ALTA DT- 1553 Network and Cyber Security Testing
APPLICATION NOTE: Legacy systems and networks pose especially unique challenges for cybersecurity policy, one of which is the MIL-STD-1553 multiplex data-bus communication protocol.
Cyber security refers to the protection of network-connected systems from unauthorized access. A military or commercial-derivative aircraft contains complex avionics; a system of systems. These embedded electronics are connected using various communication networks, and are always an amalgam of new and old designs. Legacy systems and networks pose especially unique challenges for cybersecurity policy, one of which is the MIL-STD-1553 multiplex data-bus communication protocol. First released in 1973, the MIL-STD-1553 protocol continues to be the command-and-control backbone for mission critical weapons systems on military aircraft. It remains in use today because it is deterministic, fault tolerant, and time-tested; but it was not designed to address contemporary cybersecurity issues, and so acts as an entry point for cyber threats.
APPROACHES TO RESILIENCY
To implement a complete, robust cybersecurity policy for 1553-based systems, we would ideally revise the protocol to include modern-day capabilities like authentication, encryption, and partitioning. However, this is impractical because it would not address the massive installed base of 1553 systems in operation; nor would it fully address newly designed platforms (F-35 Joint Strike Fighter, for example) that tend to use systems that couple modern networks with legacy 1553-based systems. MIL-STD-1760, last updated in 2007, is an aircraft-store interconnection spec that includes 1553 as a method of communication, and adds a checksum to 1553 messages. It is an improvement over 1553’s word parity only check, but does not provide the protection needed for modern cyber threats.
Instead, increasing the cyber resiliency of legacy embedded systems is a piecewise process of introducing new components to support artificial intelligence/machine learning (AI/ML) algorithms. These algorithms provide anomaly and intrusion detection, logging, warning, and possibly mitigation. There are two main approaches, both of which have difficult tradeoffs to manage.
Continue Reading White Paper here:
Contact your local VMA field engineer today if you need help or have any additional questions.