Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trust and Identification

Published byVivian White Modified over 6 years ago

Similar presentations

Presentation on theme: "Trust and Identification"— Presentation transcript:

1 Trust and Identification
Aircraft Security Presented by Michel Messerschmidt Aircraft Information System Security Engineer Introducing ARTIST Trust and Identification Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33

2 Introducing... ARTIST ARTIST
ARTIST = “Aircraft Root of Trust and Identification System” A unique, electronic Vehicle Identification Number (VIN) for the lifetime of the aircraft An onboard Certificate Authority (CA) providing digital certificates and PKI services Onboard validation of all certificates against Certipath (without the need for ground communication) Provide services for all aircraft systems and applications ARTIST consists of two modules... to keep the critical part small and simple, while providing full services in a flexible way Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

3 Introducing... TIM ARTIST TIM = “Trusted Identity Module” TIM
Private Storage - VIN - Aircraft root private key Trusted Storage - Trusted public certificates Trusted Service - Processor - OS / Firmware - RNG - Algorithms API I/F TIM = “Trusted Identity Module” Non-modifiable and non-removable (without destruction) for the lifetime of the aircraft Contains the VIN An aircraft root certificate (i.e. a CA certificate) and private key as the root of trust for all aircraft purposes. signed by a ground CA that is cross-certified by Certipath. Trusted public information to validate the aircraft root certificate (e.g. the signing certificates of the ground CA and Certipath) Hardware and Firmware to facilitate all sensitive cryptographic operations (i.e. involving the private key) within TIM No access to Private Storage from outside of TIM Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

4 SARCASM = “Secure Aircraft Root Certificate Authority Services Module”
Introducing... SARCASM ARTIST SARCASM ACD CA Service - Processing - Algorithms CA Storage - Certificates - Certificate Revocation Lists AISD PIESD TIM API I/F STRUPPI SARCASM = “Secure Aircraft Root Certificate Authority Services Module” A centralized onboard certificate authority providing digital certificates and PKI services A non-volatile CA storage for public keys and certificates Separate, but identical services for all aircraft domains to ensure domain separation An isolated “Secure TRUsted Power & Programming Interface” (STRUPPI) for maintenance access to all services that require authentication Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

5 ...putting it all together...
ARTIST SARCASM ACD CA Service - Processing - Algorithms CA Storage - Certificates - Certificate Revocation Lists AISD PIESD TIM Private Storage - VIN - Aircraft root private key Trusted Storage - Trusted public certificates Trusted Service - Processor - OS / Firmware - RNG API I/F STRUPPI Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

6 Finally... services SARCASM public API services include:
Aircraft identification (using VIN) Validation of certificates (from onboard systems and external entities) Verification of signatures Generation of keys for aircraft systems and applications (TBC) Data signatures (TBC, requires a second key pair and certificate in TIM) SARCASM maintenance STRUPPI services include: Issuance of certificates for aircraft systems and applications Processing of certificate requests Revocation of certificates Generation and publication of certificate revocation lists for onboard certificates Storage and management of certificates and certificates revocation lists from external entities (.e.g. airline ground services, airport services) Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

7 © AIRBUS DEUTSCHLAND GMBH. All rights reserved
© AIRBUS DEUTSCHLAND GMBH. All rights reserved. Confidential and proprietary document. This document and all information contained herein is the sole property of AIRBUS DEUTSCHLAND GMBH. No intellectual property rights are granted by the delivery of this document or the disclosure of its content. This document shall not be reproduced or disclosed to a third party without the express written consent of AIRBUS DEUTSCHLAND GMBH. This document and its content shall not be used for any purpose other than that for which it is supplied. The statements made herein do not constitute an offer. They are based on the mentioned assumptions and are expressed in good faith. Where the supporting grounds for these statements are not shown, AIRBUS DEUTSCHLAND GMBH will be pleased to explain the basis thereof. AIRBUS, its logo, A300, A310, A318, A319, A320, A321, A330, A340, A350, A380, A400M are registered trademarks. Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Feb 2009

Download ppt "Trust and Identification"

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Feb 2009 Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Introducing ARTIST Trust and Identification Aircraft Security Presented by Michel Messerschmidt.

Feb 2009 Introducing ARTIST - Airbus Deutschland GmbH - TBCEI33 Introducing ARTIST Trust and Identification Aircraft Security Presented by Michel Messerschmidt.
PKI Trust Root Concepts ACP Working Group – I April 2009.

PKI Trust Root Concepts ACP Working Group – I April 2009.
AIRCRAFT FIRE AND CABIN SAFETY RESEARCH CONFERENCE 2004 - Dr. A. Freiling - Ref. X26PR0407223 - Issue 1 Relation between active and passive Fire Protection.

AIRCRAFT FIRE AND CABIN SAFETY RESEARCH CONFERENCE Dr. A. Freiling - Ref. X26PR Issue 1 Relation between active and passive Fire Protection.
VSG – CPDLC Msg Set Validation WG78/SC214 SG (Luxembourg) Feb 2012VSG - CPDLC Msg Set Validation Presented by VSG (Greg Saccone / Jerome Condis)

VSG – CPDLC Msg Set Validation WG78/SC214 SG (Luxembourg) Feb 2012VSG - CPDLC Msg Set Validation Presented by VSG (Greg Saccone / Jerome Condis)
VSG Input WG78/SC214 SG (Luxembourg) Feb 2012VSG - Input Presented by VSG (Greg Saccone / Jerome Condis)

VSG Input WG78/SC214 SG (Luxembourg) Feb 2012VSG - Input Presented by VSG (Greg Saccone / Jerome Condis)
Standards for Seamless ATS communications transition between different datalink technologies Presented by CONDIS Jerome Airbus May 2010.

Standards for Seamless ATS communications transition between different datalink technologies Presented by CONDIS Jerome Airbus May 2010.
The revenue crisis: when will the airline industry recover? Narjess Teyssier ICAO n Chief Economic Analysis & Policy Section Montréal 26 September 2010.

The revenue crisis: when will the airline industry recover? Narjess Teyssier ICAO n Chief Economic Analysis & Policy Section Montréal 26 September 2010.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Cabin Component Design Features Fire Properties of Corefiller, Adhesive, „Ditch and Pot“ March 2009 Presented by Ingo WEICHERT TBCEE12.

Cabin Component Design Features Fire Properties of Corefiller, Adhesive, „Ditch and Pot“ March 2009 Presented by Ingo WEICHERT TBCEE12.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
State of Air Transport focus on MID Region 1 ICAO Aviation Data Analyses Seminar Middle East (MID) Regional Office 27-29 October Economic Analysis and.

State of Air Transport focus on MID Region 1 ICAO Aviation Data Analyses Seminar Middle East (MID) Regional Office October Economic Analysis and.
Southampton 1 P Bradshaw EDXCW. Commercial Aircraft Conceptual Design - Some Considerations 15 th November 2005 P Bradshaw EDXCW Wing & Aerodynamics Skill.

Southampton 1 P Bradshaw EDXCW. Commercial Aircraft Conceptual Design - Some Considerations 15 th November 2005 P Bradshaw EDXCW Wing & Aerodynamics Skill.
Southampton 2 P Bradshaw EDXCW. © AIRBUS S.A.S. All rights reserved. Confidential and proprietary document. Develop Capabilities for Multiple Challenges.

Southampton 2 P Bradshaw EDXCW. © AIRBUS S.A.S. All rights reserved. Confidential and proprietary document. Develop Capabilities for Multiple Challenges.
ICAO Aviation Data Analyses Seminar Middle East (MID) Regional Office 27-29 October Economic Analysis and Policy (EAP) Section Air Transport Bureau (ATB)

ICAO Aviation Data Analyses Seminar Middle East (MID) Regional Office October Economic Analysis and Policy (EAP) Section Air Transport Bureau (ATB)
R&R Consulting Approach

R&R Consulting Approach
© COPYRIGHT ABCONSULTING Understanding Flight Operations For Manufacturers by Antoine BRU.

© COPYRIGHT ABCONSULTING Understanding Flight Operations For Manufacturers by Antoine BRU.

Similar presentations

Ads by Google