An efficient, secure and trusted channel protocol for avionics wireless networks

Avionics networks rely on a set of stringent reliability and safety requirements. In existing deployments, most of these networks are based on a wired technology, which supports these requirements. Furthermore, this technology simplifies the security management of the network since certain assumptions can be safely made, including the inability of an attacker to access the network, and the fact that it is almost impossible for an attacker to introduce a node into the network. The proposal for Avionics Wireless Networks (AWNs, currently under consideration by multiple aerospace working groups, promises a reduction in the complexity of electrical wiring harness design and fabrication, a reduction in the total weight of wires, increased customization possibilities, and the capacity to monitor otherwise inaccessible moving or rotating aircraft parts such as landing gear and some sections of the aircraft engines. While providing these benefits, the AWN must ensure that it provides levels of safety that are at minimum equivalent to those offered by the wired equivalent. In this paper, we propose a secure and trusted channel protocol that satisfies the stated security and operational requirements for an AWN protocol. There are three main objectives for this protocol. First, the protocol has to provide the assurance that all communicating entities can trust each other, and can trust their internal (secure) software and hardware states. Second, the protocol has to establish a fair key exchange between all communicating entities so as to provide a secure channel. Finally, the third objective is to be efficient for both the initial start-up of the network and when resuming a session after a cold and/or warm restart of a node. The proposed protocol is implemented within a demo AWN, and performance measurements are presented based on this implementation. In addition, we formally verify our proposed protocol using CasperFDR.

[1]  Steven J. Greenwald,et al.  Proceedings of the 2001 workshop on New security paradigms , 2001 .

[2]  Keith Mayes,et al.  Design, Installation and Execution of a Security Agent for Mobile Stations , 2006, CARDIS.

[3]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[4]  Andreas Pfitzmann Why Safety and Security Should and Will Merge , 2004, SAFECOMP.

[5]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[6]  M. Angela Sasse,et al.  Safe and sound: a safety-critical approach to security , 2001, NSPW '01.

[7]  N. Thanthry,et al.  Aviation data networks: security issues and network architecture , 2004, 38th Annual 2004 International Carnahan Conference on Security Technology, 2004..

[8]  Thierry Gayraud,et al.  Fly-By-Wireless for next generation aircraft: Challenges and potential solutions , 2012, 2012 IFIP Wireless Days.

[9]  Ahmad-Reza Sadeghi,et al.  Beyond secure channels , 2007, STC '07.

[10]  Keith Mayes,et al.  A Secure Channel Protocol for Multi-Application Smart Cards Based on Public Key Cryptography , 2004, Communications and Multimedia Security.

[11]  Radha Poovendran,et al.  SECURE NETWORK-ENABLED COMMERCIAL AIRPLANE OPERATIONS : IT SUPPORT INFRASTRUCTURE CHALLENGES , 2007 .

[12]  Keith Mayes,et al.  A Privacy Preserving Application Acquisition Protocol , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[13]  Konstantinos Markantonakis,et al.  A secure and trusted boot process for Avionics Wireless Networks , 2016, 2016 Integrated Communications Navigation and Surveillance (ICNS).

[14]  Serge Chaumette,et al.  Security and performance comparison of different secure channel protocols for Avionics Wireless Networks , 2016, 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC).

[15]  Keith Mayes,et al.  An Introduction to the Trusted Platform Module and Mobile Trusted Module , 2014, Secure Smart Embedded Devices, Platforms and Applications.

[16]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[17]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[18]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[19]  Lorenzo Strigini,et al.  Evidence-Based Security in Aerospace: From Safety to Security and Back Again , 2012, 2012 IEEE 23rd International Symposium on Software Reliability Engineering Workshops.

[20]  Günther Horn,et al.  Authentication and Payment in Future Mobile Systems , 1998, J. Comput. Secur..

[21]  M.L. Olive,et al.  Commercial Aircraft Information Security-an Overview of ARINC Report 811 , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[22]  Ashar Aziz,et al.  Privacy and authentication for wireless local area networks , 1994, IEEE Personal Communications.

[23]  Zhenfeng Zhang,et al.  Trusted Channels with Password-Based Authentication and TPM-Based Attestation , 2010, 2010 International Conference on Communications and Mobile Computing.

[24]  Angelos D. Keromytis,et al.  Just fast keying: Key agreement in a hostile internet , 2004, TSEC.

[25]  Chris J. Mitchell,et al.  Key control in key agreement protocols , 1998 .

[26]  Thomas Obert,et al.  IT Security Management of Aircraft in Operation: A Manufacturer's View , 2011 .

[27]  Radha Poovendran,et al.  Impact of Public Key Enabled Applications on the Operation and Maintenance of Commercial Airplanes , 2007 .

[28]  N. Thanthry,et al.  Security, Internet connectivity and aircraft data networks , 2005, Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology.

[29]  Radha Poovendran,et al.  Security Assurance for IT Infrastructure Supporting Airplane Production, Maintenance, and Operation , 2006 .

[30]  Konstantinos Markantonakis,et al.  Challenges of security and trust of mobile devices as digital avionics component , 2016, 2016 Integrated Communications Navigation and Surveillance (ICNS).

[31]  Konstantinos Markantonakis,et al.  Challenges of security and trust in Avionics Wireless Networks , 2015, 2015 IEEE/AIAA 34th Digital Avionics Systems Conference (DASC).

[32]  Frederik Armknecht,et al.  An efficient implementation of trusted channels based on openssl , 2008, STC '08.

[33]  Radha Poovendran,et al.  Challenges for IT Infrastructure Supporting Secure Network-Enabled Commercial Airplane Operations , 2007 .

[34]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..