1. Field of the Inventive Concepts
The inventive concepts disclosed herein relate generally to computer network security and more particularly, but not by way of limitation, to methods and systems for providing dynamic security hardening of selected aircraft functions.
2. Description of the Related Art
Embedded avionic systems, due to their size, weight and power (SWAP) requirements, have limited computing resources. Operating security countermeasures at all times consumes valuable resources. Likewise, “always on” countermeasures, which may not be needed at all times, waste valuable computing resources. Furthermore, real-time security events are generally difficult to report to an aircraft operator, simply because operators are not usually trained to deal with security breaches, unless a security breach leads to safety issues. Aircraft operators are well trained to react to safety issues. To ease the burden of reporting security breaches, some level of automation is needed such that the aircraft can automatically assess and recover from security breaches, without involving the aircraft operators.
There has been a partial response to this problem. For example, U.S. Pat. Publication. Nos. 2013/0318615A1 and 2013/0318616A1, both issued to M. Christodorescu, et al. entitled, “PREDICTING ATTACKS BASED ON PROBABILISTIC GAME-THEORY,” disclose systems and methods for determining cyber-attack targets. These include collecting and storing network event information from sensors to extract information regarding an attacker; forming an attack scenario tree that encodes network topology and vulnerability information including paths from known compromised nodes to a set of potential targets; calculating a likelihood for each of the paths using a processor; calculating a probability distribution for the set of potential targets to determine which potential targets are most likely pursued by the attacker; calculating a probability distribution over a set of nodes and node vulnerability types already accessed by the attacker; determining a network graph edge to remove, which minimizes a defender's expected uncertainty over the potential targets; and removing the determined network graph edge. In the Christodorescu, et al. '615 and '616 patents, a game-theoretic approach is used to identify the best countermeasure given attack/response sequences.
As another example, U.S. Pat. No. 7,581,002, issued to C. D. Royalty, et al. entitled, “METHODS AND SYSTEMS FOR NETWORK FAILURE REPORTING,” discloses methods and systems for alerting airline personnel to potential aircraft data network security breaches. The airline personnel include at least one of flight crew personnel and maintenance crew personnel. The method includes detecting and categorizing potential aircraft data network security breaches, and recording the potential aircraft data network security breaches within an aircraft's existing crew alerting and maintenance data storage and reporting system. To summarize, the general focus of prior art systems is on large enterprise systems (e.g. as illustrated in the Christodorescu, et al. '615 and '616 patents). The Royalty et al. '002 patent does not automatically apply avionics specific countermeasures.