Skip to main content

A Security Engineering Process Approach for the Future Development of Complex Aircraft Cabin Systems

  • Conference paper

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 405)

Abstract

Due to increasing functionality associated with rising complexity of aircraft cabin systems which are used by cabin crew, passengers, maintenance staff and other stakeholders, security engineering has to become an integral part of the system engineering process in aviation industry. This paper deals with a security engineering process approach for the development of complex aircraft systems, which is fully integrated into the development process. As an appropriate process model we introduce the so called three-V-model, which represents the governing system engineering process (SEP) associated with the safety engineering process (SafEP) and the security engineering process (SecEP). All three processes are pursued concurrently and are interacting reciprocally on each development level with the predominant SEP. We describe in detail involved security engineering activities and finally demonstrate how the interaction between the SEP and the SecEP is improved and optimized by the use of so called security context parameters (SCPs).

Keywords

  • Security
  • Aircraft Cabin Systems
  • Complex Systems
  • Development Process
  • Three-V-Model
  • Security Context Parameters

References

  1. EUROCAE / SAE: Certification considerations for highly-integrated or complex aircraft systems. EUROCAE ED-79 / SAE ARP-4754 (1996)

    Google Scholar 

  2. EUROCAE / SAE: Guidelines and methods for conducting the safety assessment process on civil airborne systems. EUROCAE ED-135 / SAE ARP-4761 (1996)

    Google Scholar 

  3. Benz, S.: Eine Entwicklungsmethodik für sicherheitsrelevante Elektroniksysteme im Automobil. PhD thesis, Universität Karlsruhe, Karlsruhe (2004)

    Google Scholar 

  4. EUROCAE / RTCA: Airworthiness security process specification. EUROCAE ED-202 / RTCA DO-326 (2010)

    Google Scholar 

  5. Hintze, H., Tolksdorf, A., God, R.: Cabin core system - A next generation platform for combined electrical power and data services. In: Proceedings of 3rd International Workshop on Aircraft System Technologies, AST 2011, Hamburg, 221-231 (2011)

    Google Scholar 

  6. Rosenberg, B.: Cabin Management Systems. Avionics Magazine, 26–30 (2010)

    Google Scholar 

  7. Ebert, C.: Systematisches Requirements Engineering, 3rd edn. dpunkt.verlag, Heidelberg (2010)

    Google Scholar 

  8. EASA / FAA: Equipment, systems, and installations. EASA Certification Standards 25.1309 / FAA Federal Aviation Regulations 25.1309

    Google Scholar 

  9. ARINC: Network domain characteristics and interconnection. ARINC 664P5 – Aircraft data network part 5 (2005)

    Google Scholar 

  10. ARINC: Commercial aircraft information security concepts of operation and process framework. ARINC Report 811 (2005)

    Google Scholar 

  11. Air Transport Association: Information Standards for Aviation Maintenance. ATA Spec 2200 (2010)

    Google Scholar 

  12. ISO/IEC: Information technology – Security techniques – Information security risk management. ISO/IEC 27005:2008 (2008)

    Google Scholar 

  13. Blanquart, J.-P., Bieber, P., Descargues, G., Hazane, E., Julien, M., Léonardon, L.: Similarities and dissimilarities between safety levels and security levels. In: Embedded Real Time Software and Systems, ERTS 2012 (2012), http://www.erts2012.org/site/0P2RUC89/8A-2.pdf

  14. Nahorney, B.: The Downadup Codex - A comprehensive guide to the threat’s mechanics. In: Symantec - Security Response (2009), http://www.whitepapersdb.com/whitepapers/download/1207

  15. Falliere, N., OMurchu, L., Chien, E.: W32.Stuxnet Dossier. In: Symantec - Security Response (2011), http://www.wired.com/images_blogs/threatlevel/2011/02/Symantec-Stuxnet-Update-Feb-2011.pdf

  16. Bieber, P., Blanquart, J.-P., Descargues, G., Dulucq, M., Fourastier, Y., Hazane, E., Julien, M., Léonardon, L.: Security and Safety Assurance for Aerospace Embedded Systems. In: Embedded Real Time Software and Systems, ERTS 2012 (2012), http://www.erts2012.org/site/0P2RUC89/8A-1.pdf

  17. Hintze, H., God, R.: A model-based security engineering process approach for the development of next generation cabin management systems (2013) (unpublished results)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 IFIP International Federation for Information Processing

About this paper

Cite this paper

Hintze, H., Wiegraefe, B., God, R. (2013). A Security Engineering Process Approach for the Future Development of Complex Aircraft Cabin Systems. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds) Security and Privacy Protection in Information Processing Systems. SEC 2013. IFIP Advances in Information and Communication Technology, vol 405. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39218-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39218-4_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39217-7

  • Online ISBN: 978-3-642-39218-4

  • eBook Packages: Computer ScienceComputer Science (R0)