Aircraft and avionics systems have become increasingly sophisticated, connected, and technologically advanced. The intricacies associated with advanced technology, however, introduce complexity that makes it difficult to discern vulnerabilities that may exist due to underlying functionality, interconnections, associated subsystems and weaknesses in hardware/software. Such weaknesses may be exploited by threat actors using a variety of tactics, techniques, and procedures to deliver effects against aircraft and avionics systems. Although the safe and effective operation of aircraft are dependent on proper functionality of aircraft communications and avionics systems, there is not an effective means for the detection of cybersecurity threats that may impact safety of flight and operations. QED Secure Solutions proposes a solution consisting of capabilities to support detection, identification and reporting of cyber-based attacks against avionics components. The dedicated capabilities include both stand-alone and distributed detection tools. Stand-alone components consist of embedded applications capable of profiling avionics systems at the operating system/firmware level and detecting changes to the established baseline, as an avionics system host-based attack identification capability. Distributed components consist of sensors and a centralized analysis engine that monitors critical avionics data buses for intrusion detection. The centralized analysis engine collects data captured by sensors and consolidates the data for synthesis, target identification, tactics development, attribution, and later data sharing with other platforms. In addition to detecting indicators of compromise, the analysis engine also collates collected data into standardized formats for off-board analysis. Potential NASA Applications (Limit 1500 characters, approximately 150 words): Expected benefits and applications for NASA: Ability to readily deploy host-based and distributed attack identification and host-based intrusion detection for air-vehicle based systems. Monitoring of critical systems to detect cyber-based attacks in real-time to mitigate safety of flight and operations concerns. Integration with In-Time Aviation Safety Management System. Leverage QED advanced experts in the area of avionics cybersecurity. Potential Non-NASA Applications (Limit 1500 characters, approximately 150 words): Expected applications extending beyond NASA: Ability to apply solution to commercial fleet of aircraft Transition of technology to Department of Defense Integration with existing solutions for safeguarding National AirSpace System Leverage QED association in this avionics security space for coordination of findings with Department of Homeland Security and National Labs Duration: 6
