Presentation is loading. Please wait.

Presentation is loading. Please wait.

COPYRIGHT © 2015 THE BOEING COMPANY ARINC 820 Security Derek Schatz, CISSP Boeing Commercial Airplanes Presented at ARINC CSS Meeting in Sevilla October.

Published byWilfrid Butler Modified over 8 years ago

Similar presentations

Presentation on theme: "COPYRIGHT © 2015 THE BOEING COMPANY ARINC 820 Security Derek Schatz, CISSP Boeing Commercial Airplanes Presented at ARINC CSS Meeting in Sevilla October."— Presentation transcript:

1 COPYRIGHT © 2015 THE BOEING COMPANY ARINC 820 Security Derek Schatz, CISSP Boeing Commercial Airplanes Presented at ARINC CSS Meeting in Sevilla October 28, 2015

2 COPYRIGHT © 2015 THE BOEING COMPANY Approach Security input to A820 based on early strawman version of doc Very preliminary inputs based on initial understanding of functionality and some security best practices Future revisions of security guidance may justify a fuller analysis based on ARINC 811

3 COPYRIGHT © 2015 THE BOEING COMPANY Understanding of WIU Role(s) Part of Wireless Distribution System, interface unit for CWAPs Media server for streaming to pax devices Level E system

4 COPYRIGHT © 2015 THE BOEING COMPANY Potential Risks The WIU will be directly exposed to passengers via the CWAPs. Lack of CWAP authentication makes attack attribution difficult. Content providers (e.g. movie studios) will require that content stored on the WIU in the (optional) Media Store be adequately protected against piracy.

5 COPYRIGHT © 2015 THE BOEING COMPANY Potential Risks, cont’d If payment information is collected for streaming content, the WIU may be subject to Payment Card Industry (PCI) requirements for protection of Personally Identifiable Information (PII), including credit card numbers. Airline and airframe manufacturers’ reputations for safe and secure aircraft would be damaged in the event of a breach of the WIU. Any exposed services accessible from the cabin can provide an additional attack path.

6 COPYRIGHT © 2015 THE BOEING COMPANY Potential Risks, cont’d Being likely based on COTS software components, the WIU web portal may provide a significant attack surface that will be challenging to keep up to date with the latest patches. Vulnerabilities in the web portal could allow defacement of the web pages, implanting of malware to infect passenger devices, implanting of malware to intercept passenger data, or uploading of alternate content such as pornography. The media load port in the cabin may provide a passenger-accessible attack path.

7 COPYRIGHT © 2015 THE BOEING COMPANY Potential Risks, cont’d An interface to the CSS to enable passenger control of reading lights and attendant call buttons could enable an attacker to activate these en masse in the cabin, causing distraction to the cabin crew. The interface to the IFES and/or BOSS provides a potential path for theft of offboard Internet access service. Any use of ARINC 429 interfaces other than ones implemented as ‘read-only’ may enable attack against airplane avionics systems.

8 COPYRIGHT © 2015 THE BOEING COMPANY Recommended Controls The WIU’s attack surface should be minimized, i.e. no management interfaces exposed, other ports and services closed off. The WIU should be able to generate security log events. Examples: –Authentication events –Data loads –Network IDs of connected devices –Firewall events –Record enough to enable reconstruction of attacks

9 COPYRIGHT © 2015 THE BOEING COMPANY Recommended Controls The Media Store file system should prevent uncontrolled access to media files. The Web Portal should not store any Personally Identifiable Information (PII) of users The WIU should reload a clean software image from firmware at each power-up. Firmware should only be writeable from the maintenance port while in maintenance mode.

10 COPYRIGHT © 2015 THE BOEING COMPANY Recommended Controls Media should only be loadable while the CWAP interfaces are down. The Web Portal should be protected by a web application firewall function that only passes whitelisted packet types. The Web Portal and Media Store should have a means of detecting the presence of non- whitelisted content in the filesystem.

11 COPYRIGHT © 2015 THE BOEING COMPANY Recommended Controls The Web Portal and Media Store should have a means of detecting and preventing streaming of unauthorized content. The WIU should detect and prevent improper commands being sent via the passenger service interface. The WIU should implement a stateful packet filter (firewall) function on the BOSS and IFES interfaces.

Download ppt "COPYRIGHT © 2015 THE BOEING COMPANY ARINC 820 Security Derek Schatz, CISSP Boeing Commercial Airplanes Presented at ARINC CSS Meeting in Sevilla October."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Managed Premises Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory.

Managed Premises Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Windows Internet Explorer 9 Chapter 1 Introduction to Internet Explorer.

Windows Internet Explorer 9 Chapter 1 Introduction to Internet Explorer.
Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.

Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.

Similar presentations

Ads by Google