Today the FAA published a final special condition standard
for Airbus Model A350-900 airplanes in the Federal Register (79 FR
53128-53129) concerned with electronic system-security protection from
unauthorized external access. The effective date for this action is today.
The FAA notes in their background discussion
to this action that “electronic system-network-security considerations and
functions have played a relatively minor role in the certification of such
systems because of the isolation, protection mechanisms, and limited connectivity
between the different network”. On this aircraft type, however, the Administrator found
that:
“The airplane-control domain and
operator-information-services domain perform functions required for the safe
operation and maintenance of the airplane. Previously, these domains had very
limited connectivity with external network sources. The network architecture
and configuration may allow the exploitation of network-security
vulnerabilities resulting in intentional or unintentional destruction,
disruption, degradation, or exploitation of data, systems, and networks
critical to the safety and maintenance of the airplane.”
Furthermore, the preamble acknowledges that:
“The existing regulations and
guidance material did not anticipate these types of airplane system
architectures. Furthermore, 14 CFR regulations and current system-safety
assessment policy and techniques do not address potential security
vulnerabilities, which could be exploited by unauthorized access to airplane
networks, data buses, and servers. “
The Special Conditions outline the following three control system
security requirements:
1. The applicant must ensure
airplane electronic system-security protection from access by unauthorized
sources external to the airplane, including those possibly caused by
maintenance activity.
2. The applicant must ensure that
electronic system-security threats are identified and assessed, and that
effective electronic system-security protection strategies are implemented to
protect the airplane from all adverse impacts on safety, functionality, and
continued airworthiness.
3. The applicant must establish
appropriate procedures to allow the operator to ensure that continued
airworthiness of the airplane is maintained, including all
post-type-certification modifications that may have an impact on the approved
electronic system-security safeguards.
At this time these requirements are only required for Airbus
Model A350-900 airplanes.
Posts
No comments:
Post a Comment