AAtS - Information Exchange Vulnerability
advertisement
Federal Aviation Administration AAtS Information Exchange Vulnerability Assessment Threat-Scenario-Based Hazard Analysis and Risk Assessment Presenter: Date: Robert Klein August 27, 2014 Data Exchange Comparison Reference Data Exchange Reference Model AIXM DATA Format Information Product Cal / Val Data & Information Description Authentication Primary Source FIXM NAS Standard Templates Individual Flight Objects NAS Standard Weather Geospatially Corrected with Geospatially Corrected with Geospatially Corrected with Occasional Updates Dynamical Updates Dynamical Updates Operator – to NESG (pub.) FAA - to NESG (pub.) FAA 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. WXXM Airport / Surface Templates OCS, ICA, etc. Flow Constrained Area Standard Terminal Arrival Route (STAR) Standard Instrument Departure (SID) RNP Approaches, J-Routes, Q-Routes, etc. Temporary Flight Restriction (TFR) Special Use Airspace (SUA) eNOTAMs Traffic Management Initiatives (TMIs) Air Traffic / Traffic Flow Management 1. 2. 3. 4. 5. 6. 7. Flight Plan(s) Approved RNAV Routing RTAs Flight History Flight Object Trajectory Option Set (TOS) FF-ICE (Flight & Flow Information for a Collaborative Environment FAA Operators 2 Operator - to NESG (pub.) FAA - to NESG (pub.) 1. 2. 3. 4. 5. 6. 7. METARs SIGMETs and Convective SIGMETs TAFs Winds and Temps Aloft AIRMETs Real-time Surface Winds / Wind Field Profiles PIREPs NWS, FAA, and Operators Federal Aviation Administration So what-? Why do we care? Because . . . ∑(AIXM,FIXM,WXXM)∫(AAtS*AC*AOC*ATC)= Collaborative Decision Making (CDM) CDM = Operational Efficiency (η) And . . . 3 Federal Aviation Administration The Concern . . . 4 Federal Aviation Administration Meanwhile, in 12-A . . . 5 Federal Aviation Administration Airborne WiFi in the News August 4, 2014, 12:56 PM ET In-flight Wireless Systems Vulnerable, Security Researcher Says By CLINT BOULTON A cybersecurity researcher says he has figured out how to hack the satellite communications equipment on passenger jets through their Wi-Fi and in-flight entertainment systems. Cybersecurity researcher Ruben Santamarta, a researcher with cybersecurity firm IOActive, will present the technical details of his research Thursday at this week’s Black Hat hacking conference in Las Vegas, Reuters reports. Since its inception in 1997, Black Hat has been the staging ground where hackers and cybersecurity experts convene to discuss their research, including emerging cyberthreats. In previous years at Black Hat, researchers have demonstrated how to hack anything from ATM systems, to insulin pumps and pacemakers. Mr. Santamarta will show how a hacker can use a plane’s in-flight Wi-Fi and entertainment system to hack into its avionics equipment, potentially disrupting satellite communications, which could interfere with the aircraft’s navigation and safety systems. “These devices are wide open,” Mr. Santamarta, who stumbled upon the vulnerabilities by “reverse engineering” firmware used in communications equipment, told Reuters. “The goal of this talk is to help change that situation.” Airlines may take some comfort in the fact that Mr. Santamarta said that his hacks have only been tested in controlled environments, and they might be difficult to replicate in the real world. Black Hat is also prone to cancellations, and thus far there have been three for this year’s event. Security researchers this week pulled two scheduled talks — one on breaking into home-alarm systems and the other on a sophisticated Russian espionage campaign known as “Snake.” The withdrawals follow the cancellation last month of a talk on how to identify users of Tor, the Internet privacy service. 6 Federal Aviation Administration ‘Original Article’ Hacker says to show passenger jets at risk of cyber attack BY JIM FINKLE BOSTON Mon Aug 4, 2014 8:09am EDT (Reuters) - Cyber security researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems - a claim that, if confirmed, could prompt a review of aircraft security. Santamarta, a consultant with cyber security firm IOActive, is scheduled to lay out the technical details of his research at this week's Black Hat hacking conference in Las Vegas, an annual convention where thousands of hackers and security experts meet to discuss emerging cyber threats and improve security measures. 7 Federal Aviation Administration AAtS Threat Portals Elevation of privilege Spoofing identity Denial of service Tampering with data Information disclosure Repudiation 8 Federal Aviation Administration Threat Categories & Descriptions Threat Number Category TS-1 D TS-2 E, D Cabin gaining unauthorized access to DLS TS-3 E, T Cabin user gains unauthorized access to Wireless Access Point TS-4 D TS-5 S, I, D Unauthorized Network Mapping by Authenticated User TS-6 S, E, D External Attacks with IP Address or Hostname TS-7 D TS-8 S, E, I TS-9 S, D TS-10 I TS-11 S, T, I, E Description Improper traffic originating from the EFB Consumption of DLS Bandwidth Wireless Access Point/Router DoS Rogue access point impersonating Wireless Access Point EFB may make excessive queries, conducting a DoS User in the cabin sniffing flight deck traffic Attack on the Certificate Authority and Rogue Certificates 9 Federal Aviation Administration FAA Risk Assessment Matrix Safety Risk Assessment Matrix from FAA ORDER 8040.4A 10 Federal Aviation Administration Threat Scenario Risk Assessment Assessed Risk Number of Threats Unacceptable risk 0 Acceptable Risk with Mitigations 5 Acceptable risk 6 11 Federal Aviation Administration Conclusions • The ERAU report presents several interesting network security threat scenarios. • There may be others . . . • Threat Scenarios 1 thru 11 do not represent either Hazardous or Catastrophic risk severity from an operational perspective. • We are continuing to evaluate this important issue. 12 Federal Aviation Administration
