1 research outputs found
Cybersecurity Engineering: Bridging the Security Gaps in Avionics Architectures and DO-326A/ED-202A
Urban Air Mobility is envisioned as an on-demand,
highly automated and autonomous air transportation modality.
It requires the use of advanced sensing and data communication
technologies to gather, process, and share flight-critical data.
Where this sharing of mix-critical data brings opportunities, if
compromised, presents serious cybersecurity threats and safety
risks due to the cyber-physical nature of the airborne vehicles.
Therefore the avionics system design approach of adhering to
functional safety standards (DO-178C) alone is inadequate to
protect the mission-critical avionics functions from cyber-attacks.
To approach this challenge, the DO-326A/ED-202A standard
provides a baseline to effectively manage cybersecurity risks
and to ensure the airworthiness of airborne systems. In this
regard, this paper pursues a holistic cybersecurity engineering
and bridges the security gap by mapping the DO-326A/ED-202A
system security risk assessment activities to the Threat Analysis
and Risk Assessment process. It introduces Resilient Avionics
Architecture as an experimental use case for Urban Air Mobility by
apprehending the DO-326A/ED-202A standard guidelines. It also
presents a comprehensive system security risk assessment of the
use case and derives appropriate risk mitigation strategies. The
presented work facilitates avionics system designers to identify,
assess, protect, and manage the cybersecurity risks across the
avionics system life cycle