1 / 7

Data Comm Program Air-Ground Security Paper

Data Comm Program Air-Ground Security Paper. Andy Col ón FAA - DCP System Engineering Lead. Content. Introduction Security Approach Related Work SC-214/WG-78 References to Security Action by the Meeting. Introduction.

keegan
Download Presentation

Data Comm Program Air-Ground Security Paper

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Comm Program Air-Ground Security Paper Andy Colón FAA - DCP System Engineering Lead

  2. Content • Introduction • Security Approach • Related Work • SC-214/WG-78 References to Security • Action by the Meeting

  3. Introduction • Federal Information Security Management Act (FISMA) requires each federal agency to implement a security program to provide information security for the information and information systems • In order to comply with Federal Law and policies of the Chief Information Officer (CIO), the FAA has conducted a threat assessment of Air-Ground communications and has specified a requirement for Air-Ground Security in Segment 1 of the Data Communications program • The capability will be a planned product improvement of the final release of the Segment 1 Ground Automation System (ERAM SW upgrade which will support Enroute clearance deliveries).

  4. Security Approach • Air-Ground Security for Data Communications will be based on the ATN Security Solution specified in ICAO Doc 9880. • The solution provides two-way message authentication of the ground system and aircraft. A draft information paper for the Doc 9880 was presented at the 14th meeting of ACP Working Group M, held in Belgium in June 2009 • The WG-M Paper follows the same security approach which was defined in Doc 9705 Edition 3 with a minor modification to update the domain parameters used in the cryptographic primitives. • Technical documentation to support the two-way authentication approach will be presented for incorporation into DOC 9880, at ICAO ACP WG-M meeting in Paris May 17, 2010.

  5. Related Work • The Air Transport Association (ATA) Digital Security Working Group (DSWG) has developed Specification 42 which contains a Certificate Profile for ACARS Message Security. • Since the updated domain parameters in the draft Doc 9880 have been updated to match ACARS Message Security, the industry standard Specification 42 may be used for the certificate profile. • An Amendment Proposal to update the draft Doc 9880 so that it references Specification 42 will be presented at the upcoming 16th Meeting of ACP Working Group M. • The Data Comm Program is working avionics vendors to determine the most cost effective and technical approach to meet the requirement of providing a two-way authentication to satisfy the threat assessment, and to validate the recommended requirements.

  6. SC 214/ WG 78 References to Security • In order to invoke the security provisions, it is recommended that references to this air-ground security provisions be added to the SC 214/ WG 78 documentation. • The FAA does not plan to make this air-ground security requirement part of the FANS-1/A; the security requirement will be for SC-214 ATN Avionics only.

  7. Action by the Meeting • The meeting is invited to consider the two-way authentication security option for SC-214 ATN Avionics. • The FAA Data Comm Program has made a decision to pursue and validate the two-way authentication option, for implementation as a Segment 1 planned product improvement. • Technical documentation to support the two-way authentication approach will be presented for incorporation into DOC 9880, at ICAO ACP WG-M meeting in Paris May 17, 2010.

More Related