2023 8th International Conference on Data Science in Cyberspace (DSC)

Research Ideas on Network Security Experiment

and Appraisal of Avionics System
1st Zhuoran Chen 2nd Hongyu Zhu 3rd Chen Yi*
Chinese Flight Test Establishment Chinese Flight Test Establishment Institute of Cyberspace Technology
Xi’an, China Xi’an, China HKCT Institute for Higher Education
1345295670@qq.com cfte ZHY@163.com Hongkong, China
alexyi@ctihe.edu.hk

4th Zhen Liu

2023 8th International Conference on Data Science in Cyberspace (DSC) | 979-8-3503-3103-5/23/$31.00 ©2023 IEEE | DOI: 10.1109/DSC59305.2023.00061

Guilin University Of Electronic Technology

Guilin, China
zhliu9802@163.com

Abstract—Avionic systems constitute a significant component
of modern military and civilian aircraft, serving as a crucial
technological means to ensure the accomplishment of designated
missions and safe flight operations. They also play a pivotal
role in determining the overall performance of contemporary
military and civilian aviation equipment. However, with the
rapid development of aviation technology and the high degree
of interconnectivity in avionic systems, an increasing number
of network security threats have emerged. While numerous
approaches have been proposed to address the network threats
encountered in avionic systems, none have comprehensively
covered all network threats pertaining to avionic systems. Fur-
thermore, there is a lack of a unified standard for assessing
network security issues specific to avionic systems. Therefore,
this paper presents a comprehensive approach to constructing an
aviation electronic system network security experimental system.
This approach also provides a reference standard that can serve
as a theoretical foundation for subsequent research projects
and scientific studies on security issues in avionic systems.
Experimental results confirm the effectiveness of the proposed
comprehensive approach in mitigating various network security
threats, while also establishing a standard for designing aviation
electronic system network security solutions.
Index Terms—aviation electronic system, network security
threats, comprehensive approach, reference standard
Aviation electronic systems are highly attractive to network
attackers due to the significant amount of data, value, and
monetary resources involved [2]. In recent years, there has
been an alarming increase in network threats targeting aviation
electronic systems. Kainrath et al extensively discuss the
different types of threats posed to air traffic communication
systems [3]. They conduct in-depth analyses of attacks in
the networked aviation environment based on the attackers’
resources, expertise, and motivations. According to their clas-
sification, network threats can be categorized into five types:
passive attackers, amateur hackers, network threats, cyber
terrorism, and state-sponsored attacks. For the definition and
further details of these threats, please refer to [3]. Additionally,
as shown in Fig. 1, both domestic and international aviation
electronic systems face various network security threats that
require heightened attention and countermeasures [4]:

I. I NTRODUCTION
With the rapid advancement of aviation technology and the
high level of interconnectivity in aviation electronic systems,
the complexity of these systems has been increasing. However,
the growing reliance on networked systems and the integration
of various components have also led to a growing prominence
of network security issues in aviation electronic systems.
Strohmeier et al. [1] emphasize the importance of assessing
and enhancing the network security performance of aviation
electronic systems to address the escalating threat of network Fig. 1. Network security threats in avionics system.
attacks.
• Remote Attacks: Malicious attackers may exploit network
This article is supported in part by Guangxi Science and Technology Plan
Project under grant AA22068067, the National Natural Science Foundation channels to launch remote attacks on aviation aircraft.
of China under projects 62172119, U21A20467, 61972019, and 72192801, They utilize techniques such as exploiting software vul-
the National Natural Science Foundation of China under project 62172119. nerabilities, deploying malicious code, or employing so-
cial engineering methods to infiltrate critical components

979-8-3503-3103-5/23/$31.00 ©2023 IEEE 383

DOI 10.1109/DSC59305.2023.00061
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
 such as flight control systems, navigation systems, or
communication systems. The primary goal of these at-
tacks is to compromise the security and normal operation
of the aviation electronic system.
• Wireless Communication Interference: The communica-
tion and navigation systems of aviation electronic systems
rely on wireless technology for data transmission and
communication. Malicious attackers may exploit wireless
jamming devices or interfere with radio frequencies to
disrupt the communication links of the system, resulting
in communication interruptions, misleading flight opera-
tions, or navigation system failures.
• Data Leakage and Theft: Aviation electronic systems
house a substantial amount of sensitive data, includ-
ing flight plans, passenger information, and flight data,
among others. Hackers may attempt to infiltrate the
system and steal this sensitive data for the purposes of
information disclosure, identity theft, or other malicious
activities.
• Internal Threats: Internal personnel have the potential
to pose a network security threat to aviation electronic
systems by abusing privileges or exploiting internal vul-
nerabilities. These internal threats can involve flight crew
members, maintenance personnel, or suppliers, who may
utilize privileged access to aircraft systems to manipulate,
sabotage, or tamper with critical data and systems.
• Physical Attacks: In addition to network attacks, aviation
electronic systems also face the threat of physical attacks.
Malicious individuals may attempt to implant malicious
hardware devices or sabotage equipment within the avia-
tion electronic systems to impact the system’s operability
and security.
These threats pose significant risks to the security, integrity,
confidentiality, and overall aviation infrastructure of critical
flight data. Aviation authorities, aircraft manufacturers, and
system operators urgently need to address these security issues
and devise robust countermeasures to safeguard aviation elec-
tronic systems from potential network attacks. These attacks
not only impact internal systems and infrastructure but also
pose a threat to human lives.
II. R ELATED WORK
Many solutions have been dedicated to address the cyber-
security issues present in avionics systems and the human
and material consumption associated with the upgrade of
complex systems. To address the problems of complex system
architecture and lack of adaptability in avionics systems,
Sabatini et al. [5] proposed the use of heterogeneous sensor
networks and optimization algorithms, but they also lead to
reduced context awareness, lack of transparency and integrity
of human operators, and increased cycle maintenance. To
address the periodic maintenance or replacement of electronic
systems, Jiang et al. [6] propose a concept of predictive and
health management to obtain failure experience through data
mining to provide decisions for avionics systems. To improve
the prediction of risk and risk severity in avionics systems,
384
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
Alkhamisi et al. [7] improved the efficiency of risk prediction
by using the integration of machine learning and deep learning
algorithms to train and evaluate their data.
There are multiple cyber security threats in the field of
cyber security for avionics equipment as critical infrastructure
in avionics systems [8]. To address the problem of attackers
targeting avionics systems cyber attacks leading to data theft
and avionics equipment crippling, Rudo et al. [9] proposed the
use of fuzzy tests to assess avionics equipment cybersecurity
vulnerabilities. To address the increasing malicious threats to
avionics embedded systems and the problem of internal attacks
that undermine organizational security measures, Damien et al.
[10] designed an intrusion detection system that mimics the
behavior of malicious code introduced within an application
as monitoring by automatically executing code mutations in
the application.
To discover security vulnerabilities in critical or non-critical
cyber domains, Kainrath et al. [11] built a testbed consisting of
avionics hardware to analyze and study it, but could not defend
it dynamically. To improve the resilience and resistance of the
system, Zheng et al. [12] proposed a dynamic defense, but
it is still difficult to detect potential threats. To address the
potential threat of wireless interference to avionics systems,
Smith et al. [13] proposed spectrum monitoring and enhanced
security mechanisms that emphasize pilot training to counter
the problem and improve flight safety.
To address the difficulty of maintaining avionics mainte-
nance records and the complexity of verifying crew certifica-
tion operations, Ahmad et al. [14] used a blockchain frame-
work combined with smart contracts and a prophecy machine
to improve its efficiency while ensuring that the data would
not be tampered with. To prevent data theft and traceability
of lost information, Peng et al. [15] used blockchain and
federated chain approaches applied to avionics systems to
address privacy security and identity information tracking.
In order to simulate the real environment and test and
validate the cyber security technology, Kokkonen et al. [16]
proposed the establishment and application of a cyber range,
which is essential to improve the cyber security capability of
air vehicles.
All of the above schemes do not achieve protection against
all of the cyber security threats mentioned in Part I. The
purpose of this paper is to present a comprehensive plan for
establishing an aviation electronic system network security
experimental system. This system aims to primarily assess
security architectures, identify vulnerabilities, and evaluate the
effectiveness of defense mechanisms for aviation electronic
devices and aircraft systems. It aims to accomplish research on
the security architecture of critical aviation electronic devices
and aircraft systems, review the attack surface, conduct vulner-
ability analysis, evaluate the effectiveness of core component
attacks and defenses, and perform network security analysis
on radio frequency, network buses, communication protocols,
and other aspects. Furthermore, it aims to provide a theoretical
foundation for future research projects and scientific studies.
The contribution of this paper is as follows:
 • We propose a more comprehensive approach compared to
previous schemes for constructing an aviation electronic
system network security experimental system.
• The system focuses on evaluating security architectures,
identifying vulnerabilities, and assessing the effectiveness
of defense mechanisms for aviation electronic devices and
aircraft systems. It facilitates research on the security
architecture of critical aviation electronic devices and
aircraft systems, conducts analysis of attack surfaces,
vulnerability analysis, evaluation of the effectiveness of
core component attacks and defenses, and performs net-
work security analysis on radio frequency, network buses,
communication protocols, and other aspects.
• This approach provides a standardized reference that can
serve as a theoretical basis for future research projects and
scientific studies on security issues in avionic systems.
In the Part I, we introduced the existing safety problems
of avionics systems. Some existing solutions to the safety
problems of avionics systems are presented in Part II. Our
scheme is presented in Part III. Part IV analyzes our scheme
through experiments. The Part V concludes the paper.
III. O UR SCHEME
We will introduce the proposed approach through four
sections: design objectives, experimental system configuration,
application of the experimental system, and network security
monitoring and research. The flow of the research idea is
shown in Fig. 2.
Fig. 2. The flow of the research idea.
A. Design Objectives
The aim of this paper is to propose a comprehensive
approach for constructing an aviation electronic system net-
work security experimental system. This system will focus
on evaluating security architecture, identifying vulnerabilities,
and assessing the effectiveness of defense mechanisms in
aviation electronic devices and aircraft systems. It aims to
achieve research on the security architecture of critical aviation
electronic components and aviation flight systems, as well
as the analysis of attack surfaces, vulnerability assessment,
evaluation of the effectiveness of core component defenses,
385
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
and network security analysis of radio frequency, network
buses, communication protocols, and more.
B. Experimental System Configuration
1) Avionics test bench: The experimental system will set up
a dedicated avionics test bench to evaluate its security features
and vulnerabilities. The test bench will facilitate the analysis
of the attack surface, vulnerability assessment, and evaluation
of the effectiveness of the security measures implemented by
these devices.
2) High-fidelity virtualization and simulation environments:
We will develop a high-fidelity virtualization and simula-
tion environment targeting aircraft hardware and software
components. This environment will facilitate comprehensive
testing and evaluation of aviation system security, including
communication protocols, radio frequency, and network buses.
We will construct a virtualization platform that simulates a
realistic aircraft environment, encompassing various hardware
and software components of the aircraft. Through simulation,
we will be able to emulate different scenarios and conditions
to conduct thorough testing and evaluation of aviation system
security. Our virtualization environment will possess a high
level of fidelity, accurately reproducing the behavior and re-
sponses of different aircraft components. By simulating critical
elements such as communication protocols, radio frequency,
and network buses, we will detect potential security vulnerabil-
ities and risks. Through our research, developers and suppliers
of aviation systems will be able to conduct comprehensive
security testing in a virtual environment and promptly address
potential issues. Our virtualization environment will provide
a reliable assessment platform for the security of aviation
systems, assisting developers in enhancing the security and
reliability of their systems.
3) Cybersecurity assessment kit: The experimental system
will develop a comprehensive network security assessment
toolkit for analyzing the security of aviation electronic devices
and systems. This toolkit will include research tools for
security architecture, attack surface mapping, vulnerability
analysis, and effectiveness evaluation of core components.
Furthermore, through the comprehensive network security
assessment toolkit developed by us, developers of aviation
electronic devices and systems will gain better insights into
and evaluate the security of their systems. The key tools
included are as follows:
• Security architecture research tools: The tool will help
researchers analyze and evaluate the security architecture
of avionics and systems. It will provide powerful model-
ing and analysis capabilities to help users understand the
overall security architecture of the system and identify
potential security risks and vulnerabilities.
• Attack surface mapping tool: The tool will help users
identify the attack surface of the system by simulating
the attacker’s behavior and attack path. It analyzes the
various components and interfaces of the system and
identifies areas that may be attacked. The tool allows
 users to understand the weak points of the system and
take appropriate security measures.
• Vulnerability analysis tools: This tool will help users
detect and analyze vulnerabilities and security vulnerabil-
ities present in the system. It will use static and dynamic
analysis techniques to scan the system’s code and config-
uration files to identify possible vulnerabilities. Users can
use this tool to discover and repair vulnerabilities in the
system in time and improve the security of the system.
• Core component effectiveness assessment tool: This
tool will evaluate the effectiveness and safety of the
core components of the system. It will test and evaluate
key components of the system to ensure its functional
integrity and ability to withstand attacks. Users can use
the tool to verify that the core components of the system
meet safety standards and take necessary improvements.
C. Application of the Experimental System
1) National standard formulation: The experimental sys-
tem will work with aviation system suppliers, security service
providers and users to accelerate the development of national
standards for aviation system cybersecurity. This will ensure
that the aviation system adheres to established safety policies,
technical and management standards.
2) Aviation system security risk assessment: The experi-
mental system will provide safety risk assessment services for
aviation systems. Suppliers can utilize the laboratory’s assess-
ment criteria and toolkits for self-assessment or seek third-
party evaluation. The assessment identifies security threats,
vulnerabilities, evaluates existing security measures, and as-
sesses potential damage in the event of a security incident.
3) Exploration of testing standards and processes: The
experimental system will explore and establish standards,
processes, and test cases for the assessment of network security
in aviation systems. It will develop a target platform for
aviation electronic security testing, aimed at discovering and
exploiting vulnerabilities. This platform will support targeted
testing of critical components as well as comprehensive testing
of large-scale industrial networks. We will research and define
standards and processes for the assessment of network security
in aviation systems, ensuring the effectiveness and compre-
hensiveness of the tests. Through this platform, we will be
able to discover and exploit vulnerabilities in aviation systems
and provide corresponding solutions. This will contribute to
enhancing the security of aviation systems and mitigating
potential risks. We will develop a series of test cases to
evaluate the network security of aviation systems. These test
cases will cover various aspects of critical components and
large-scale industrial networks, ensuring the comprehensive-
ness and accuracy of the tests. We will utilize these test cases
to assess the network security of aviation systems and provide
recommendations for improvements.
D. Network Security Monitoring And Research
1) Security vulnerability database and patch releases:
The experimental system will establish a nationwide aviation
386
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
system security vulnerability database and timely disclose
vulnerability information and patches through the national
information security vulnerability sharing platform. It will
also facilitate communication channels among aviation system
manufacturers, suppliers, and users to address network security
issues. Through this database and platform, stakeholders in
the aviation system can stay informed about the latest security
vulnerabilities and obtain corresponding patches in a timely
manner. This contributes to strengthening the security of
aviation systems and reducing potential risks. Additionally,
the system provides a platform for communication and collab-
oration, enabling manufacturers, suppliers, and users to work
together in resolving network security issues.
2) Real-time monitoring and threat analysis: The real-time
monitoring and analysis of aviation system network security
incidents will be achieved through the utilization of big data
analytics techniques. We will continuously monitor manufac-
turer faults, user behavior, and device behavior to promptly
detect occurrences of abnormal situations. By employing big
data analytics, we will be able to swiftly identify and analyze
security incidents within the aviation system. We will establish
an experimental system that monitors data from various as-
pects in real-time and utilizes advanced algorithms and models
to identify potential security threats. Upon detecting abnormal
situations, our experimental system will immediately issue
alerts to system users. This will assist manufacturers and users
in taking necessary security measures in a timely manner,
preventing further escalation and impact of security incidents.
3) Research and testing of safety assessments: The ex-
perimental system will utilize an aviation electronic security
testing target platform for research and testing purposes. It
will integrate security testing and evaluation tools to analyze
the functionality, performance, and protective capabilities of
aviation systems, as well as their impact on system security.
Furthermore, it will establish a security testing and certification
system for aviation systems, providing standardized security
certification reports. Additionally, a comprehensive plan is
proposed to construct an aviation electronic system network
security experimental system. This experimental system will
serve as a key facility for evaluating the security of avia-
tion electronic equipment and systems, developing national
standards, assessing security risks, and promoting research in
network security. By establishing this experimental system,
the aviation industry can effectively enhance the security of
aviation systems and ensure the safety of aircraft operations.
IV. E XPERIMENT
For the above scenarios, we conducted vulnerability verifi-
cation, permeability verification and survivability verification.
The experiments are completed on laptops equipped with 32G
memory, i7-11800H processor, and win11 operating system
system.
A. Vulnerability Verification
Vulnerability testing and verification are conducted through
various means, including document review, personnel exam-
ination, and tool-based detection, aiming to comprehensively
identify and discover potential weaknesses in aircraft avionic
systems across physical environments, network structures,
system software, middleware, and application systems. The
effectiveness of security control measures is evaluated, and the
scientific and rational nature of the verification testing methods
is validated.
1) Preparatory conditions: In order to verify the network
security vulnerabilities of the aircraft avionic systems, the
experimental validation process needs to fulfill a series of
necessary conditions. Firstly, it is essential to assign at least
one dedicated personnel responsible for overall communi-
cation and coordination of the testing activities, ensuring
smooth progress of the experiment. Secondly, the necessary
network access conditions should be provided to conduct
vulnerability testing and ensure a comprehensive evaluation of
the tested devices. Additionally, to facilitate the experimental
work, relevant materials need to be provided for reference,
including basic information about the tested device unit such
as its development history, main business scope, business
scale, and organizational structure. Furthermore, information
regarding the information systems and network topology of
the tested devices’ network access, IP segment allocations,
and other relevant details should be made available. These
details will contribute to a comprehensive understanding of the
tested device’s environment and configuration, enabling a more
accurate assessment of its network security vulnerabilities.
2) Detection tool: Vulnerability assessment tools and vul-
nerability scanning technologies go hand in hand, covering a
wide range of options, including Nmap, Nessus, Xray, Goby,
and more, as shown in Tab. I. Different tools are based on
unique analysis principles and each has detection capabilities,
so selecting the right vulnerability scanning tool is critical.
During the test verification process, the testing party shall
provide a list of tools and ensure that they meet the following
requirements: First, the tools themselves do not contain any
malicious programs, known vulnerabilities or other security
defects; Secondly, the risk that may be caused by the tool
is clearly listed in the test plan, and the corresponding risk
avoidance and emergency disposal measures are provided.
Finally, if the sensitive environment such as the production
intranet cannot access external devices for security testing, the
tested party should provide appropriate own devices to ensure
the smooth testing.
TABLE I
V ULNERABILITY TEST TOOL TABLE
Tool name Risk level Access channels Primary use
Nmap None Internet Host Scan
Nessus None Internet Vulnerability Test
Xray None Internet Vulnerability Scan
Goby None Internet Vulnerability Scan
3) Detection technique: Vulnerability verification is per-
formed by scanning critical asset devices for vulnerabilities in
multiple ways, including port scanning, host scanning, device
scanning, application scanning, and operating system scanning
techniques. These techniques are used to detect critical asset
387
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
devices for known vulnerabilities and discover open ports,
host vulnerabilities, device vulnerabilities, application system
vulnerabilities, and operating system vulnerabilities. By using
a combination of these scanning techniques, risks such as
unauthorized access, data theft and server compromise by
attackers exploiting vulnerabilities can be quickly identified
and prevented.
4) Detection method: Vulnerability test validation test
methods include personnel interviews, document review, man-
ual verification and tool testing.
• Personnel interview: Through the assessor’s conversa-
tion and questioning with the relevant personnel of the
evaluated system, to understand some basic information
about asset management and security management, and
to conduct Q&A verification of some assessment contents
and some parts of its document review.
• Document review: Through the user submitted system
business documents, system network topology of vari-
ous business applications, technical information, security
management materials, etc., to fully understand and an-
alyze whether the security management system of the
system under evaluation is sound, whether the design is
reasonable, etc.
• Manual verification: Manual verification is mainly to
verify some information that needs to be checked and
confirmed on site, as well as to verify the contents
of certain personnel interviews and document reviews.
The evaluator performs activities such as observation,
checking and analysis of the evaluation object. Expand
and conduct necessary functional tests, performance tests,
and penetration tests of networks and systems in terms
of possible vulnerabilities and weaknesses in operating
systems, database systems, application systems and net-
work equipment. Verify the functionality of the appli-
cation system, security is in line with the requirements,
and ultimately obtain evidence to prove that the system
security protection measures are effective
• Tool detection: The use of fully tested and identified
detection tools for the tested device object security vul-
nerability scanning, manual verification of the vulnerabil-
ities found by the detection, comprehensive search, rapid
discovery of the target security vulnerabilities and risk
issues.
B. Permeability Verification
Conduct penetration test validation tests through penetration
testing, vulnerability scanning, and other technical means to
assess the potential level of harm and impact of cyber threats
to aircraft avionics system cyber assets, which include physical
damage, system failure, reduced functionality, data eavesdrop-
ping, operational tampering, and information leakage.
1) Preparatory conditions: To ensure the normal conduct
of the permeability test, the testing party and the tested party
should meet the following professional conditions. First, the
tested party should provide an access point and access envi-
ronment with the requirements of the testing work to ensure
that the test is conducted in a standard network environment.
Second, the tested party should actively cooperate and provide
detailed information required for testing, including network
configuration, system architecture, etc., to ensure that the
testing party can fully understand the complexity and security
features of the evaluated system. In addition, the testing
party should comprehensively assess the possible risks before
the test and provide detailed risk avoidance and emergency
disposal measures to ensure that the test process will not
negatively affect the normal operation of the business system
and sensitive data. Finally, during the test process, the testing
party should promptly remove the temporary creation of users,
files and other test traces to protect the confidentiality and
integrity of the tested party’s system. If there are traces that
cannot be deleted, the testing party should clearly point out
in the report and provide professional advice for the tested
party to further improve and strengthen security protection
measures.
2) Detection tool: Penetration detection tools are insepara-
ble from penetration testing techniques. It is critical to choose
the right tools, including Nmap, Nessus, SQLmap, Burpsuite,
IDA, OD, Hydra, etc., as shown in Tab. II. The testing tools
must be strictly examined, firstly, without malicious programs
or known vulnerabilities; secondly, the risks are clearly as-
sessed in the test plan and emergency disposal measures are
provided; finally, for sensitive intranets that do not have direct
access to external devices, the tested party needs to provide its
own equipment to ensure that the test is conducted properly.
This ensures the professionalism, accuracy and security of the
test, and also provides a reliable basis for security assessment.
TABLE II
P ERMEABILITY TEST TOOL LIST
Tool name Risk level Access channels Primary use
Nmap None Internet Host Scan
Nessus None Internet Vulnerability Test
SQLmap None Internet Injection Tools
Burpsuite None Internet Web Packet Capture Tool
IDA None Internet Static Decompilation
OD None Internet Dynamic Decompilation
Hydra None Internet Password Blast
3) Detection technique: Penetration testing technology at-
tempts to use typical threat means to actually implement
threatening intrusion behavior, so as to verify the degree of
harm and impact caused by network threats to critical assets
in the equipment and related business, with the threat types
mainly covering physical destruction, system failure, function
degradation, data theft, operation tampering, information leak-
age, etc.
The penetration test used in this test is mainly an assess-
ment method to evaluate the security of network systems by
simulating the attack methods of malicious hackers. The pen-
etration testing process is based on the ATT&CK framework
for target reconnaissance, weapon construction, load delivery,
vulnerability exploitation, installation implantation, command
and control and target achievement. It specifically includes
wireless network penetration testing, digital certificate pen-
388
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
etration testing, USB interface penetration testing, operating
system penetration testing, access control penetration testing,
malicious code testing, and network security logs, network
security policy configuration and important file modification.
4) Detection method: The testing party performs relevant
checks by collecting information about the tested party (e.g.,
product and service provider status, organizational structure
of the tested party), and also by vulnerability scanning to
detect port service scanning and host vulnerability scanning.
Manual verification of vulnerabilities found in the vulnera-
bility scan network layer, system layer, application layer and
other vulnerabilities. Through in-depth analysis of the business
process of the object being inspected, with the help of traffic
capture, protocol analysis or manual inspection, etc., to find the
possible security flaws in the business logic level of the party
being inspected (such as credential validation flaws, interface
validation flaws, data validation flaws logic design flaws, etc.),
etc. Selectively use wireless security detection tools to detect
the wireless hotspot environment of the inspected party (e.g.
cabin passenger wireless network) to discover possible security
risks in the wireless network (e.g. phishing hotspot detection,
weak encryption method detection, private build detection,
etc.). It performs Trojan detection, backdoor detection, and
intrusion trace detection, and scans and views the relevant
server files, system log files, database records and security
device logs of the inspected party to check whether it has
been compromised.
C. Survivability Verification
Through close to the real-world environment to verify the
attack and defense confrontation, etc., to carry out the sur-
vivability test verification test to verify and assess the ability
of aircraft avionics system to resist cyber threats, including
protection capability, detection capability, response capability
and recovery capability.
1) Preparatory conditions: Survivability detection tools
and protection monitoring technology is inseparable, mainly
including Burpsuite, Wireshark, Process-explorer, Netcat, Fire-
Fox, etc., as shown in Tab. III. For the different detection tools
adapted to the detection function is not the same, but all need
to meetThree points: first, the detection tool itself does not
exist malicious programs, vulnerabilities and other security
flaws; second, the risks that may arise from the detection
tool are clearly pointed out in the detection program, and risk
avoidance and emergency disposal measures are given; finally,
if it is true that the production intranet and other sensitive
parts can not access external equipment for security testing,
the party being tested to provide the necessary own equipment
to ensure that the detection is carried out properly.
2) Detection tool: Survivability detection tools and protec-
tion monitoring technology is inseparable, mainly including
Burpsuite, Wireshark, Process-explorer, Netcat, FireFox, etc.,
as shown in Tab. III. For the different detection tools adapted
to the detection function is not the same, but all need to
meet Three points: first, the detection tool itself does not
exist malicious programs, vulnerabilities and other security
flaws; second, the risks that may arise from the detection
tool are clearly pointed out in the detection program, and risk
avoidance and emergency disposal measures are given; finally,
if it is true that the production intranet and other sensitive
parts can not access external equipment for security testing,
the party being tested to provide the necessary own equipment
to ensure that the detection is carried out properly.
TABLE III
S URVIVABILITY TEST TOOL SHEET
Tool name Risk level Access channels Primary use
Burpsuite None Internet Web Packet Capture Tools
Wireshark None Internet Packet Capture Tools
Process-explorer None Internet Process View
Netcat None Internet Unicom Test
FireFox None Internet Administration Page Test
3) Detection technique: Aircraft avionics system cyber
survivability testing and assessment covers the examination of
key technical aspects such as protection capability, monitoring
capability, response capability, and recovery capability. In
terms of protection capability, operational test projects should
be designed to verify the actual impact limits of the target’s
cyber security protection measures on potential cyber security
events and the ability to guarantee the normal execution of
critical functions and operational mission tasks. For monitor-
ing capability, the target’s ability to detect various types of
network security events in a timely manner and accurately
determine the occurrence of events and corresponding pro-
tective measures should be assessed through operational test
projects to evaluate the target’s ability to monitor the state
of network security. For response capability, corresponding
operational test projects should be designed to verify the
target’s ability to take action on detected cybersecurity events,
prevent the expansion of potential impacts, and assess the
target’s ability level to respond to cybersecurity events. For
recovery capabilities, operational test programs need to be
designed to assess the effectiveness of the target’s recovery
plan to ensure that compromised functions or services are
rapidly restored to normal operations from a cybersecurity
event with reduced physical impact to verify the target’s ability
to recover from a state of failure or paralysis caused by a
disaster to a normal operating state. These tests and evaluations
are designed to comprehensively examine the ability of the
aircraft avionics system network to respond in the face of a
security event to ensure its survivability and reliability.
4) Detection method: The testing process mainly involves
the testing and evaluation of network survivability. On the
one hand, security inspection, personnel interviews, attack and
defense tests can be used to test against each survivability, and
on the other hand, different evaluation methods can be used
to establish evaluation models to assess the capability against
survivability.
• Security check: Check the target network structure, pro-
tection equipment, personnel configuration, system man-
agement, operational processes and operating procedures,
including physical protection measures check, network
security protection equipment integrity check, etc.
389
Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.
• Personnel interview:Through conversations and inquiries
between the evaluators and relevant personnel of the
evaluated system, some basic information on asset man-
agement and security management is understood, and
Q&A verification of some evaluation contents and parts
of its document audit is conducted.
• Attack and defense test: Adopt typical network attack
and defense tactics and techniques, and conduct network
attack and defense test assessment on equipment. Attack
methods usually include social engineering, vulnerability
exploitation, supply chain attacks, etc. Protection strate-
gies usually include reducing the attack surface, defense
in depth, emergency handling, active defense, traceability
countermeasures, trusted computing, etc.
• Capability assessment: Network security survivability in-
cludes four indicators of protection capability, detection
capability, response capability, and recovery capability,
and different assessment methods are selected to com-
plete the indicator assessment based on the physical
meaning of indicators and analysis of influencing factors.
V. C ONCLUSION
This paper presents a comprehensive approach to construct
an aviation electronic system network security experimental
system capable of mitigating various common network secu-
rity threats in aviation electronic systems. The system focuses
on evaluating security architecture, identifying vulnerabilities,
and assessing the effectiveness of defense mechanisms in
aviation electronic devices and aircraft systems. It facilitates
research on the security architecture of critical aviation elec-
tronic components and aircraft systems, vulnerability analysis,
evaluation of core component defense capabilities, as well as
network security analysis of radio frequency, network bus,
communication protocols, and others. Additionally, this paper
provides a reference standard that can serve as a theoretical
foundation for future research projects and scientific studies
related to security issues in aviation electronic systems. Ex-
perimental results demonstrate that the proposed approach is
effective in addressing common network security threats in
aviation electronic systems and superior to existing compliance
validation solutions.
R EFERENCES
[1] M. Strohmeier, M. Schäfer, M. Smith, V. Lenders, and I. Martinovic,
“Assessing the impact of aviation security on cyber power,” in 2016 8th
International Conference on Cyber Conflict (CyCon). IEEE, 2016, pp.
223–241.
[2] Y. Laarouchi, Y. Deswarte, D. Powell, J. Arlat, and E. De Nadai,
“Ensuring safety and security for avionics: A case study,” DAta Systems
In Aerospace (DASIA 2009), pp. 26–29, 2009.
[3] K. Kainrath, M. Fruhmann, K. Gebeshuber, E. Leitgeb, and M. Gruber,
“Evaluation of cyber security in digital avionic systems,” in 2020 IEEE
91st Vehicular Technology Conference (VTC2020-Spring). IEEE, 2020,
pp. 1–5.
[4] K. E. Nygard, A. Rastogi, M. Ahsan, and R. Satyal, “Dimensions of
cybersecurity risk management,” in Advances in Cybersecurity Man-
agement. Springer, 2021, pp. 369–395.
[5] R. Sabatini, A. Roy, E. Blasch, K. A. Kramer, G. Fasano, I. Majid,
O. G. Crespillo, D. A. Brown, and R. O. Major, “Avionics systems panel
research and innovation perspectives,” IEEE Aerospace and Electronic
Systems Magazine, vol. 35, no. 12, pp. 58–72, 2020.
 [6] N. Jiang, C. Zhang, Y. Cao, and R. Zhan, “Application of prognostic
and health management in avionics system,” Highlights in Science,
Engineering and Technology, vol. 7, pp. 1–9, 2022.
[7] A. Omar Alkhamisi and R. Mehmood, “An ensemble machine and
deep learning model for risk prediction in aviation systems,” in 2020
6th Conference on Data Science and Machine Learning Applications
(CDMA), 2020, pp. 54–59.
[8] K. E. Nygard, A. Rastogi, M. Ahsan, and R. Satyal, “Dimensions of
cybersecurity risk management,” in Advances in Cybersecurity Man-
agement. Springer, 2021, pp. 369–395.
[9] D. Rudo and D. K. Zeng, “Consumer uav cybersecurity vulnerability
assessment using fuzzing tests,” arXiv preprint arXiv:2008.03621, 2020.
[10] A. Damien, N. Feyt, V. Nicomette, E. Alata, and M. Kaâniche, “Attack
injection into avionic systems through application code mutation,” in
2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC).
IEEE, 2019, pp. 1–8.
[11] K. Kainrath, M. Fruhmann, K. Gebeshuber, E. Leitgeb, and M. Gruber,
“Evaluation of cyber security in digital avionic systems,” in 2020 IEEE
91st Vehicular Technology Conference (VTC2020-Spring), 2020, pp. 1–
5.
[12] Y. Zheng, Z. Li, X. Xu, and Q. Zhao, “Dynamic defenses in cyber
security: Techniques, methods and challenges,” Digital Communications
and Networks, vol. 8, no. 4, pp. 422–435, 2022.
[13] M. Smith, M. Strohmeier, J. Harman, V. Lenders, and I. Martinovic,
“Safety vs. security: Attacking avionic systems with humans in the loop,”
ArXiv, vol. abs/1905.08039, 2019.
[14] R. W. Ahmad, K. Salah, R. Jayaraman, H. R. Hasan, I. Yaqoob, and
M. Omar, “The role of blockchain technology in aviation industry,” IEEE
Aerospace and Electronic Systems Magazine, vol. 36, no. 3, pp. 4–15,
2021.
[15] Y. Peng, “Application of blockchain in civil aviation,” in 2021 2nd
International Conference on Computing and Data Science (CDS), 2021,
pp. 198–202.
[16] T. Kokkonen, T. Sipola, J. Päijänen, and J. Piispanen, “Cyber range tech-
nical federation: Case flagship 1 exercise,” in Collaborative Approaches
for Cyber Security in Cyber-Physical Systems. Springer, 2023, pp.
1–13.

390

Authorized licensed use limited to: Civil Aviation University of China. Downloaded on June 07,2024 at 23:53:12 UTC from IEEE Xplore. Restrictions apply.