Cyber safety and security for reduced crew operations (RCO)

NASA and the Aviation Industry is looking into “reduced crew operations” (RCO) that would cut today's required two-person flight crews down to a single pilot with support from ground-based crews. Shared responsibility across air and ground personnel will require highly reliable and secure data communication and supporting automation, which will be safety-critical for passenger and cargo aircraft. This paper looks at the different types and degrees of authority delegation given from the air to the ground and the ramifications of each, including the safety and security hazards introduced, the mitigation mechanisms for these hazards, and other demands on an RCO system architecture which would be highly invasive into (almost) all safety-critical avionics. The adjacent fields of unmanned aerial systems and autonomous ground vehicles are viewed to find problems that RCO may face and related aviation accident scenarios are described. The paper explores possible data communication architectures to meet stringent performance and information security (INFOSEC) requirements of RCO. Subsequently, potential challenges for RCO data communication authentication, encryption and non-repudiation are identified. The approach includes a comprehensive safety-hazard analysis of the RCO system to determine top level INFOSEC requirements for RCO and proposes an option for effective RCO implementation. This paper concludes with questioning the economic viability of RCO in light of the expense of overcoming the operational safety and security hazards it would introduce.

[1]  Kevin Driscoll BeepBeep: Embedded Real-Time Encryption , 2002, FSE.

[2]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[3]  B. Hall,et al.  The real Byzantine Generals , 2004, The 23rd Digital Avionics Systems Conference (IEEE Cat. No.04CH37576).