Thompson Rolls Out Secure Aircraft Data Solution
Editor’s Note: This Hot Topic is a head swimmer and we really recommend downloading the mentioned links in the article and studying them while reading.
If the concept of the Internet and aviation makes you nervous, you aren’t alone. More specifically, connectivity of any kind and airplanes are an issue that will keep tongues wagging for some time to come. While we must admit, aviation data communication and hacking are not our strong suit; we are none-the-less concerned and have been trying to keep up with the rapidly changing connectivity landscape. Further, if you are up on terms like “Lizard Squad”, “Syrian Electronic Army”, or exploited vulnerabilities like “MS 15-011” or “CVE-2015-0235 (Ghost)” then you are probably ahead of us in the future shock workings of electronic hacking. Make no mistake, if “Malaysian Airline System” and “A380” appear in Recorded Future/Cyber Daily listing of cyber attacks… you will be involved! And if you want to know more, SITA has been on the forefront of this technology and might be a good place to start. In the past, we have referenced the Recorded Future folks’ efforts in this arena – Check out the webinar. In the aforementioned webinar, Dave Ockwell-Jenner of SITA points out some hacks like “ADS-B Hack” and “Operation Cleaver” that are just the beginning of the nightmare that will grow with time.
But, this Hot Topic is more about the airplane security side of aviation data communication. To that end, we have been working with one of our industry’s experts in data security, Mark Thompson (Thompson Aerospace). We suspect that his interest began in IFE but has now morphed to include secure connectivity. We asked Mark to chime in on the subject and he quickly sent us a presentation that his team presented at an ARINC 848 meeting.
You might also remember a Hot Topic we discussed with Mark (October 2014) when he noted, “The biggest problem in this business has always been managing the data.” To that end, Thompson has employed some very clever solutions and the key to their data management schemes is to maintain a secure connection between the aircraft and the ground and provide a scheme for validation between the airborne unit and the cloud. With the advent of a lot of credit cards sales, both onboard and off board the aircraft, Thompson designed their server with FIPS 140-2 Level 3 security… ”Equal to that used by the US Federal Reserve,” he noted. Thompson has had this gateway in development for the past 3 years and the company told IFExpress that in 2020 the US government is requiring asymmetric keys security from airborne satellite communications… and Thompson Aerospace can provide it now.
One point that seems to be at issue is: data communication is not necessarily best sent point-to-point, especially if there is a lot of it. Rather, storage is best, either on the plane, but eminently more useful, if stored in the Cloud. While safer stored on a plane, it is usually not available till the plane has landed. Not only is localized permanent storage of gigabytes of data challenging, access and usage may be needed worldwide and thus very secure, Internet storage is chosen as more favorable for Big Data. And, we have not even mentioned passenger data, but the Thompson solution includes that too. While we have not addressed the subject of costs, transmission and storage have their costs but the utility of data may just be worth it – think MH 370.
The real reason we chose to talk to Mark is because airlines, aviation communication specialists, and airframe manufactures are talking to Thompson Aerospace about his solution to one big problem – secure data communication in the air. His recent communication system developments triggered our interest so we caught up with him and he told IFExpress: “Here is a simple presentation on our system. We really just make the aircraft a node on the Internet, to achieve this requires an approved means of security. Our system provides the same level of security used by DoD ‘secret’ communications, FIPS 140-2. Hence, we can pass any data over any type link and make sure it is not modified or hacked.” To backtrack a bit, we understand that Thompson Aerospace has been in the data business for some time now and Mark impressed that fact on IFExpress at the last APEX Conference in Anaheim, CA. At the time he told us that his aircraft data solution used 2 encryption keys, one public and one private – that means his security levels are government levels and the same as DoD levels.
We naturally asked Mr. Thompson for a rundown on his security solution so please refer to the title chart above and the Press Release on Real -Time Flight Tracking and Performance Solution product.
Q. The green units on our cover chart are connected how? One box, 2 boxes, 3 boxes (cards)?
Mark: The green units show the logic, we have one CSU per aircraft, it has 3 processors, hence, can do 400 Mb/s in streaming video on demand using only 20 percent of a single processor, we recommend (2) WAPS but each WAP is an 802.11n, hence a single WAP could do a 200 seats. The antenna is to show the connectivity solutions, we have two small antennae.
Q. The Connectivity Server Unit does what, to what, how?
Mark: The CSU does it all, all the aircraft interface, the Iridium, 3 processors, 2,000 Gigabytes of user stowage (2) cell phones, plus a Quad channel GPS, and accelerometer, and some other interfaces, it is a system in a box. One of these units used as an IFE server could do 400 seats of Video on Demand and stow over 2000 hours of content.
Q. Maintenance access is oft times cell, and I guess now Wi-Fi… through what?
Mark: We use the Wi-Fi for maintenance access and have an additional Bluetooth channel for added functions.
Q. Does all the Aircraft Data go thru Iridium?
Mark: Only high value data as this is an expensive link.
Q. What data goes where and how and through what? Crew, aircraft, main, pax, cabin?
Mark: All the data on the aircraft goes to the CSUthe CSU talks to the Cloud, and the Cloud can send any data securely to anybody in the world that has an Internet connection
Q: How many boxes and how many cards are involved?
Mark: 1 CSU, 2 WAPs and a 10.1-inch control panel is recommended.
Q: The cost?
Mark: We are offering a one time set up charge of $10K, plus a month fee based on what services they want. It is a service level agreement, so customers only pay for what they use, we provide all the hardware, and they never have to buy an LRU again. If they agree to share revenue from the passengers with our approved third parties we will write them a check each month.