Scribd Logo
Upload

Welcome to Scribd!

  • SAE E 36 Committee Proposal For Engine and Propeller Controls and Cyber Security

    Uploaded by

    eric retko
    29 views9 pages
    The Federal Aviation Administration (FAA) proposes that the SAE E-36 committee consider cybersecurity concerns regarding engine and propeller electronic controls. Specifically, the FAA references two Aviation Rulemaking Advisory Committee recommendations to update regulations 14 CFR 33.28 and 35.23 to establish cybersecurity protections for engines and propellers. The FAA requests that the SAE E-36 committee provide recommendations on whether the current regulations and associated guidance adequately address cybersecurity, and whether updates are needed.

    Original Description:

    autopolotas

    Original Title

    SAE E 36 Committee Proposal for Engine and Propeller Controls and Cyber Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Federal Aviation Administration (FAA) proposes that the SAE E-36 committee consider cybersecurity concerns regarding engine and propeller electronic controls. Specifically, the FAA references two Aviation Rulemaking Advisory Committee recommendations to update regulations 14 CFR 33.28 and 35.23 to establish cybersecurity protections for engines and propellers. The FAA requests that the SAE E-36 committee provide recommendations on whether the current regulations and associated guidance adequately address cybersecurity, and whether updates are needed.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    29 views9 pages

    SAE E 36 Committee Proposal For Engine and Propeller Controls and Cyber Security

    Uploaded by

    eric retko
    The Federal Aviation Administration (FAA) proposes that the SAE E-36 committee consider cybersecurity concerns regarding engine and propeller electronic controls. Specifically, the FAA references two Aviation Rulemaking Advisory Committee recommendations to update regulations 14 CFR 33.28 and 35.23 to establish cybersecurity protections for engines and propellers. The FAA requests that the SAE E-36 committee provide recommendations on whether the current regulations and associated guidance adequately address cybersecurity, and whether updates are needed.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 9

    FederalAviation

    Aviation
    Engine and propeller Federal
    Administration
    Administration
    electronic controls and
    cyber-security concerns

    FAA proposal to SAE E-36


    committee to consider engine
    and propeller controls and
    cyber security

    Presented to: SAE E-36 committee

    By: Philip Haberlen


    Engine and Propeller Standards Branch

    September 17, 2019


    Federal Aviation
    Administration
    Scope
     The FAA has various lines of business and coordinates security
    activities with other organizations such as the Department of
    Homeland Security (DHS) and Transportation and Security
    Administrations (TSA)
     All aspects of security are addressed by various organizations
    including but not limited to physical security, infrastructure, Aircraft
    Systems Information Security Protection (ASISP) and aircraft
    operations
     ASISP policy, guidance and industry standards address electronic
    cyber-security attacks and threats
     ASISP does not address physical security including terrorist
    attacks such as hijacking, bomb threats, etc.

    Federal Aviation 2
    Engine and Propeller controls and cyber security Administration
    FAA AVS Strategic Plan Focus
     Talking Points
     We’re focusing in, for the most part, on electronic connectivity
    to internal and external aircraft systems and networks
     We believe that the greatest threat is the exploitation of
    aircraft electronic access points via public networks such as
    the internet or counterfeit computer integrated circuits
     We have published policy statements, special conditions, and
    issue papers to address and mitigate any potential aircraft
    electronic connectivity vulnerabilities
     We have published training materials (this effort is ongoing)
     We have sponsored an Aviation Rulemaking Advisory
    Committee (ARAC) working group (WG) comprised of industry
    and government experts to provide additional information and
    recommendations on ASISP

    Federal Aviation 3
    Engine and Propeller controls and cyber security Administration
    FAA ASISP History (sheet 1 of 4)
     The FAA Aircraft Certification Service initial development of
    policy, guidance, industry standards and training for security
    considerations started in 2005
     Milestones
     Aircraft Certification published Special Conditions and
    Companion Issue papers on the Boeing 787 Transport
    Category Airplane during 2005
     Addresses threats from external connectivity to aircraft
    systems from public networks such as the internet
     Addresses threats across aircraft systems domains such as
    potential hacking of entertainment systems and Wi-Fi
    networks
     Sponsored research projects with the John. A Volpe National
    Transportation Systems Center during 2005 through 2009

    Federal Aviation 4
    Engine and Propeller controls and cyber security Administration
    FAA ASISP History (sheet 2 of 4)
     Milestones (continued)
     Sponsored RTCA Special Committee (SC)-216 “Aeronautical
    Systems Security” on June 26, 2007 to develop industry
    standards for initial design and continued airworthiness for
    aircraft systems and networks
     Support the SAE-18 Committee, Development Assurance
    processes for aircraft systems and safety including security
    considerations starting May, 2010
     Developed a strategic plan for ASISP during 2012
     Sponsored research projects with the FAA Atlantic City
    Technical Center starting 2012 and this effort is ongoing
     Support the RTCA SC-228 Unmanned Aircraft Systems
    cryptographic security controls for the command and control
    (C2) data link starting May 20, 2013

    Federal Aviation 5
    Engine and Propeller controls and cyber security Administration
    FAA ASISP History (sheet 3 of 4)
     Milestones (continued)
     Support the Interagency Core Cyber Team (ICCT) during 2014
    (effort is ongoing)
     Supported the General Aviation Manufacturing Association
    (GAMA) steering group on ASISP during 2013 through 2014
     Supported the ASTM Committee F44 on ASISP using the output
    from the GAMA steering group during 2014 through 2018
     Published and revised Policy Statements on Establishment of
    Special Conditions for ASISP beginning March 6, 2014
     On December 18, 2014 an Aviation Rulemaking Advisory
    Committee (ARAC) working Group (WG) to provide information
    on ASISP was established
     On August 22, 2016 the ARAC WG published a final report on
    ASISP with 30 recommendations

    Federal Aviation 6
    Engine and Propeller controls and cyber security Administration
    FAA ASISP History (sheet 4 of 4)
     Milestones (continued)
     Work-in-progress, FAA has developed a strategic plan and is in
    the process of reviewing and dispositioning of the ARAC WG
    recommendations
     Supported the development of an on-line training Wi-Fi security
    training course during 2016
     Support rulemaking for Transport Category Airplanes on
    ASISP starting in 2017
     Drafted the ASISP section of Electronic Flight Bag AC 20-173
    “Installation of EFB Components” during 2017

    Federal Aviation 7
    Engine and Propeller controls and cyber security Administration
    Specific ARAC recommendations relevant to engine and
    propeller controls
    • Recommendation 14: The ASISP working group recommends
    that the FAA undertake rulemaking to update 14 CFR 33.28 to
    establish information security protection for engines.
    • Recommendation 15: The ASISP working group recommends
    that the FAA undertake rulemaking to update 14 CFR 35.23 to
    establish information security protection for propellers.
    • Guidance Material – Engines and Propeller Systems
    • Field-loadable software for engines or propeller systems that is directly
    loadable using ground support equipment should contain authentication
    mechanisms for off-aircraft handling that are separately demonstrated under
    14 CFR Part 33 or 14 CFR Part 35.

    Federal Aviation 8
    Engine and Propeller controls and cyber security Administration
    FAA proposal/request
    • Are cyber security concerns with respect to the 14
    CFR 33.28 and 35.23 controls rules and associated
    guidance material an appropriate topic for the
    SAE E-36 committee to consider?
    • If “yes,” the FAA requests these deliverables from
    SAE E-36:
    • A recommendation from SAE E-36 regarding whether or not
    §§ 33.28 or 35.23 are adequate as written to mandate an
    acceptable level of safety with respect to engine and
    propeller control cyber security.
    • A recommendation from SAE E-36 regarding whether or not
    associated guidance material should be updated to address
    cyber security
    • If “yes,” the FAA requests suggested additions or modifications to
    the appropriate advisory circulars.

    Federal Aviation 9
    Engine and Propeller controls and cyber security Administration

    You might also like