Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Computer Safety, Reliability, and Security

SAFECOMP 2012: Computer Safety, Reliability, and Security pp 25–36Cite as

  1. Home
  2. Computer Safety, Reliability, and Security
  3. Conference paper
Risk Assessment for Airworthiness Security

Risk Assessment for Airworthiness Security

  • Silvia Gil Casals18,19,20,
  • Philippe Owezarski18,20 &
  • Gilles Descargues19 
  • Conference paper
  • 2415 Accesses

  • 4 Citations

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 7612)

Abstract

The era of digital avionics is opening a fabulous opportunity to improve aircraft operational functions, airline dispatch and service continuity. But arising vulnerabilities could be an open door to malicious attacks. Necessity for security protection on airborne systems has been officially recognized and new standards are actually under construction. In order to provide development assurance and countermeasures effectiveness evidence to certification authorities, security objectives and specifications must be clearly identified thanks to a security risk assessment process. This paper gives main characteristics for a security risk assessment methodology to be integrated in the early design of airborne systems development and compliant with airworthiness security standards.

Keywords

  • airworthiness
  • risk assessment
  • security
  • safety
  • avionic networks

Download conference paper PDF

References

  1. SAE International (Society of Automotive Engineers, Inc.): Certification Considerations for Highly-Integrated Or Complex Aircraft Systems (ARP-4754), USA (1996)

    Google Scholar 

  2. SAE International (Society of Automotive Engineers): Guidelines and methods for constructing the safety assessment process on civil airborne systems and equipment (ARP-4761), USA (1996)

    Google Scholar 

  3. Radio Technical Commission for Aeronautics (RTCA SC-167) and European Organization for Civil Aviation Electronics (EUROCAE WG-12): Software considerations in airborne systems and equipment certification (DO-178B/ED-12), Washington, USA (1992)

    Google Scholar 

  4. European Organization for Civil Aviation Electronics (EUROCAE WG-46) and Radio Technical Commission for Aeronautics (RTCA SC-180): Design assurance guidance for airborne electronic hardware (DO-254/ED-80), Paris, France (2000)

    Google Scholar 

  5. De Cerchio, R., Riley, C.: Aircraft systems cyber security. In: IEEE/AIAA Digital Avionics Systems Conference, Seattle, USA, pp. 1C3.1–1C3.7 (2011)

    Google Scholar 

  6. European Organization for Civil Aviation Equipment (EUROCAE WG-72) and Radio Technical Commission for Aeronautics (RTCA SC-216): Airworthiness security process specification, ED-202 (2010)

    Google Scholar 

  7. RTCA SC-216 and EUROCAE WG-72: Airworthiness security methods and considerations (ED-203). Working draft version rev.9.5 (2011)

    Google Scholar 

  8. Jacob, J.M.: High assurance security and safety for digital avionics. In: 23rd IEEE/AIAA Digital Avionics Systems Conference, Salt Lake City, USA, vol. 2, pp. 8.E.4–8.1-9 (2004)

    Google Scholar 

  9. International Organization for Standardization: Common Criteria for Information Technology Security Evaluation (CC v.3.1) (2009), http://www.commoncriteriaportal.org

  10. Ministerio de Administraciones Publicas (Spanish Ministry for Public Administrations), MAGERIT. Spain (2005)

    Google Scholar 

  11. Insight Consulting: CRAMM (CCTA Risk Analysis and Management Method). United Kingdom (2003)

    Google Scholar 

  12. National Institute for Standards and Technology (NIST): Risk Management Guide for Information Technology systems. United States (2002)

    Google Scholar 

  13. Carnegie Mellon University, SEI (Software Engineering Institute): OCTAVE v2.0. USA (2005)

    Google Scholar 

  14. CLUSIF (Club for the Security of Information in France): MEHARI (Method for Harmonized Analysis of Risk), France (2010)

    Google Scholar 

  15. Direction Centrale de la Sécurité des Systèmes d’Information (DCSSI): EBIOS - Expression des Besoins et Identification des Objectifs de Sécurité, Paris, France (2004)

    Google Scholar 

  16. Liao, N., Li, F., Song, Y.: Research on real-time network security risk assessment and forecast. In: 2010 International Conference on Intelligent Computation Technology and Automation (ICICTA), Changsha, China, vol. 3, pp. 84–87 (2010)

    Google Scholar 

  17. Alhabeeb, M., Almuhaideb, A., Dung, L.P., Srinivasan, B.: Information Security Threats Classification Pyramid. In: 24th IEEE International Conference on Advanced Information Networking and Applications Workshops, Paderborn, Germany, pp. 208–213 (2010)

    Google Scholar 

  18. Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with quantitative evaluation tools for monitoring operational security. In: 6th International Conference on Dependable Computing for Critical Application (DCCA-6), Garmish, Germany (1997)

    Google Scholar 

  19. Ben Mahmoud, M.S., Larrieu, N., Pirovano, A.: A risk propagation based quantitative assessment methodology for network security. In: 2011 Conference on Network and Information Systems Security (SAR-SSI), La Rochelle, France, pp. 1–9 (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CNRS, LAAS, 7 avenue du colonel Roche, F-31400, Toulouse, France

    Silvia Gil Casals & Philippe Owezarski

  2. THALES Avionics, 105 av. du General Eisenhower, F-31100, Toulouse, France

    Silvia Gil Casals & Gilles Descargues

  3. Univ de Toulouse: INSA, LAAS, F-31400, Toulouse, France

    Silvia Gil Casals & Philippe Owezarski

Authors
  1. Silvia Gil Casals
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Philippe Owezarski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gilles Descargues
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Fakultät für Informatik, Institut für Technische und Betriebliche Informationssysteme (ITI), Otto-von-Guericke-Universität, Universitätsplatz 2, 39106, Magdeburg, Germany

    Frank Ortmeier

  2. SELEX ELSAG, Liverpool Innovation Park, Edge Lane, Fairfield, L7 9NJ, Liverpool, UK

    Peter Daniel

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gil Casals, S., Owezarski, P., Descargues, G. (2012). Risk Assessment for Airworthiness Security. In: Ortmeier, F., Daniel, P. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2012. Lecture Notes in Computer Science, vol 7612. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33678-2_3

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-33678-2_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33677-5

  • Online ISBN: 978-3-642-33678-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature