A systems approach to software security in aviation

Author(s)
Helfer, Jonas
Thumbnail
DownloadFull printable version (4.789Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Nancy G. Leveson.
Terms of use
M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
Field Loadable Software in commercial aviation is indispensable for vital avionics functions yet its security has never been studied in depth. Due to the recent introduction of wireless software loading capabilities and Internet-connected in-flight entertainment systems along with several high-profile information security breaches in other sectors, the security of Field Loadable software has come under closer scrutiny. Conventional information systems security analysis approaches focus on finding and preventing vulnerabilities in the implementation of a system, but they are not designed to include the organizational "soft" components of a system. The aim of this thesis is to provide a comprehensive security analysis of Field Loadable Software that includes organizational aspects in order to find existing vulnerabilities and propose security constraints that would fix the vulnerabilities or prevent them from being exploited. A novel safety approach from safety engineering, called Systems Theoretic Process Analysis (STPA) was adapted and used to perform the security analysis of Field Loadable Software in commercial aviation. The analysis produced a simple systems model for Field Loadable Software and found that current regulations and practices are not sufficient: there several significant vulnerabilities in the way Field Loadable Software is currently designed and distributed. However, the analysis also showed that the vulnerabilities could be removed with the addition of simple technical measures and security constraints.
Description
Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2016.
 
Cataloged from PDF version of thesis.
 
Includes bibliographical references (pages 44-45).
 
Date issued
2016
URI
http://hdl.handle.net/1721.1/103744
Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Publisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.
Collections