Hello,
My name is Kevin Harnett and I work for the Department of Transportation, Volpe National Transportation Systems Center in Cambridge, Mass. My team is actively involved in supporting the FAA, DoD/USAF, and UK on several Cyber Security aircraft initiatives, such as: Electronic Flight Bags (EFBs) Security Testing, Aerospace Network Security Simulator (ANSS), Next Generation Air Transportation System (NextGen), Flight Object (FO), RTCA SC-216 (Aeronautical System Security), and DoD Commercial Derivative Aircraft (CDA) cyber security.
BACKGROUND
With developments in the aerospace industry to support the future Next Generation Air Transportation System (NextGen) and new E-Enabled aircraft (such as the Boeing 787 and 747-8 and the Airbus 380 and 350, and technology retrofits to legacy aircraft), the use of technologies such as IT communication protocols and COTS equipment are being used on aircraft at unprecedented levels. The use of these technologies raises concerns about potential cyber security vulnerabilities that may have an impact on aircraft safety. The FAA realizes that these industry developments will have an impact on Aircraft Certification Office (ACO) workloads and required skill sets but needs feedback from industry to determine the extent of the impact. The purpose of this survey is to solicit information from aircraft manufacturers, aircraft component manufacturers and aircraft operators on near to mid-term developments that will impact the ACO workload.
SURVEY
We have been tasked by the FAA to conduct an Aircraft Cyber Security Technology Survey of aviation industry manufacturers and operators to determine the impact of the use of E-enabled technologies on the FAA regulatory process (i.e. Type Certification (TC), Supplemental Type Certification, Amended TC, Technical Standard Order Authorization (TSOA), or Technical Standard Order Deviation Request). In this context, the term “E-enabled technologies” is defined to mean the use of IP-addressable IT communications technologies (e.g. cellular, 802.11 wireless, Ethernet used in WANs or LANs) that are incorporated into aviation components and systems. We have been tasked to determine the approximate percentages of aircraft products or modifications which require FAA regulatory approval will include E-enabled technologies.
It is understood that there are a variety of scenarios that include various organizations with an interest in any particular application for FAA regulatory approval that include organizations other that the primary applicant. The viewpoint of all organization types is of interest to us. Your organization’s perspective is requested if you are an involved participant, whether you are the primary applicant to the FAA regulatory approval process or not. If you are not the appropriate individual in your organization to fill out this survey, please forward this e-mail to right person.
This information is being collected to provide a basis for training requirements for the FAA Aircraft Certification Office (ACO) personnel. The objective will be to ensure that the ACOs have a technical understanding of the use of E-enabled technologies, related potential cyber security vulnerabilities and the mitigations that you may have implemented and thereby prevent potential delays in the FAA regulatory approval process.
Respondents to this survey will receive a copy of the report containing the result of the survey. Identifying information will be kept strictly confidential. No specific or proprietary product information is requested in the survey. The results will be stated in generic terms with no company or product names identified. We believe that this information will prove useful to you in your planning activities.
Please complete the survey no later than April 23, 2010.
Click here to take the survey
If you would like additional information concerning this survey, related projects (such as the Aerospace Network Security Simulator) or would like information on related aviation industry committee activities, please feel free to contact me.
Kevin Harnett
US Department of Transportation/Volpe Center
Cyber Security Project Manager
617-699-7086 (cell)
617-494-2604 (work)
617-494-2902 (fax)