Title: Design Approach for Secure Networks to Introduce Data Analytics within the Aircraft Cabin SAE International Journal of Advances and Current Practices in Mobility
Written by: Hintze, Hartmut and Giertzsch, Fabian and God, Ralf
in: 2020
Volume: Number:
on pages:
Publisher: SAE International
how published:
DOI: 10.4271/2019-01-1853

[doi] [www] [BibTex]


Abstract: In the past, aircraft network design did not demand for information security considerations. The aircraft systems were simple, obscure, proprietary and, most importantly for security, the systems have been either physically isolated or they have been connected by directed communication links. The union of the aircraft systems thus formed a federated network. These properties are in sharp contrast with today’s system designs, which rest upon platform-based solutions with shared resources being interconnected by a massively meshed and shared communication network. The resulting connectivity and the high number of interfaces require an in-depth security analysis as the systems also provide functions that are required for the safe operation of the aircraft. This network design evolution, however, resulted in an iterative and continuous adaption of existing network solutions as these have not been developed from scratch. Now, with the upcoming trend of data analytics and artificial intelligence applications, which demand for an extensive availability of data, holistic aircraft cabin networks are necessary to satisfy the associated requirements. For the development of such networks this paper proposes a novel design approach that includes security considerations as an integral part rather than as an isolated activity. The approach does not restrict itself to a specific class of network architectures, but takes the complete solution space into account. The resulting design decisions are based multiple classes of requirements, namely functional requirements such as the communication need and security requirements, e.g. the unwanted remote controlling of system functions by injecting incorrect information as well as the contract-based data exchange.