Identifying security gaps using simulated attacks on avionic networks


The project Aviation Cyber Security Study (ACySS) used current cyber attack techniques to analyse the security level of an avionic network. The research project was carried out in an interdisciplinary collaboration between two FH JOANNEUM institutes: the Institute of Aviation was responsible for project management, while the Institute of Internet Technologies & Applications provided IT security input.

The project funded by the Austrian Research Promotion Agency (FFG) under the Take Off Programme was concluded in 2018.

Modern commercial aircraft such as the Airbus A380 or the Boeing 787 are equipped with Avionics Full-Duplex Switched Ethernet (AFDX) network technology. Alternative developments for safety-critical communications feature Time-Triggered Ethernet (TTEthernet).

Critical data traffic in the aircraft is regulated by network switches, which are based on the IEEE 802.3 Ethernet network standard and are equipped with additional Quality of Service (QoS) features. One network acts as the communications backbone for the entire aircraft. This means that critical elements such as flight control (cockpit domain) use the same network as the cabin control (cabin domain) or the in-flight entertainment system (passenger domain).

The aim of the project was to verify the security of the avionics network based on AFDX and TTEthernet by simulating cyber attacks. A small-scale testbed was set up to simulate the different domains. The testbed was used to test potential network manipulations starting from the non-critical passenger and cabin domains in order to subsequently generate malfunctions that may even include control of the critical cockpit domain.

The results generated from this research provided clues for a possible revision of the network design and applications such as landing gear control via the network. Special attention was also paid to safety measures for possible security updates.