Feb. 28, 2022 | By Joanne Hignett
The importance of cybersecurity aboard military/government aircraft grows with every passing day. The combination of complex onboard computer systems, two-way connectivity to ground controllers via radio/SATCOM, and integration with defense IT networks make them prime targets for hackers.
Cybersecurity stakes are high when it comes to onboard networks. If an onboard network is compromised it could ground an entire fleet for weeks while cybersecurity professionals investigate the exact cause and weakness.
Eliminating or reducing the threat of a cyberattack on an aircraft, both military and civilian, requires developing a cybersecurity workforce and product that can continuously monitor data for anomalies and nefarious activity. There are solutions that defend and protect onboard networks and are available today.
“We make cybersecurity software and hardware platforms that defend an aircraft’s onboard network against cyber-attacks through continuous data monitoring and logging,” said Chris Bartlett, President of CCX Technologies. “We are the people who protect the protectors guarding the U.S. and other NATO member countries in the air.”
The Protective Power of SystemX
SystemX is CCX Technologies’ cyber defense and security software platform. It is designed to protect onboard aircraft avionics, networks, and systems from hackers at all times, thus improving an aircraft’s overall cybersecurity posture.
SystemX Aviation is a flexible cybersecurity system that can be integrated directly on CCX Technologies hardware, in the cloud, or on dedicated, secure third-party servers. It can be purchased as a standalone solution or integrated into CCX Technologies’ SystemX Military & Government cyber defense/cybersecurity software platform.
“A typical SystemX Aviation package includes our AP-250 Inline Cybersecurity Appliance Onboard Cybersecurity System, our SystemX Secure Server, and a set of DataPHYs to collect data from the network,” said Bartlett.
(The AP-250 is a small, standalone device that provides an easy way to add cyber defense, cybersecurity, and other secure networking services to deployed IT assets.) “SystemX Aviation is purpose-built to run autonomously or over bandwidth- and latency-restrictive communications links such as satellite and terrestrial radio. In addition, SystemX Aviation provides data monitoring and collection, configuration via remote access, and advanced firewall capabilities — all well-suited for protecting computer assets in the air.”
Combining Security and Ease of Use
SystemX marries the power of advanced cyber defense/cybersecurity with a platform that is easy to use. This is why CCX Technologies has designed SystemX to be controlled using a familiar browser-based GUI. When operators feel comfortable with a system’s GUI, they are more likely to use it to its full potential.
Compatible with most networked avionics equipment and systems, SystemX provides:
- A secure tunnel between networked appliances and servers
- Ethernet- and WiFi-based network monitoring
- An encryption key manager and secure API
- An advanced firewall
- Advanced IDS and IPS (Network Intrusion and Prevention Detection Systems)
- A complete Avionics Intrusion Detection System for avionics data, including ARINC 429/717, CAN Bus, MIL-STD-1553 and ARINC 664 AFDX (requires additional DataPHY hardware)
- Push Alerts and Rule-sets
- Quality of Service (QoS) tag support
- Secure upgrade, configuration, and logging facilities
Worth noting: The SystemX Avionics Intrusion Detection System monitors avionics databus traffic for unexpected anomalies, whether due to adversarial cyber activity or operational issues.
When such anomalies are detected, they are logged into a secure database to support fast analysis and counter-measures by the aircrew and/or operators on the ground.
Secure Cabin Comms
Achieving true aviation cybersecurity requires attention to all aspects of aircraft usage. This is why SystemX’s protection extends throughout the entire airframe using a secure stand-alone Cabin Router. Inside the aircraft, SystemX provides secure, monitored, and configurable interfaces between Personal Electronic Devices (PEDs) and the internet through external SATCOM terminals and integrated terrestrial radios (LTE and WiFi).
Onboard PED internet connectivity is managed by SystemX’s built-in Device Manager. It can be provisioned either by WPA Personal-based Access Points or by fully-managed WPA Enterprise-based Access Points with an integrated RADIUS server or proxy. The Device Manager can accept certificates issued by globally-accepted Certificate Authorities so that users aren’t required to install certificates on their PEDs. It can also enforce per-user data caps in flight, and restrict access to the system to specific pre-registered devices, just to be safe.
If a client chooses to use SystemX’s’ Integrated VPN (Virtual Private Network) feature, all internet-bound traffic from an aircraft can be routed through a ground-based SystemX server that provides encryption overall unencrypted (and easily intercepted) SATCOM interfaces. The VPN supports seamless WAN switching using a crypto-routing protocol. It uses a ground server’s static IP address to prevent signal interruptions when the aircraft’s router switches from one WAN interface to another.
CCX Technologies is constantly and consistently focussed on improving SystemX’s cyber defense/cybersecurity capabilities for its clients. This is why the company has built an Avionics Cybersecurity Lab, which is located at its Ottawa headquarters.
“Our Cyber Lab perpetually monitors avionics systems for cyber vulnerabilities,” said Bartlett. “As such, it conducts Penetration Testing and Cybersecurity Audits on these systems and their networks to proactively find weak spots and remedy them.”
CCX Technologies designs and builds custom avionics test racks for its clients’ own avionics test labs using the firm’s ARINC-600 19″ Rack Mount Adapter. Meanwhile, to provide further enhanced security to its military and government subscribers, this company offers unique services such as secure crew/passenger data for multi-mission vehicles, secure airtime, and remote technical support/real-time configurable alerts for rapid response.
The bottom line: “CCX Technologies’ goal is to provide our military/government clients with the best airborne cybersecurity possible,” concluded Chris Bartlett. “Their aircrews and passengers need to know that their aviation IT systems are safe and protected — whether they are flying Air Force One in a crisis or just moving freight from Point A to Point B.”