ACySS - Aviation Cyber Security Study

The project "Aviation Cybersecurity Study" (ACySS) focuses on applying current attack techniques to an avionics network to analyze its security. Modern commercial aircraft such as the Airbus A380 or the Boeing 787 primarily use the network technology Avionics Full-Duplex Switched Ethernet (AFDX). Alternative developments for safety-critical communications feature Time-Triggered Ethernet (TTEthernet). The critical data traffic in the airplane is regulated by AFDX switches, which are based on the IEEE 802.3 Ethernet networking standard, but with additional Quality of Service (QoS) features. Throughout the aircraft, essentially one network exists as a communications backbone. Critical elements such as flight control (cockpit domain), therefore, share the same network as the cabin control (cabins domain) or the in-flight entertainment system (IFE) (passenger domain). The aim of this project is to verify the safety of the avionics network based on AFDX and TTEthernet by performing and comparing actual cyber attack methods. For this purpose, a small-scale testbed is to be established to simulate the different domains (critical / non-critical). By way of the tested, it will be examined whether it is possible, through manipulation of the network starting from the non-critical region of the passenger/cabins domain, to produce malfunctions that may go as far as to control the critical cockpit domain. The results generated from these investigations should provide clues for a possible revision of the network design and its applications. The landing gear control would be such an application. Furthermore, special attention is paid to safety measures for possible security updates. Finally, the project should raise awareness of potential attacks against the avionic system through the Internet, which is accessible by WIFI provided on modern airplanes and counter-measures to block those effectively.