FAA Aircraft Systems Information Security Protection overview
The purpose of this paper is to provide an overview of Aircraft Systems Information Security Protection (ASISP) from an FAA AVS perspective. Increased aircraft connectivity to aircraft systems and networks to Air Traffic Service (ATS) providers, including NextGen and public networks (e.g, Internet), may require additional security risk considerations. When the aircraft connects electronically to the infrastructure the safety, performance and interoperability requirements of both the aircraft and the systems that the aircraft are connected to should be considered. The FAA solution set includes safety,security, and environment. Improving safety, security, and the environment is an inherent part of the FAAs overall mission and is embedded in the activities of individual programs agency-wide.
This solution set involves activities directly related to ensuring that NextGen systems contribute to steadily reducing risks to safety and information security while mitigating adverse effects on the environment and ensuring environmental protection that allows sustained aviation growth. Security issues related to individuals that could gain physical access to aircraft to cause malicious damage to the aircraft systems (e.g., improper maintenance procedures, cutting wire bundles, etc.) are not addressed in this paper. Physical aircraft security is enforced by the Department of Homeland Security (DHS) and Transportation and Security Administration (TSA) . This paper is not a FAA official document and is the opinion of the author only. The pictures and figures contained in this paper were obtained from various internet sites, including the FAA NextGen program office. A list of acronyms and references used herein are included in the back of this paper.