity that makes it difficult to discern vulnerabilities that may exist due to underlying functionality, interconnections, associated subsystems and weaknesses in hardware/software. Such weaknesses may be exploited by threat actors using a variety of tactics, techniques, and procedures to deliver effects against aircraft and avionics systems. Although the safe and effective operation of aircraft are dependent on proper functionality of aircraft communications and avionics systems, there is not an effective means for the detection of cybersecurity threats that may impact safety of flight and operations.
QED Secure Solutions proposes a solution consisting of capabilities to support detection, identification and reporting of cyber-based attacks against avionics components. The dedicated capabilities include both stand-alone and distributed detection tools. Stand-alone components consist of embedded applications capable of profiling avionics systems at the operating system/firmware level and detecting changes to the established baseline, as an avionics system host-based attack identification capability. Distributed components consist of sensors and a centralized analysis engine that monitors critical avionics data buses for intrusion detection. The centralized analysis engine collects data captured by sensors and consolidates the data for synthesis, target identification, tactics development, attribution, and later data sharing with other platforms. In addition to detecting indicators of compromise, the analysis engine also collates collected data into standardized formats for off-board analysis.
Expected benefits and applications for NASA:
Expected applications extending beyond NASA: