Flight satellite and navigation system security
In our last article over satellite navigation and satellite communication equipment, we discussed over the COBHAM AVIATOR 700D Communication Solution and how common and important this system is. In this article we will cover the COBHAM AVIATOR 700D Communication Solution used onboard. We will also understand the security of this solution with the help of ethical hacking course expert of the International Institute of Cyber Security, Mike Stevens.
The most common satellite navigation and satellite communication equipment COBHAM AVIATOR 700D is available in two versions. First, the AVIATOR 700 approved to RTCA specification DO-178B level E and DO- 254 level E, secondly the AVIATOR 700D approved to RTCA specification DO-178B level D and DO- 254 level D. What are level D and Level E?
As per information security training expert, Anita Thomas, International certification authorities have defined standards for software security of such devices. Some of the standards are Radio Technical Commission for Aeronautics (RTCA) specification DO-178B or the European Organization for Civil Aviation Equipment (EUROCAE) ED-12B. These standards have different levels, mentioned below:
Failure may cause multiple accidents, which includes plane crash.
This can result in failure to operate plane or partial plane crash, which might cause passenger and crew injuries.
This might cause reduced safety margin and passenger discomfort.
This might cause reduced safety margin and passenger discomfort or flight route change.
Level E–No Effect
This might not cause reduced safety margin but can cause passenger discomfort.
Devices with levels A, B, or C require a strict review process and are very secure. Devices with levels D or E are not required to undergo strict review processes and are less secure. As per ethical hacking course expert Mike Stevens the main concern here is that the industry is using level D and E devices even after knowing about their security standards. The industry main concern should be interactions between devices with different security standards.
Information security training experts from Ioactive, were able to demonstrate that it is possible to compromise a system certified for level D that interacts with devices certified for level A, potentially putting the level A devices integrity at risk. The exploit of vulnerabilities of these devices of level E and D can allow a hacker to hack SwiftBroadband Unit (SBU) and the Satellite Data Unit (SDU), which provides AeroH+ and Swift64 services.
As per an ethical hacking course expert, any system connected to these devices, could also be hacked. A successful attack could compromise the controls of the satellite link channel used by FANS and other systems. Malfunction of these subsystems could pose a safety threat for the airplane.
- +91 11 4556 6845
- +1 267 705 5264
- +52 55 9183 5420