SAE T-132-2017 Commercial Aviation and Cyber Security A Critical Intersection.pdf

1、 Commercial Aviation and Cyber Security: A Critical IntersectionFor more information or to order a book, contact: SAE INTERNATIONAL400 Commonwealth Drive Warrendale, PA 15096Phone: +1.877.606.7323 (U.S. and Canada only) or +1.724.776.4970 (outside U.S. and Canada)Fax: +1.724.776.0790Email: CustomerS

2、ervicesae.orgWebsite: books.sae.orgCommercial Aviation and Cyber Security: A Critical IntersectionKirsten M. KoepselWarrendale, Pennsylvania, USA400 Commonwealth DriveWarrendale, PA 15096E-mail: CustomerServicesae.orgPhone: +1.877.606.7323 (inside USA and Canada)+1.724.776.4970 (outside USA)Fax: +1.

3、724.776.0790Copyright 2017 SAE International. All rights reserved.No part of this publication may be reproduced, stored in a retrieval system, distributed, or transmitted, in any form or by any means without the prior written permission of SAE. For permission and licensing requests, contact SAE Perm

4、issions, 400 Commonwealth Drive, Warrendale, PA 15096-0001 USA; e-mail: copyrightsae.org; phone: 724-772-4028; fax: 724-772-9765.Printed in the United States of AmericaISBN-Print 978-0-7680-8279-1ISBN-PDF 978-0-7680-8386-6ISBN-epub 978-0-7680-8388-0ISBN-prc 978-0-7680-8387-3Library of Congress Catal

5、og Number 2016951264SAE Order No. T-132http:/dx.doi.org/10.4271/t-132Information contained in this work has been obtained by SAE International from sources believed to be reliable. However, neither SAE International nor its authors guarantee the accuracy or completeness of any information published

6、herein and neither SAE International nor its authors shall be responsible for any errors, omissions, or damages arising out of use of this information. This work is published with the understanding that SAE International and its authors are supplying information, but are not attempting to render eng

7、ineering or other professional services. If such services are required, the assistance of an appropriate profes-sional should be sought.To purchase bulk quantities, please contactSAE Customer Servicee-mail: CustomerServicesae.orgphone: +1.877.606.7323 (inside USA and Canada)+1.724.776.4970 (outside

8、USA)fax: +1.724.776.0790Visit the SAE International Bookstore atbooks.sae.orgvTable of ContentsChapter 1Introduction to U. S. Commercial Aviation and Cyber Security 1Chapter 2History and Evolution13Chapter 3Reducing Threats and Cyber Attacks39Chapter 4Risk Management59Chapter 5The Next Five Years 71

9、Chapter 6Conclusion83About the Author.91vi 1Introduction to U. S. Commercial Aviation and Cyber Security Chapter 1Introduction to U. S. Commercial Aviation and Cyber Security Over the past several years, frequent airline travelers may have noticed that 1111111111 1,related materials such as crew inf

10、ormation, dispatch lists, passenger lists, aircraft 111 111W,W1111 111111111 1111 1111111W,X1W,Y111 11111111,11111 11111111111 1,1111111111111 11111 111111 141111111111114 1 11111111111 111111111111 1W,Z1.1 Commercial Aviation11W1W_VY11111 11 ,1111111111 11111 1X111_11W,11111 11 111,1XV11111111 1111

11、W,11111 111 1111equipment and services, airports or landing areas, aeronautical charts, informa,111111 1111 111 111 111 111W,1111111111 11W,11111 1111W_1 1111111111 1,11111W,1 1W_111111 12Chapter 1111111 1,1111 11111 1 1111111W,111111111111 111W, XZ1,11, 1Y1,1 XXVVV111111 VVVV11 WZVV1111W,_ V111 cre

12、dit cards only used in purchase of beverages, food, or duty-free items. Can send information on inventory available on flights.PassengerAccess to in-flight entertainment or the internet (e-mail or instant message). Able to receive messages about changes to itineraries such as new tickets or gate cha

13、nges.111,11111, 11 11111111111 111111,1111 11 111 11111111 111,11X, Malware infecting an aircraft system 4111 11111 Denial of service of wireless interfaces 1111,1 Misuse of personal devices that access aircraft systems 11,1 111111 16 Chapter 2111111111111 1111 11 1111 1111111 1 1111 1111111,1 11111

14、1112.2 Next Generation Air Transportation System11 1111 111111 1WV,W11WVV1,1111 1111 111 111X,WZ11 1111111111 11111111 11 ,11 1 1111111 1 11 11 1X,W1111 11111,11111111 111111111 2.3 Air Traf_f_ic Control111111111111111 111 1 1111 1111X,W11WVV11111111 11111 1111 they tend to target country infrastruc

15、ture, military, utilities, or financial sectorsEmployees Can be present or past and often seen as “insider threat” and hack due to employee unhappinessCyber fighters Nationally or politically motivated citizens, much like hacktivists11W_V1111 1 1141111XZ11111 1111111422 Chapter 2Table 2.4emspaceMode

16、s of Cyber AttacksYearCyber Crime/Cyber Attacks Description1970s Spam“The abuse of electronic messaging system to indiscriminately send unsolicited bulk messages” 2-33.1980s VirusesAll types of malware, including Trojans and other non-replicating malicious code 2-33.1980s WormsSelf-replicating malwa

17、re that spreads by placing copies of themselves in various parts of computers such as email attachments or instant messages or in shared folders 2-33.1980s “Trojan horse” software“A malicious program masquerading as something innocuous or even useful” 2-33.1980s RansomwareComputer system is infected

18、 with malware that does not allow the user to access files along with a demand for payment to release files to user 2-35.1990s Crimeware ”Malware with a common objective: obtain money or confidential information” 2-36. 1990s Rootkits“A set of tools used by an attacker after gaining root-level access

19、 to a host to conceal the attackers activities on the host, and permit the attacker to maintain root-level access to the host through covert means” 2-33. 1990s Phishing“Tricking individuals into disclosing sensitive personal information through deceptive computer-based means” 2-33.1990s Man-in-the-m

20、iddle attack“An attack on the authentication protocol run in which the Attacker positions himself in between the Claimant and Verifier so that he can intercept and alter data traveling between them” 2-33.23 History and EvolutionTable 2.4emspaceModes of Cyber AttacksYearCyber Crime/Cyber Attacks Desc

21、ription2000s Denial of service, distributed denial of service“The prevention of authorized access to resources or the delaying of time-critical operations. A denial of service technique that uses numerous hosts to perform the attack” 2-33.2000s BotnetsA network of compromised systems infected with b

22、ots or backdoors, which can be controlled centrally by a bot herder 2-37.2000s StuxnetMalicious computer worm designed to target specific computer operating systems, software, and programmable logic controllers 2-38.2000s Advanced persistent threat“An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception) 2-33.111141111111111111 11111111 111 1