1. Field
The present disclosure relates generally to portable data processing devices, such as maintenance devices, that may be connected to network data processing systems on aircraft. Still more particularly, the present disclosure relates to partitioning the data processing resources on such a device into separate operating environments, wherein an application on one of the operating environments controls access by the other operating environments to the aircraft network data processing system.
2. Background
Modern aircraft are extremely complex. For example, an aircraft may have many types of electronic systems on-board. These systems are often in the form of line-replaceable units (LRUs). A line-replaceable unit is an item that can be removed from an aircraft and replaced. A line-replaceable unit is designed to be easily replaceable.
A line-replaceable unit may take on various forms. A line-replaceable unit on an aircraft may be, for example, without limitation, a flight management system, an autopilot, an in-flight entertainment system, a communications system, a navigation system, a flight controller, a flight recorder, a collision avoidance system, a system to support maintenance functions, a system to support crew processes, or a system to provide other operations and functions or combinations of operations and functions. The various line-replaceable units on an aircraft may be parts of an aircraft network data processing system.
Line-replaceable units may use software or programming to provide the logic or control for various operations and functions. Typically, all software on an aircraft is treated as a separate part, or is combined with a hardware part and is unchangeable without changing the hardware part number. Aircraft software that is treated as an aircraft part may be referred to as a loadable software aircraft part or a software aircraft part. Software aircraft parts are parts of an aircraft's configuration.
Aircraft operators are entities that operate aircraft. Aircraft operators also may be responsible for the maintenance of aircraft. Examples of aircraft operators include, without limitation, airlines and military units. When an aircraft operator receives an aircraft, software aircraft parts may be already installed in the line-replaceable units on the aircraft.
An aircraft operator may also receive copies of loaded software aircraft parts in case the parts need to be reinstalled or reloaded into the line-replaceable units on the aircraft. Reloading of software aircraft parts may be required, for example, if a line-replaceable unit in which the software is used is replaced. Further, the aircraft operator also may receive updates to the software aircraft parts from time to time. These updates may include additional features not present in the currently-installed software aircraft parts and may be considered upgrades to one or more line-replaceable units. Specified procedures may be followed during loading of a software aircraft part on an aircraft so that the current configuration of the aircraft, including all of the software aircraft parts loaded on the aircraft, is known.
An aircraft operator, or other aircraft maintenance entity, may perform maintenance operations on an aircraft. Some maintenance operations may be performed by connecting a maintenance device to the network data processing system on the aircraft. For example, the maintenance device may be a portable computing device, such as a laptop computer.
The maintenance device may include software stored on the device that is used to perform various maintenance operations on the aircraft. The maintenance device may also include other software stored on the device. It is desired that only maintenance devices from approved maintenance entities, including only approved software from trusted software suppliers, be allowed to access the aircraft network data processing system. For example, unapproved software on a maintenance device may include software that is corrupted, software that is infected with a virus, or other unapproved software. Unapproved software may affect the operation of the aircraft network data processing system in undesired ways if a maintenance device containing such software is allowed to access the aircraft network data processing system.
Current systems and methods for controlling access to entirely ground-based computer networks may not be applied effectively to mobile systems, such as aircraft. The particular environment in which aircraft network data processing systems are operated and maintained makes it difficult or impossible to use current network access control systems and methods to control the access of maintenance devices or other devices to an aircraft network data processing system. This is due partly to the fact that aircraft are often disconnected from other networks and partly to the conventions for aircraft configuration control that are followed in aircraft maintenance operations.
Accordingly, it would be advantageous to have a method and apparatus that takes into account one or more of the issues discussed above as well as possibly other issues.