Price: $3,999.00

Length: 3 Days
Print Friendly, PDF & Email

Aviation Cybersecurity Training Bootcamp

The aviation industry, like the rest of the world, is becoming more and more interconnected, which increases attack vectors to gain entry into systems. While disrupting air traffic and crippling the economy is frightening enough, the greater fear is that hackers could crash airplanes or make them vanish from radarscopes.

While many commercial businesses, such as the banking and healthcare industries, have beefed up cybersecurity measures, many cybersecurity experts believe the aviation industry needs to do more to keep pace citing painfully little research done regarding cyber vulnerabilities on aircraft.

Experts believe there needs to be consistent and constant red teaming and vulnerability assessments based on overall system risk, which keeps pace with the ever-evolving threat. It makes sense to scan for malware and vulnerabilities as part of doing routine maintenance checks, even make it part of the preflight checklist.

Others would like to see the aviation industry implement a layered approach to cybersecurity, which use several defense mechanisms such as access restrictions, two-factor authentication, encryption, proactive threat hunting, insider threat monitoring, and managed detection and response. 

It’s generally believed that airports can do a better job of protecting their passengers, data and equipment by implementing additional cybersecurity measures, such as:

  • Training and evaluating staff — While virtuoso hackers do exist and they do commit cybercrimes, about 90% of all cyberattacks are the result of human error. All manner of mistakes can expose systems to outside exploits. People make foolish decisions with their passwords. They accidentally lose their laptops or phones in public places. They get disgruntled and negligent.
  • Create a Reactionary strategy – There should be a plan in place for what to do in the event of a breach. Recent history is littered with the stories of companies that failed to respond appropriately to a cyberattack.
  • Map Data Flow and Monitor Activity — Airports can only identify and respond to cyberattacks when they are actively looking for such attacks. This process starts with an updated analysis of an organization’s data flow. With your network fully mapped, you can monitor all possible access points and appropriately log user activity. With detailed monitoring and logging of user activity, your organization can respond to cyberattacks as they’re happening.

Fighting technology with technology is also on the drawing boards. One solution, the Cyber Intrusion Detection System, is a cyberattack warning system that alerts pilots if anything on the aircraft has been hacked or is doing something it shouldn’t. This could be available to commercial and military markets within the next couple of years.

This warning system could also be especially useful for military pilots. During military operations, a cyberattack on an aircraft could trick pilots into not trusting their instruments and aircraft. If they don’t trust their aircraft, then their mission fails. The cyberattack could be very subtle such as an alarm going off at a critical time during a weapons release run. The pilot might miss an opportunity and have to circle back, exposing themselves to a greater threat from the ground.

Also, malware could be introduced through the supply chain, since aircraft parts are manufactured by many different sources around the world.

The detection system would look for anomalies on the specialized aircraft networks called buses. These communication systems control, monitor and transfer data between different electronic components in the aircraft and remote terminals. Many devices connect to those buses, such as annunciators, flaps, lights and landing gear. The cyber warning system would detect if a component aboard is “misbehaving” or suddenly appears when it shouldn’t.

Aviation Cybersecurity Training Bootcamp Course by Tonex

Aviation Cybersecurity Training Bootcamp is a cybersecurity oriented aviation training covering civilian and military aircraft cybersecurity and operation analysis including: airworthiness security DO-326A/ED 202A, information and data, mission, networks, technology, embedded avionics systems and the holistic system security engineering problem 360 degree.

Modern  aircraft platforms  are  at  increasing  risk  of  cyberattack  from  sophisticated  adversaries.  These  platforms  do  not  currently  provide  the  situational  awareness  necessary  to  identify  when  they  are  under  cyberattack, nor to detect that a constituent subsystem may be in a compromised state.

Course Topics and Agenda

Introduction to Aviation Systems and Security Chain

  • Aviation 101
  • Service and Performance Requirements
  • Aviation Network and System Architecture
  • Architectural Components
  • Aviation Security chain
  • System and Software Design
  • Software Tools
  • PKI
  • Maintenance and Operation Procedures
  • FAA AC 25.1309-1A and EASA AMC 25.1309
  • SAE ARP 4754A/ED-79A, DO-178C/ED-12C, and DO-254/ED-80 and with the advisory Development of security requirements

Aviation Cybersecurity

  • Aviation Systems Attacks
  • Uniquely Network Concerns
  • Reliability and Security
  • Role of Obscurity
  • Threat Assessment
  • Attackers and Assets
  • Attack Surface
  • Attack Trees
  • Security Policy
  • Aviation System Vulnerabilities
  • Backdoors
  • Denial of Service (DOS)
  • Defensive Architectures
  • Combating Complexity
  • Defensive Hardware Interfaces
  • Public Key Cryptography (PKI)
  • Protecting Data In Motion
  • Secure Software Process

Cyber Threats to Aviation and Avionic Systems

  • Cyber Espionage
  • Cyber Exploitation And Access Operations
  • Cyber Attacks On Ground Systems
  • Cybersecurity Risk Mitigation For Ground Systems
  • Cybersecurity Compliance
  • Cybersecurity In Acquisition
  • Cybersecurity In Operations
  • Analysis of Most Relevant Threat Sources for Aviation and Avionic Systems

Aviation System Vulnerability Analysis

  • Aviation System and Network Attacks
  • Exploiting Aviation Systems and Devices
  • The Stages of System Exploitation
  • Initial Reconnaissance
  • Exploitation
  • Firmware Unpacking and Modification
  • Detecting
  • Extracting
  • Analysis
  • Modification and Creation of new firmware
  • Hacking/exploitation techniques, tools and entry points
  • Defensive technologies

Aircraft Cybersecurity Criticality Analysis

  • Civilian and military aircraft system security engineering, program and project management
  • Military aircraft operation, mission planning, intelligence gathering, and information and data assurance
  • Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication
  • Aircraft availability, integrity, authentication, confidentiality, and nonrepudiation
  • Information, data, mission, and embedded avionic system threats and mitigation
  • Analysis of aircraft security design and engineering vulnerabilities
  • Recommendations for system changes, to eliminate or mitigate vulnerabilities through engineering and design, any characteristics that could result in the deployment of systems with operational security deficiencies
  • Physical security or physical attacks on the aircraft (or ground element)
  • Security engineering and development of programs and design-to-specifications providing life-cycle protection for critical resources
  • Airport, Airline or Air Traffic Service Provider security
  • Access to airplanes, ground control facilities, data centers, mission planning, security key distribution, avionic data buses etc.)
  • Communication, navigation, and surveillance services managed by national agencies or their international equivalents (e.g., GPS, SBAS, GBAS, ATC communications, ADS-B)
  • Analysis and assessment of Cyber Threats (additions to DO-178C, ED-12C, and ARP4754A)
  • Civilian and military aircraft system security engineering and Anti-Tamper (AT) Activities
  • Threat of intentional unauthorized electronic interaction
  • Civilian and military aircraft safety Standards

Mitigation of the aviation/aircraft safety effects of Intentional Unauthorized Electronic Interaction (IUEI)

  • Security applied to continued airworthiness: DO326A, ED202A, DO-356A and ED-203A, DO-355/ED-204, ED-201, DO-355/ED-204 and DO-356A / ED-203A
  • Hardware Assurance (HwA)
  • The level of confidence that hardware
  • Assessment of electronic components such as integrated circuits and printed circuit boards, functions
  • Assessment of vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system’s hardware throughout the life cycle.
  • Software assurance (SwA)
  • Software vulnerabilities
  • Anti-tamper (AT)
  • Systems engineering activities intended to prevent or delay exploitation
  • Assessment of configurations to impede countermeasure development, unintended technology transfer, or alteration of a system due to reverse engineering
  • Supply Chain Risk Management (SCRM)
  • Risks, sabotage, maliciously introduce unwanted function
  • Design integrity, manufacturing, production, distribution, installation, operation or maintenance of a aircraft system
  • Surveil, deny, disrupt, or otherwise degrade the function
  • Software data loading equipment for all types of aircraft
  • ARINC 615A – Software Data Loader Using Ethernet Interface
  • ARINC 667 – GUIDANCE FOR THE MANAGEMENT OF FIELD LOADABLE SOFTWARE
  • ARINC 811 – COMMERCIAL AIRCRAFT INFORMATION SECURITY CONCEPTS OF OPERATION AND PROCESS FRAMEWORK
  • Protecting Military Avionics Platforms from Attacks on MIL-STD-1553 Communication Bus
  • Protecting Civilian Avionics Platforms from Attacks on ARINC 429 Communication Bus
  • System security policy
  • Tempest
  • Encryption
  • Trusted message routing and control design
  • Effects of malware on infected devices and the logical effects of external system

System and Network Attacks

  • Exploiting Systems and Devices
  • The Stages of System Exploitation
  • Initial Reconnaissance
  • Exploitation
  • Firmware Unpacking and Modification
  • Detecting
  • Extracting
  • Analysis
  • Modification and Creation of new firmware
  • Hacking/exploitation techniques, tools and entry points
  • Defensive technologies

Cybersecurity Attacks and Best Mitigation Practices for Aviation Systems

  • Non-Invasive Hardware Reverse Engineering
  • Component identification
  • Interface Analysis
  • Communications Protocols Sniffing
  • Decoding and Deciphering Captured Bits
  • Critical Data Identification and Detection
  • Component Removal and Replacement
  • Electronics and Circuit analysis
  • Security Measures

Risk Management Framework (RMF) Applied to Aviation and Avionic Systems

  • Functions
  • Category
  • Subcategory
  • Application
  • Difficulty
  • Effectiveness
  • Assessment of Aviation Critical Security Controls
  • Inventory of Authorized and Unauthorized Avionics Devices
  • Inventory of Authorized and Unauthorized Software.
  • Secure Configurations for Hardware, Software and Firmware
  • Continuous Vulnerability Assessment and Remediation.
  • Controlled Use of Administrative Privileges
  • System Maintenance, Monitoring, and Analysis of Audit Logs
  • Protections
  • Malware Defenses
  • Limitation and Control of Networks, Protocols, and Services
  • Data Recovery Capability.
  • Secure Configurations for Avionics Devices
  • Aviation Boundary Defense.
  • Data Protection.
  • Controlled Access
  • Account Monitoring and Control.
  • Security Skills Assessment
  • Aviation Application Software Security
  • Incident Response and Management.
  • Penetration Tests and Red Team Exercises

Case Studies and Workshops

  • Analysis of Cybersecurity Cases Aviation Systems
  • Design Process
  • System CONOPS
  • Mission objectives
  • Test and Evaluation
  • Threat Analysis
  • System Design and Security Requirements
  • System Implementation Security
  • Attack surface
  • Physical Attack Surface
  • Aviation software, hardware and firmware analysis
  • Attack types against Aviation and wireless communications protocols, buses, terminals, embedded operating systems, applications
  • Automated Threat Modeling
  • Threat Modeling
  • Threat Modeling Methodologies
  • Threat Modeling Software
  • Threat Modeling Tools
  • Mitigation approaches and techniques
  • Hacking/exploitation techniques, tools, and entry points
  • Trust hardware and software components
  • Risk Assessment
  • Control Plan
  • Mitigation

Tonex Aviation Cybersecurity Assessment

  • Evaluate your aviation system security vulnerabilities
  • Assessing cyber-related information and control systems to relevant regulations, standards and guidance
  • Gap analysis to unveil security holes
  • real-time situational awareness
  • Insider and external threat protection
  • System hardening and active defenses for comprehensive protection of Aviation system environment
  • Aviation cybersecurity patching

 

Aviation Cybersecurity Training Bootcamp

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.