Any person who does any unauthorised act in relation to this publication may be liable to criminal prosecution and civil claims for damages.
Making airplanes network-enabled can significantly increase the efficiency of aircraft manufacturing, operation and maintenance processes. Yet these benefits cannot be realized without addressing the potential for network-induced security threats. This paper addresses challenges that emerge for network-enabled airplanes that use public key cryptography-based applications. In particular, we focus on the electronic distribution of airplane software and data. We present both an ad hoc approach, without trust chains between certificates, and a structured approach employing a PKI. Both approaches facilitate public key-enabled applications, and both levy operational requirements on airlines. We describe the integration of these requirements into existing airline ground infrastructure and processes, to minimize operating overhead. The presented work is based on ongoing collaborative efforts among Boeing, FAA and EASA, to identify needs of the airlines for operating and maintaining network-enabled airplanes.
The general trend towards ubiquitous networking has reached the realm of airplanes. E-enabled airplanes with wired and wireless network interfaces offer a wide spectrum of network applications, in particular electronic distribution of software (EDS), and onboard collection and off-board retrieval of airplane health reports. On the other hand, airplane safety may be heavily dependent on the security of data transported in these applications. The FAA mandates safety regulations and policies for the design and development of airplane software to ensure continued airworthiness. However, data networks have well known security vulnerabilities that can be exploited by attackers to corrupt and/or inhibit the transmission of airplane assets, i.e. software and airplane generated data. The aviation community has recognized the need to address these security threats. This paper explores the role of information security in emerging information technology (IT) infrastructure for distribution of safety-critical and businesscritical airplane software and data. We present our threat analysis with related security objectives and state functional and assurance requirements necessary to achieve the objectives, in the spirit of the well-established Common Criteria (CC) for IT security evaluation. The investigation leverages our involvement with FAA standardization efforts. We present security properties of a generic system for electronic distribution of airplane software, and show how the presence of those security properties enhances airplane safety.
A study of decentralization of road administration in developing countries has been undertaken, including a literature review, and ®eld studies in Nepal, Uganda and Zambia. The ®ndings are reported under the headings of: constitutions and governance; policy and planning; ®nancial and ®scal aspects; institutions, management and human resources; operations; and contribution to poverty alleviation. Decentralization of road administration has potential for improving the delivery of rural transport infrastructure services. But the evidence from this study suggests that it is proving dif®cult to realize fully the expected bene®ts. Problems include: lack of local government powers to exercise political in¯uence; insuf®cient ®nancial resources; lack of management capability; and a lack of accountability mechanisms. Limited data also suggest that there is little evidence of existing decentralized systems being particularly responsive to addressing the needs of the rural poor. There is a need for the poor to be involved more actively in the planning, ®nancing and implementation process. Different models for administrative decentralization are described and recommendations are made for approaches likely to be the most appropriate for rural transport infrastructure administration and management.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.