Safeware: system safety and computers
Safeware: system safety and computers
Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
Understanding PKI: Concepts, Standards, and Deployment Considerations
Understanding PKI: Concepts, Standards, and Deployment Considerations
Software Safety Certification: A Multidomain Problem
IEEE Software
From Security to Safety and Back
CSDA '98 Proceedings of the Conference on Computer Security, Dependability, and Assurance: From Needs to Solutions
FM '08 Proceedings of the 15th international symposium on Formal Methods
Formal Security Analysis of Electronic Software Distribution Systems
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Hi-index | 0.00 |
The general trend towards ubiquitous networking has reached the realm of airplanes. E-enabled airplanes with wired and wireless network interfaces offer a wide spectrum of network applications, in particular electronic distribution of software (EDS), and onboard collection and off-board retrieval of airplane health reports. On the other hand, airplane safety may be heavily dependent on the security of data transported in these applications. The FAA mandates safety regulations and policies for the design and development of airplane software to ensure continued airworthiness. However, data networks have well known security vulnerabilities that can be exploited by attackers to corrupt and/or inhibit the transmission of airplane assets, i.e. software and airplane generated data. The aviation community has recognized the need to address these security threats. This paper explores the role of information security in emerging information technology (IT) infrastructure for distribution of safety-critical and business-critical airplane software and data. We present our threat analysis with related security objectives and state functional and assurance requirements necessary to achieve the objectives, in the spirit of the well-established Common Criteria (CC) for IT security evaluation. The investigation leverages our involvement with FAA standardization efforts. We present security properties of a generic system for electronic distribution of airplane software, and show how the presence of those security properties enhances airplane safety.