Supporting ‘eEnabled’ Aircraft: Exactly what Aviation Maintenance should Prepare For
E-enabled aircraft are changing not only the business of aviation, but the business of aviation maintenance, with the greatest adjustments still looming on the horizon. As everyone in the industry is well aware, aircraft are becoming more digital and more automated, and communicating more externally. This evolutionary change is driving many changes to how aircraft are designed, tested, secured and operated (with the greatest changes yet to come due to NextGen and SESAR), but also how to they will be maintained.
Flying the Friendly Skies in the 21st Century
Relatively recent industry developments such as GPS, WiFi, SatCom, RFID and eForms symbolize the change in how modern aircraft are becoming more ‘talkative.’ This increasing level of communications is driven primarily by the need to accommodate more aircraft safely in our skies, since automated communications used in ADS-B, GPS and other technologies provide for tighter flight routing and airport operations (along with other benefits). Crew use of non-automated communications like SatCom and crew and passenger Internet access can also affect information delivery and managedment
The other major set of benefits derived from these e-enabled aircraft is in the support area. The more you know about an aircraft — its present condition, what it has experienced, who did what to it and when — and the sooner you know it will increase the possibility of reducing operational costs. Note the term ‘possibility’ in the previous sentence, since it stands to reason that if whoever is charged with maintaining such an aircraft is not technically savvy — especially in relation to the information technology (IT) support systems used in MRO today — the reverse could actually happen. This article will touch on what the maintenance departments will need to be aware of in supporting e-enabled aircraft.
Defining eEnabled Aircraft: What Exactly Are They?
There is no singular definition for what exactly an e-enabled aircraft is, so this set of descriptions from various sources should provide a brief overview of what this increasingly-used term means:
1. An aircraft with some type of ‘network connections’ (i.e., higher-bandwidth data communications). These aircraft need some level of increased network security requirements in order to protect the data being sent and received. (As derived from RTCA/EUROCAE).
2. An aircraft that has one or more networks on board and requires a connection to external networks (airborne and/or ground based) to assist with its operation. (As derived from Speedbird_NCL.com blog)
3. Aviation is at the threshold of the era of the e-enabled airplane, brought about by the convergence of rapidly expanding worldwide data communication infrastructures, network-centric information processing, and commoditized lightweight computational hardware. With advanced avionics, processing and wireless communication capabilities, the e-enabled airplane can revolutionize the current air transportation system. (As derived from IEEE 2008 IEEE paper titled “Secure Operation, Control and Maintenance of Future e-Enabled Airplanes.”)
Essentially, the aviation industry is taking on technologies such as Ethernet-based networks, commercial wireless connectivity, and the need for cyber security protection of data and systems from the IT arena. The diagram on the next page was taken from a recent Airlines Electronic Engineering Committee (AEEC) publication and demonstrates some of the differing aircraft information security domains in next-generation aircraft:
The closed domain is the critical domain and encompasses primarily systems that control the operation of the aircraft. The private domain encompasses two distinct, but possibly connected areas: airline/operator information services and passenger information and entertainment services. The public domain is essentially passenger-owned devices which may interface to IFE or Internet-connected systems provided by the aircraft operator.
This model was identified in ARINC Report 811, Commercial Aircraft Information Security Concepts of Operation and Process Framework. This document was developed to better substantiate an understanding of aircraft information security for the industry, and provides an aircraft information security process framework relating to operational needs. It is highly recommended that anyone involved in managing, handling or maintaining e-enabled aircraft obtain a copy of this publication to better understand where the industry is headed, and what they should be doing about it.
Aviation Maintenance: An IT Background Will Be Needed
As these e-enabled aircraft begin to enter operator fleets in the coming years, personnel involved in supporting them will need to become increasingly literate in computer and networking technology. Not only will they need to troubleshoot and maintain networked devices and systems, but will also need to make use of increasingly networked support systems and various communications protocols, such as:
1. Wi-Fi: Also referred to as IEEE 802.11, which is a set of international standards for wireless local area network (WLAN) computer communication in the 2.4/3.6/5 GHz frequency bands. These standards originate from the IEEE LAN/MAN Standards Committee (aka IEEE 802) and provide the basis for wireless network products using the Wi-Fi brand name, which includes aviation industry uses.
• Protecting data sent over wireless networks is required, and those maintaining aviation systems with such capabilities will need to be savvier with Wi-Fi protected access (WPA, and the newer WPA2) standards, as well as the accompanying advanced encryption standard (AES). Expect more developments in relation to these types of security approaches. Encrypting data and authenticating who touches it are paramount.
• Other types of ‘wireless’ standards such as SatCom, cellular and Bluetooth also need attention, and each also has its own set of support requirements.
• Airport-based services that support Gatelink. Gatelink is an aircraft/ground IP communication mechanism that provides a secure communications link using Internet protocols (IP) to provide services between a parked aircraft and the ground IP network infrastructure. This type of service is just starting to enter commercial use.
2. Avionics Full-Duplex Switched Ethernet (AFDX): is a data network for safety-critical (aviation) applications that utilize dedicated bandwidth and is described specifically in the ARINC 664 Specification to define how commercial off-the-shelf networking components will be used for future-generation aircraft data networks (ADN). The six primary aspects of AFDX include:
• Full duplex
• High-speed performance
• Switched and profiled networks.
Prior to AFDX, ADN utilized primarily the ARINC 429 standard. ARINC 664 is defined as the next-generation ADN. Airbus Industries AFDX developed AFDX for the A380, initially to address real-time issues for flight-by-wire system development. Boeing has since accepted it and uses it on the Boeing 787 Dreamliner. It utilizes a cascaded star topology network, where each switch can be bridged together to other switches on the network. By utilizing this form of network structure, AFDX is able to reduce wire runs significantly and thus reduce overall aircraft weight.
3. Digital Identities/Certificates: with the greater use of software data loading and the use of distributed software/data delivery, those servicing aircraft will need to identify themselves digitally prior to ‘loading’ such information onto aircraft. Trusted identities will become the norm for the industry, and will become widespread as the remote data loading spreads and other business uses such as eForms replacing paper documents increase. Each of these functions typically requires some level of digital identity authentication or signatures.
4. Electronic Flight Bags (EFBs): with the increase in Class 1/2/3 EFBs, and the increase in use of COTS devices (PCs and iPads), those responsible for servicing these devices will increasingly have to not only support operating systems and applications, but also be well-versed in how to secure their contents from tampering and cyber attacks properly.
There are many other areas and devices to be concerned with, but these are some of the key technological areas to consider. Each of these product areas emanates from the IT industry, and as more IT developments affect aircraft and related ground systems, cyber security issues which originated in IT will also need to be handled accordingly in aviation.
Cyber Security Enters the Aviation Maintenance Lexicon
There have been various reports of virus and Malware attacking airline support systems in the past few years, but most of these may probably be attribute to lax IT standards rather than issues directly attributed to aviation support systems themselves. New processes will need to be introduced to how aviation maintenance personnel manage and protect information which moves to and from aircraft.
Some of the OEMs will require the use of trusted digital identities by personnel who load software onto aircraft, in order to authenticate who had performed such an action (and if they were authorized to do so), as well as for tracking purposes for the updated device/systems. With the advent of more updated data and code being transmitted around to remote locations for servicing systems, this type of security procedure will become more in vogue.
Aviation support personnel will need to be savvier with using Web-based systems and have a better command of Internet-driven applications. With more OEM and third-party applications being launched via ‘cloud-computing’ services, the market for MRO and support applications is shifting away from packaged and installed software to shared Internet-based services. This requires everyone to be more web savvy, computer literate and security aware.
While this may not be an issue for some, this may be a challenge for those who resist change. As we are in the midst of an evolutionary change in how aircraft are designed, operated and supported, this sea change will impact staff who are not prepared to adjust themselves to adapt to this new world order. The aviation industry tends to adopt new developments rather slowly due to our culture of safety, but this adoption of new IT-driven changes will force greater changes in an expedited manner.
We are at a crossroads as an industry, with a large installed base of legacy (previous-generation) aircraft being pushed by next-generation technological advancements in air traffic management, Web-based support systems, expansion in communications technologies use on aircraft, and now with the introduction of e-enabled aircraft entering service. This is a great time for those who seek new challenges to update their skill sets, prepare themselves to handle these newer systems, and continue the culture of safety in an e-enabled aviation environment.
John Pawlicki is CEO and principal of OPM Research. He also works with Virtual Security International (VSI), where he consults to the DOT’s Volpe Center, handling various technology and cyber security projects. He managed and deployed various products over the years, including the launch of CertiPath (with world’s first commercial PKI bridge). Pawlicki has also been part of industry efforts at the ATA and other related groups, and was involved in the effort to define and allow the use of electronic FAA 8130-3 forms. He recently completed his writing of the ‘Aerospace Marketplaces Report’ which analyzed third-party sites that support the trading of aircraft parts. For more information, visit OPMResearch.com.