safely connecting ais & pies domains - - aviation … · 2017-06-12 · safely connecting ais...

Safely Connecting AIS & PIES Domains -

PROPRIETARY LEGEND: THIS IS CONFIDENTIAL AND PROPRIETARY INFORMATION OF TELEDYNE CONTROLS AND MAY NOT BE USED OR DISCLOSED BY THE RECIPIENT WITHOUT THE PRIOR WRITTEN CONSENT OF

TELEDYNE CONTROLS AND THEN ONLY IN ACCORDANCE WITH SPECIFIC WRITTEN INSTRUCTIONS OF TELEDYNE CONTROLS. BY RECEIPT HEREOF, IN ADDITION TO ANY OBLIGATION THE RECIPIENT HAS UNDER ANY

CONFIDENTIALITY AGREEMENT WITH TELEDYNE CONTROLS, NEITHER RECIPIENT NOR ITS AGENTS, REPRESENTATIVES OR EMPLOYEES WILL COPY, REPRODUCE OR DISTRIBUTE THIS INFORMATION, IN WHOLE OR IN

PART, AT ANY TIME, WITHOUT THE PRIOR WRITTEN CONSENT OF TELEDYNE CONTROLS AND THAT IT WILL KEEP CONFIDENTIAL ALL INFORMATION CONTAINED HEREIN.

Approaches and benefits of sharing Aircraft Networked resources

Safely Connecting AIS & PIES Domains -

William Cecil, 26 March 2015

• The Aircraft Data Domains

• Domain Interconnection

• Securing the Domains

• Benefits of Connecting Domains

• Glimpse into the Future

Agenda

Use shall be in accordance with the Title page of this presentation.

08/15/2013 2

• Glimpse into the Future

• Conclusion

The Aircraft Data Domains

There are four aircraft data domains as defined in the industry:

• ACD – Aircraft Controls Domain

• AISD – Aircraft Information Systems Domain

• PIESD – Passenger Information & Entertainment Systems Domain

• PODD – Passenger Owned Devices Domain

The Aircraft Data Domains


08/15/2013 4

• PODD – Passenger Owned Devices Domain

AC

AISPOD & PIES

Messaging, Applications & Systems by Domain

PODPIESAISAC

• AIR TRAFFIC SERVICE (ATS)


08/15/2013 5

• AIR TRAFFIC SERVICE (ATS)

• ACARS COMMUNICATIONS

• CMU / ATSU

• VDR

• SDU

• FLIGHT GUIDANCE

• NAVIGATION / SURVEILLANCE

• FLIGHT MANAGEMENT


PODPIESAISAC

• AIRCRAFT OPERATIONS CONTROL (AOC)


08/15/2013 6

• AIRCRAFT OPERATIONS CONTROL (AOC)

• AIRLINE ADMINISTRATIVE CONTROL (AAC)

• FAULT MONITORING

• HEALTH MONITORING

• ELECTRONIC FLIGHT BAG

• CREW PORTABLE DEVICES

• TABLETS, LAPTOPS, MOBILE PHONES

• AIRPORT SURFACE COMMMUNICATIONS

• GATELINK

• CELLULAR


PODPIESAISAC

• AIRLINE PASSENGER


08/15/2013 7

• AIRLINE PASSENGER

COMMUNICATIONS (APC)

• CABIN MANAGEMENT

• IN FLIGHT ENTERTAINMENT

• CREDIT CARD TRANSACTIONS

• WIFI INTERNET

• GSM ON BOARD


PODPIESAISAC

• MOBILE PHONES


08/15/2013 8

• MOBILE PHONES

• TABLETS

• LAPTOPS

Domain Interconnection

No Connections between Domains

PODPIESAISAC


08/15/2013 10

COMPLETE SEPARATION BETWEEN DOMAINS

• ULTIMATE FOR EACH DOMAINS OWN SECURITY

• NO SHARING OF RECOURCES BETWEEN DOMAINS IS POSSIBLE

Limited Connections between Domains

PODPIESAISAC

Cabin CrewCabin Crew


08/15/2013 11

• TIGHTLY CONTROLLED CONNECTIVITY BETWEEN AC / AIS / PIES DOMAINS

• TYPICALLY “READ-ONLY” ACCESS TO HIGHER DOMAINS VIA ARINC BUS

• LIMITED USE OF ETHERNET OR IP BETWEEN DOMAINS

• LIMITED SHARING OF RECOURCES BETWEEN DOMAINS OCCURS

• INCREASINGLY ATG and SATCOM BROADBAND IP SYSTEMS ARE BEING

INSTALLED IN THE PIES DOMAIN

• PODs CONNECTED TO PIES DOMAIN USING WiFi (IP)

• PRIMARILY FOR PASSENGERS, NOT CREW

Domain Interconnection Future Trend

PODPIESAISAC

Flight CrewFlight Crew Cabin CrewCabin Crew

Maintenance CrewMaintenance Crew


08/15/2013 12

• “READ-ONLY” ACCESS FROM AIS TO AC DOMAIN

• PODs CONNECTED TO PIES DOMAIN USING WiFi (IP)

• AIS DOMAIN EXTENDED TO WiFi TO SUPPORT CREW PORTABLE DEVICES

• AIS DOMAIN AND PIES DOMAINS CONNECTED BY ETHERNET (IP)

• ENABLING SHARING BETWEEN AIS AND PIES NETWORKED RESOURCES

Securing the Domains

Security Concerns are Valid

ACD

PIES & POD


08/15/2013 14

AIS

PIES & POD

There must be a way?

• Aircraft Network Security planning and processes

• Guidance material from manufacturers

• New processes required

• Security Vulnerability Analysis

• Security Risk assessments

• IP Firewalls

• Policies, Certificates, Secure Tunnels

Approaches for Defending the Domains


08/15/2013 15

• Policies, Certificates, Secure Tunnels

• Defense in Depth

• Multiple layers of security and firewalls

• Attack monitoring

• Logging and reporting

Security Evaluation Assurance Level (EAL) is

as critical as Design Assurance Level (DAL)

Benefits of Connecting the Domains –

“A Personal Vision of Things to Come”“A Personal Vision of Things to Come”

Data Link Cost by Domain TODAY

PODPIESAISAC

• AIR TRAFFIC SERVICES (ATS) via ACARS


08/15/2013 17

• AIR TRAFFIC SERVICES (ATS) via ACARS

• VHF, VDL2, HF Data, Classic Aero Satcom Data, Iridium

• CPDLC application

• FANS application

• $200 - $1000 per Mega Byte (MB)


PODPIESAISAC

• AIRCRAFT OPERATIONS CONTROL (AOC) via ACARS


08/15/2013 18

• AIRCRAFT OPERATIONS CONTROL (AOC) via ACARS

• AIRLINE ADMINISTRATIVE CONTROL (AAC) via ACARS

• $100 - $1000 per MB

• Ground based AOC:

• AVIONICS SOFTWARE DISTRIBUTION

• BLACK BOX (QAR) DOWNLOADING

• 2G / 3G / 4G Cellular <1c per MB

Orders of Magnitude Cost Comparison

between ACARS and Cellular


PODPIESAISAC

• AIRCRAFT PASSENGER


08/15/2013 19

• AIRCRAFT PASSENGER

COMMUNICATIONS (APC) via ACARS

• $200 - $1000 per MB


PODPIESAISAC

• PASSENGER


08/15/2013 20

• PASSENGER

INTERNET ACCESS:

• Ku <20c per MB

• Ka <10c per MB

Orders of Magnitude Cost Comparison

between ACARS and Ku, Ka, ATG for Pax

AIS Flight Data via PIES In-flight Broadband

•• Swift BroadbandSwift Broadband

•• (ATG)(ATG)

•• KuKu

•• KaKa

•• DFDAUDFDAU

•• ACMSACMS

•• CMCCMC

Airline Airline

OperationsOperations


08/15/2013 21

PIESAIS

RealReal--Time Flight Data Applications:Time Flight Data Applications:

-- Telemetry, Health MonitoringTelemetry, Health Monitoring

-- Enhanced Flight TrackingEnhanced Flight Tracking

-- Black Box, Triggered TransmissionBlack Box, Triggered Transmission


ACARS AOC over IP in Flight

Broadband IPBroadband IP

IP RouterIP RouterACARS Router ACARS Router


08/15/2013 22

AIS PIES

ACARS over IP Benefits:ACARS over IP Benefits:

-- Enables unlimited AOCEnables unlimited AOC

-- Reduces burden on VDL2Reduces burden on VDL2

-- May improve CPDLC performance (indirectly)May improve CPDLC performance (indirectly)

Airline OperationsAirline Operations

ACD

ACARS AOC over IP on Airport Surface

AIS

Broadband IPBroadband IP

Airline Airline


ACD3G 3G

4G4G

GSMGSM

IP Router & Cellular ConnectivityIP Router & Cellular ConnectivityACARS Router ACARS Router


08/15/2013 23

AISACD

ACARS over IP Benefits are the same as for in flight except ACARS over IP Benefits are the same as for in flight except

bbenefits on ground are greater:enefits on ground are greater:

-- Majority of AOC traffic by volume is sent on ground:Majority of AOC traffic by volume is sent on ground:

-- has greater potential to reduce VDL2 network loadhas greater potential to reduce VDL2 network load

-- Cost of transmission of cellular is at least 10x less than in airCost of transmission of cellular is at least 10x less than in air

AIS Operations Data connectivity via PIES In-flight Broadband

Swift BroadbandSwift Broadband

KuKu

KaKa

ATGATG

Electronic Flight BagElectronic Flight Bag

(Installed, Portable)(Installed, Portable)

Airline Airline



08/15/2013 24

PIESAIS

Flight Operations Applications:Flight Operations Applications:

-- RealReal--Time Graphical WeatherTime Graphical Weather

-- Electronic Tech LogElectronic Tech Log

-- Crew Crew –– Ops Instant MessagingOps Instant Messaging


PIES Content Delivery via AIS Airport Surface Data Link

PIESAIS

Terminal Wireless (TWLU)Terminal Wireless (TWLU)

Wireless GroundLink (WGL)Wireless GroundLink (WGL)

IFE Content Loaders / ServersIFE Content Loaders / Servers

Cabin Management SystemsCabin Management Systems

3G 3G


08/15/2013 25

PIESAIS

Cabin / IFE Terminal Area Applications:Cabin / IFE Terminal Area Applications:

-- Content DeliveryContent Delivery

-- Remote Content ManagementRemote Content Management

-- Cabin / IFE System Usage downloadsCabin / IFE System Usage downloads

-- Cabin Cabin / IFE System Updates/ IFE System UpdatesCabin / IFE Content Distribution ServicesCabin / IFE Content Distribution Services

3G 3G

4G4G

WiFiWiFi

• There is increasing equipage of aircraft connectivity systems often for

single applications in one domain

• These connectivity systems can be used by applications

• Security concerns are being addressed to enable cross-domain

connections

Conclusion


08/15/2013 26

connections

The benefits of sharing Aircraft Networked Resources

across the Domains are immense!

Contact:

William Cecil

Director, Business Development

Wireless & Data Automation Solutions

Teledyne Controls

Phone: +1 847 962 6126

Email: [email protected]

Thank you for your attention!


08/15/2013 28

safely connecting ais & pies domains - - aviation … · 2017-06-12 · safely connecting ais...

Documents