(ANSS) Master Plan Overview

slurpslapoutΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

98 εμφανίσεις

Photos: Corel, Photodisk; Photodisk; Photodisk; Comstock; DOT

Airborne Network Security Simulator

(ANSS) Master Plan Overview



Presented by:

Chris Riley (DOT/Volpe)



November 3, 2010







1

Agenda


ANSS Experiment 1



ANSS Experiment 2



ANSS Master Plan

2

Airborne Network

Security Simulator (ANSS) Goals



Identify potential
information security threats in synthetic
environment

by simulating next generation aircraft communications
systems


Share
knowledge, tools and methodologies

with academia and
other interested stakeholders to extend research value


Act as
coordinating authority for cyber security risk mitigation

within the international aerospace & aviation community


Recommend appropriate
technical & procedural standards for
security risks

to aid in the development of regulatory guidelines and
policies


Influence industry bodies on
cyber security best practices

with
respect to specifications, procedures, and recommendations used by
the industry



3

Master Plan Overview


Phase 1


Inside Aircraft Network


Simulates a standard airborne network architecture
including real and synthetic components


Interconnects with disparate aviation simulators to
include real
-
world information in its experiments


Engages industry, academia and government in its
experiments and recommendations


Design experiments to explore stakeholder identified
issues and concerns

4

Demonstration Scenario; Airline AOC to
Aircraft


IEEE HLA /RTI

Via

Internet


ANSS at WSU

ANSS
Operational

Enclave

Gatelink

OPS

Controller

Firewall

Aircraft
Network

Control
Domain

Information
Domain

Passenger
Domain

TWLU

EFB

Load &
Balance

Data

Performance

Calculation

Performance

Calculation

5

LaTech

Ops
-
Center
Simulator

Experiment 1 Scenario


Final Pre
-
Flight
Data

Man
-
in
-
the
-
Middle device
captures data
and sends it to
the Internet

Modified Pre
-
Flight
Data

Hacker

6

ANSS Experiment 2


7

ANSS Phase 1 Experiment 2


Working with several aviation vendors to add Experiment 2 Functionality



Aircraft Control Domain (ACD)



Pratt & Whitney (P&W)


FAST (Flight
-
data Acquisition, Storage and Transmission )
--

Engine Wireless
Maintenance Toolset



ACD



General Electric (GE) Intelligent Platforms


AFDX (Avionics Full Duplex Network, Switched Ethernet) simulated configuration



In Flight Entertainment (IFE)



Panasonic Inc.


Simulated 3 seat suite of Wi
-
Fi equipment



Developing operational scenarios/uses cases, e.g.


Intrusion Detection, Wireless data transfer, Engine Data/Gatelink interfaces



UK Partners to provide Penetration Testing support




8

9

Aircraft Data Network (ADN)

ANSS Phase 1


Experiment 2

Aircraft control

Airline
Information
Services


Passenger
Information
and
Entertainment
Services

Passenger
-
Owned
Devices

Flight and
Embedded
Control
Systems

Cabin Core

Admin

Passenger
Support

Control the
Airplane

Operate the
Airline

Entertain the
Passengers

Entertain the
Passengers

Closed

Private

Public


Source

ARINC
664, Aircraft Data Network,

Part 5, Network Domain Characteristics and Interconnection

FAST (P&W)


IFE(Panasonic)

AFDX (GE)

EFB/Gatelink

ANSS Master Plan


10

Master Plan Overview


Phase 2


External Interconnections


Include a SOA interface based on current Nextgen Standards


Build synthetic capabilities to evaluate cyber issues when the
aircraft is both a SOA provider and consumer


Participate in FAA/DOD experiments to understand the
commercial impact of cyber security in this environment


Identify issues and restrictions of global trust in the AN
environment


Identity issues associated with centralized auditing, intrusion
detection/prevention and a global view of the operation’s theater.


11

ANSS Phase 2

NEXTGEN Simulations

12

TDL
S

NNE
W

ERA
M

Characteristics


Situational awareness
-

advisory


Commercial spectrum


Limited or No source Authentication


Low or no design assurance


User specified QoS


RMA


Delivery (e.g. best effort)


Latency


International usage based on reach of service
provider


User designed/directed controls and displays


User specified FMS integration

Weather

Airspace status

NOTAMS

Characteristics


Command and Control


safety critical


Protected spectrum


Source Authentication


High safety assurance levels


QoS dictated by safety case


High reliability, maintainability &
availability


Guaranteed delivery


Low latency


Harmonization based on International
agreements


Standardized controls and displays


FMS integration

TDL
S

ERA
M

TF
M

TF
M

Master Plan Overview


Phase 3


Virtual World Training, Modeling and
Simulation



Skill development plays a critical role in the cyber protection. Special skills will be needed to
address the mobility, public safety and critical infrastructure components of this environment.


Gaming technology is successfully used to build virtual worlds and train the workforce through
realistic scenarios. Scenario based training also allows researcher to observe student attack
strategies in anticipation of the next level of attack. Learning attack approaches and exploits
in a controlled environment feeds the development of predictive and adaptive defense
strategies


Leveraging all of these assets, ANSS would develop a gaming environment where security
teams from government, academia and industry will compete in “capture the flag” type
scenarios. First line defenders, modes, methods and approaches captured in the experiments
would prove invaluable to researchers in proactively protecting the AN environment



13

ANSS Phased Approach

14

Phase 1

Phase 2

Phase 3

2010

2011

2012

J

F

M

A

M

J

J

A

S

O

N

D

J

F

M

A

M

J

J

A

S

O

N

D

J

F

M

A

M

J

J

A

S

O

N

D

External Interconnections

Experiment 1


EFB/Gatelink (June 2010)

Experiment 2


Databuses, Wireless

Maintenance, and In Flight Entertainment (Spring 2011)

NextGen Simulations

Experiment 1
-

TBD

Experiment 2
-

TBD

Experiment 1
-

TBD

Experiment 2
-

TBD

Virtual World Training, Modeling and
Simulation

15

Astronautics

Corporation
of America

Contributing Organizations to the

ANSS Demonstration/Technical Workshop



Kevin Harnett, Volpe Center Cyber Security Program Manger


Email:
kevin.harnett@dot.gov


Email: Phone: 617
-
699
-
7086



Chris Riley, Volpe Center Cyber Security Researcher


Email: riley@info
-
tools.com


Email: Phone: 508
-
672
-
6032




Contact Information

16