Towards Autonomous Aviation Operations: What Can We Learn from Other Areas of Automation?

Rapid advances in automation has disrupted and transformed several industries in the past 25 years. Automation has evolved from regulation and control of simple systems like controlling the temperature in a room to the autonomous control of complex systems involving network of systems. The reason for automation varies from industry to industry depending on the complexity and benefits resulting from increased levels of automation. Automation may be needed to either reduce costs or deal with hazardous environment or make real-time decisions without the availability of humans. Space autonomy, Internet, robotic vehicles, intelligent systems, wireless networks and power systems provide successful examples of various levels of automation. NASA is conducting research in autonomy and developing plans to increase the levels of automation in aviation operations. This paper provides a brief review of levels of automation, previous efforts to increase levels of automation in aviation operations and current level of automation in the various tasks involved in aviation operations. It develops a methodology to assess the research and development in modeling, sensing and actuation needed to advance the level of automation and the benefits associated with higher levels of automation. Section II describes provides an overview of automation and previous attempts at automation in aviation. Section III provides the role of automation and lessons learned in Space Autonomy. Section IV describes the success of automation in Intelligent Transportation Systems. Section V provides a comparison between the development of automation in other areas and the needs of aviation. Section VI provides an approach to achieve increased automation in aviation operations based on the progress in other areas. The final paper will provide a detailed analysis of the benefits of increased automation for the Traffic Flow Management (TFM) function in aviation operations

Identifying attack surfaces in the evolving space industry using reference architectures

The space environment is currently undergoing a substantial change and many new entrants to the market are deploying devices, satellites and systems in space; this evolution has been termed as NewSpace. The change is complicated by technological developments such as deploying machine learning based autonomous space systems and the Internet of Space Things (IoST). In the IoST, space systems will rely on satellite-to-x communication and interactions with wider aspects of the ground segment to a greater degree than existing systems. Such developments will inevitably lead to a change in the cyber security threat landscape of space systems. Inevitably, there will be a greater number of attack vectors for adversaries to exploit, and previously infeasible threats can be realised, and thus require mitigation. In this paper, we present a reference architecture (RA) that can be used to abstractly model in situ applications of this new space landscape. The RA specifies high-level system components and their interactions. By instantiating the RA for two scenarios we demonstrate how to analyse the attack surface using attack trees

Cyber-security internals of a Skoda Octavia vRS:a hands on approach

The convergence of information technology and vehicular technologies are a growing paradigm, allowing information to be sent by and to vehicles. This information can further be processed by the Electronic Control Unit (ECU) and the Controller Area Network (CAN) for in-vehicle communications or through a mobile phone or server for out-vehicle communication. Information sent by or to the vehicle can be life-critical (e.g. breaking, acceleration, cruise control, emergency communication, etc. . . ). As vehicular technology advances, in-vehicle networks are connected to external networks through 3 and 4G mobile networks, enabling manufacturer and customer monitoring of different aspects of the car. While these services provide valuable information, they also increase the attack surface of the vehicle, and can enable long and short range attacks. In this manuscript, we evaluate the security of the 2017 Skoda Octavia vRS 4x4. Both physical and remote attacks are considered, the key fob rolling code is successfully compromised, privacy attacks are demonstrated through the infotainment system, the Volkswagen Transport Protocol 2.0 is reverse engineered. Additionally, in-car attacks are highlighted and described, providing an overlook of potentially deadly threats by modifying ECU parameters and components enabling digital forensics investigation are identified

Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory