民机航电系统功能-信息安全一体化分析方法

doi:10.16265/j.cnki.issn1003-3033.2022.09.2126

中国安全科学学报 ›› 2022, Vol. 32 ›› Issue (9): 49-56.doi: 10.16265/j.cnki.issn1003-3033.2022.09.2126

民机航电系统功能-信息安全一体化分析方法

赵长啸¹(), 汪克念²^,^**(), 张伟¹, 董方正¹

1 中国民航大学安全科学与工程学院,天津 300300
2 中国民航大学民航航空器适航审定技术重点实验室,天津 300300

收稿日期:2022-03-14 修回日期:2022-07-13 出版日期:2022-10-19 发布日期:2023-03-28
通讯作者: 汪克念
作者简介:
赵长啸 (1989—),男,山东临清人,博士,副研究员,主要从事综合化航电系统性能评估与适航设定技术研究。E-mail: cxzhao@cauc.edu.cn。
汪克念助理研究员
基金资助:
国家重点研发计划(2021YFB1600601); 国家自然科学基金资助(U1933106); 天津市教科委科研计划项目(2019KJ134)

Integrated analysis method of functional safety and cyber security of avionics system for civil aircraft

ZHAO Changxiao¹(), WANG Kenian²^,^**(), ZHANG Wei¹, DONG Fangzheng¹

1 School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China
2 Key Laboratory of Civil Aircraft Airworthiness Technology, Civil Aviation University of China, Tianjin 300300, China

Received:2022-03-14 Revised:2022-07-13 Online:2022-10-19 Published:2023-03-28
Contact: WANG Kenian

摘要/Abstract

摘要：

为提高飞机在网络化环境下安全运行能力,解决现有民机航电系统功能安全性评估与信息安全分析割裂导致非预期风险产生的问题,基于民机系统安全性分析双“V”模型,以民机系统功能失效状态类别与信息安全威胁状态等级的映射关系为融合点,将信息安全风险作为系统功能异常的新致因因素,并与现有民机系统安全评估流程结合,探究一体化安全分析活动与民机航电系统研制流程的关联关系,提出机载航电系统功能-信息安全一体化分析方法。研究表明:该方法在分析关注点、风险归因等5方面存在明显差异,综合功能-信息安全对飞机、机组、乘客的影响,融合分析双“V”模型各环节功能-信息的安全性,进而有效提高航电系统功能-信息安全一体化安全性水平。

关键词: 民机航电系统, 功能-信息安全, 一体化分析, 双“V”模型, 适航要求

Abstract:

In order to improve safe operation abilities of aircraft in networked environment, and address problems of unintended risks caused by fragmentation of functional safety assessment and information security analysis of existing avionics system of civil aircraft, based on dual "V" model of civil aircraft system's security analysis, with mapping relationship between functional failure status category and information security threat status level as an integration point, correlation between integrated safety analysis activities and avionics system development process was analyzed with information security risk being taken as a new cause factor for functional abnormalities in combination with current safety assessment process. The, an integrated analysis method of airborne avionics system's functional and cyber security was proposed. The results show that the method has obvious differences in five aspects, such as concerns and risk attribution, and it considers impacts of functional safety and information security on aircraft, crew and passengers, and integrates analysis of functional safety and information security at each link of double "V" model, so as to effectively improve integrated functional safety and information security of avionics system.

Key words: avionics system of civil aircraft, functional safety and cyber security, integrated analysis, dual "V" model, airworthiness requirement

赵长啸, 汪克念, 张伟, 董方正. 民机航电系统功能-信息安全一体化分析方法[J]. 中国安全科学学报, 2022, 32(9): 49-56.

ZHAO Changxiao, WANG Kenian, ZHANG Wei, DONG Fangzheng. Integrated analysis method of functional safety and cyber security of avionics system for civil aircraft[J]. China Safety Science Journal, 2022, 32(9): 49-56.

图/表 9

图1

表1

表2

图2

图3

图4

图5

图6

图7

参考文献 27

[1]	何锋. 航空电子系统综合调度理论与方法[M]. 北京: 清华大学出版社, 2017:1-3.
	HE Feng. Theory and approach to avionics system integrated scheduling[M]. Beijing: Tsinghua University Press, 2017:1-3.
[2]	ZHAO Changxiao, DONG Lei, LI Haoi, et al. Safety assessment of the reconfigurable integrated modular avionics based on STPA[J]. International Journal of Aerospace Engineering, 2021, 2021(1):1-14.
[3]	KAMMULLER Florian, MAFRD Kerber. Applying the Isabelle Insider framework to airplane security[J]. Science of Computer Programming, 2021, 206(2):DOI: 10.1016/j.scico.2021.102623. doi: 10.1016/j.scico.2021.102623
[4]	MOR Z S, ASGHAR N, INALHAN G. Avionics architecture design for a future generation fighter aircraft[C]. 2019 IEEE/AIAA 38^th Digital Avionics Systems Conference (DASC),2019:DOI: 10.1109/DASC43569.2019.9081644. doi: 10.1109/DASC43569.2019.9081644
[5]	PARK Pangun, MARCO Piergiuseppe Di, NAH Junghyo, et al. Wireless avionics intra-communications: a survey of benefits, challenges, and solutions[J]. IEEE Internet of Things Journal, 2021, 8(10):7745-7767. doi: 10.1109/JIOT.2020.3038848
[6]	COOPER P, HANDLER S, SHAHWAN S. Aviation cybersecurity: scoping the challenge[R]. Atlantic Council, Scowcroft Center for Strategy and Security, 2019.
[7]	CCAR25-R4—2011,运输类飞机适航标准[S].
	CCAR25-R4-2011,Airworthiness standards for transport category airplanes[S].
[8]	胡晓义, 王如平, 王鑫, 等. 基于模型的复杂系统安全性和可靠性分析技术发展综述综述[J]. 航空学报, 2020, 41(6):DOI: 10.7527/S1000-6893.2019.23436. doi: 10.7527/S1000-6893.2019.23436
	HU Xiaoyi, WANG Ruping, WANG Xin, et al. Recent development of safety and reliability analysis technology for model-based complex system[J]. Acta Aeronauticaet Astronautica Sinica, 2020, 41(6): DOI: 10.7527/S1000-6893.2019.23436. doi: 10.7527/S1000-6893.2019.23436
[9]	赵长啸, 阎芳, 邢培培, 等. 面向民机综合化航电系统的安全例证法研究[J]. 中国安全科学学报, 2017, 27(7):82-87. doi: 10.16265/j.cnki.issn1003-3033.2017.07.015
	ZHAO Changxiao, YAN Fang, XING Peipei, et al. Study on safety case method for integrated avionics of civil aircraft[J]. China Safety Science Journal, 2017, 27(7):82-87. doi: 10.16265/j.cnki.issn1003-3033.2017.07.015
[10]	ALLISON Craig, REVELL Kirsten, SEARS Rod, et al. Systems theoretic accident model and process (STAMP) safety modelling applied to an aircraft rapid decompression event[J]. Safety Science, 2017, 98:159-166. doi: 10.1016/j.ssci.2017.06.011
[11]	SAE ARP4761-1996,Guidelines and methods for conducting the safety assessment process on civil airborne systems and equipment[S].
[12]	李国, 李静雯, 王静, 等. 基于威胁状态的新型机载网络安全风险评估改进模型[J]. 现代电子技术, 2019, 42(2):41-45.
	LI Guo, LI Jingwen, WANG Jing, et al. A security risk assessment improved model based on threat status for new airborne networks[J]. Modern Electronics Technique, 2019, 42(2):41-45.
[13]	许志香. 基于入侵检测的机载网络安全防护技术研究[D]. 天津: 中国民航大学, 2019.
	XU Zhixiang. Research on airborne network security protection technology based on intrusion detection[D]. Tianjin:Civil Aviation University of China, 2019.
[14]	SAVIO Sciancalepore, PIETRO Roberto D. SOS: standard-compliant and packet loss tolerant security framework for ADS-B communications[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(4):1681-1698.
[15]	吴超. 安全复杂学的学科基础理论研究:为安全科学新高地奠基[J]. 中国安全科学学报, 2021, 31(5): 7-17. doi: 10.16265/j.cnki.issn1003-3033.2021.05.002
	WU Chao. Research on basic theory of safety complexity science:laying a foundation for new highland of safety science[J]. China Safety Science Journal, 2021, 31(5): 7-17. doi: 10.16265/j.cnki.issn1003-3033.2021.05.002
[16]	靳江红, 夏侨丽, 莫昌瑜. 核安全级DCS功能安全与信息安全权衡技术[J]. 核动力工程, 2021, 42(1): 100-106.
	JIN Jianghong, XIA Qiaoli, MO Changyu. Integration technology of functional safety and cyber security for nuclear safety class DCS[J]. Nuclear Power Engineering, 2021, 42(1): 100-106.
[17]	靳江红, 莫昌瑜, 李刚. 工业控制系统功能安全与信息安全一体化防护措施研究[J]. 工业安全与环保, 2020, 46(1): 53-60.
	JIN Jianghong, MO Changyu, LI Gang. Integration technology of functional safety and cyber security for industrial control system[J]. Industrial Safety and Environmental Protection, 2020, 46(1): 53-60.
[18]	胡博文, 周纯杰, 刘璐. 基于模糊多目标决策的智能仪表功能安全与信息安全融合方法[J]. 信息网络安全, 2021, 21(7):10-16.
	HU Bowen, ZHOU Chunjie, LIU Lu. Coordination of functional safety and information security for intelligent instrument based on fuzzy multi-objective decision[J]. Netinfo Security, 2021, 21(7):10-16.
[19]	EASA CS-25 Amendments 25-2020,Amendments to the certification specifications for large aeroplanes (CS-25)[S].
[20]	EASA AMC 20-42-2020,Airworthiness cyber security risk assessment[S].
[21]	RTCA DO-326A-2014,Airworthiness security process specification[S].
[22]	RTCA DO-355-2014, Information security guidance for continued airworthiness[S].
[23]	RTCA DO-356A-2018, Airworthiness security methods and considerations[S].
[24]	吴志军, 王慧. 信息安全中Safety与Security的比较研究[J]. 信息网络安全, 2013(8): 84-86.
	WU Zhijun, WANG Hui. The difference between security and safety[J]. Netinfo Security, 2013(8): 84-86.
[25]	佟瑞鹏, 王露露, 李虹玮, 等. 安全管理、风险管理与应急管理的关系探讨:基于大安全理念视角[J]. 中国安全科学学报, 2021, 31(5): 36-44. doi: 10.16265/j.cnki.issn1003-3033.2021.05.006
	TONG Ruipeng, WANG Lulu, LI Hongwei, et al. Discussion on relationship between safety management,risk management and emergency management based on Macro-security view[J]. China Safety Science Journal, 2021, 31(5): 36-44. doi: 10.16265/j.cnki.issn1003-3033.2021.05.006
[26]	FAA AC 25.1309-1B,System design and analysis[S]. 2012.
[27]	SAE ARP4754A-2010,Guidelines for development of civil aircraft and systems[S].

机型	适航局方	SC编号	发布时间	SC名称
空客A350	FAA	25-533-SC	2014-10-08	防止电子系统外部的未授权访问
	EASA	25-534-SC	2014-08-25	通过隔离或防护防止电子系统内部的未授权访问
		2SC F-38	—	通过隔离或保护防止飞机系统和网络免受内部和外部安全威胁
波音B787	FAA	25-356-SC	2008-02-01	系统和数据网络安全-隔离或保护防止未经授权的客舱系统访问
	EASA	25-357-SC	2008-01-28	系统和数据网络安全,保护飞机系统和数据网络免遭未经授权的外部访问
	EASA	F-25	—	飞机控制域和航空公司信息服务域的系统安全,不受互联网和运营商网络访问以及现场可加载软件应用程序和数据库等影响。
商飞C919	CAAC	EE-4	2015-08-10	机载网络安保

分析维度	分析对象	分析关注点	风险归因	安全水平持续性
机载系统功能安全	航电系统功能	对机组、乘客、飞机的影响	环境、设备物理失效、人因差错(非有意的)	可持久的维持同一安全性水平
机载系统信息安全	核心资产	对资产机密性,完整性,可用性, 真实性,可控性等属性的影响	攻击者恶意行为	可能随技术进步突变

民机航电系统功能-信息安全一体化分析方法

Integrated analysis method of functional safety and cyber security of avionics system for civil aircraft

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 27

相关文章 0

编辑推荐

Metrics

本文评价