With nuclear power facilities working to comply with new cybersecurity regulations, airlines looking for ways to keep their aircraft connected and secure, and airports working to protect borders and travelers, security and resilience are paramount. Rockwell Collins has solutions for all of these needs, as well as a new internal cybersecurity strategy, all of which link to its core purpose — keeping people safe, connected and informed.
Capitalizing on a global network
As the largest aeronautical data-link provider in the world, Rockwell Collins is capitalizing on its ARINC Global Network to provide a new service to critical infrastructure customers — hosted cybersecurity. “We currently provide physical security solutions to almost 70 percent of all nuclear power plants in the United States,” said Elyas Farzan, director of Marketing and Business Development for Rockwell Collins Information Management Services (IMS).
To comply with Nuclear Regulatory Commission (NRC) requirements, nuclear facilities must demonstrate that their critical systems are protected from cyberattacks. “Many customers lack the technical expertise and resources to monitor their own network 24 hours each day to comply with these regulations,” explained Farzan. “Rockwell Collins’ hosted cybersecurity service complements the existing services we offer, providing a cost-effective solution to keeping their facilities secure.”
“Since we create and manage high-availability private networks and network services, we ensure that our customers’ data is secure at every single point.”
“Rockwell Collins’ mission-critical NOC (network operations center) is the backbone that railways, airlines, airports, nuclear power plants and emergency responders count on each day to connect and transfer their critical data,” said Mark Griffith, director of Cybersecurity for IMS. “Since we create and manage high-availability private networks and network services, we ensure that our customers’ data is secure at every single point.”
The connected aircraft
Another area where Rockwell Collins is keeping customers’ data secure is on board aircraft. A majority of today’s aircraft systems have federated, stand-alone systems with custom operating systems and hardware. This separation makes them extremely resilient to cyberattack. However, as networking technologies are introduced into aircraft to gain efficiencies in the cockpit and cabin, the risk of security vulnerabilities can increase as well.
Rockwell Collins Fellow and cybersecurity expert, Linda Peyton, senior director of Navigation Products Engineering, explained that there are three major domains that Rockwell Collins focuses on in an aircraft. These are characterized as the Aircraft Control Domain (i.e., the cockpit, avionics and flight controls), the Airline Information Service Domain (i.e., maintenance, ground and crew), and Passenger Information and Entertainment Services Domain (i.e., passenger services and devices).
“These domains are all separated today, but there’s a long-term desire to start connecting them,” Peyton said. “As we do so, we have to look at the system as a whole and determine what pieces of the system and information we’re connecting, what the risk impact will be and what mitigation techniques we can put in place.”
iPads, portable electronic devices and other commercial off-the-shelf (COTS) equipment are examples of changing connectivity. As COTS devices are integrated into flight decks and used in the cabin, they introduce a new set of vulnerabilities.
Historically, aircraft have been equipped with proprietary hardware and complex software that was not physically connected to other systems, explained Kelli Wolfe, principal systems security engineer for Airborne Information Solutions (AIS). “A COTS-based, Internet Protocol (IP) enabled environment is potentially more vulnerable due to the well-known nature of its communication paths,” said Wolfe.
“We want to make sure that our customers are connected in a way that’s safe and secure.”
“We want to make sure that our customers are connected in a way that’s safe and secure,” said Greg Rice, Advanced Technology Center (ATC) senior manager. “Whether that’s upgrading older aircraft so pilots can share passenger information and maintenance data with airlines or preparing for the secure wireless software distribution airlines will be deploying in the next few years, we have to stay one step ahead of the adversaries of the future.”
Rice and his team research and develop emerging cybersecurity tools and technologies. Their focus is on securing the aircraft, radio and communications systems of the future and protecting legacy systems prevalent in decades-old aircraft. One thread that connects all of their research is cyberresilience. Just like an aircraft has redundant systems that enable it to operate during an electrical or mechanical failure, Rice theorizes that the same is possible in a cyberenvironment.
“We want the ability to fight through an attack and isolate its effects,” Rice explained. “Even if there’s a successful compromise of a civilian or military subsystem, that aircraft has to be able to continue to work without interruption. All mission-critical functions need to operate without impact.”
Peyton describes this as a “defense in depth” approach, based on the military principle that it is more difficult for an enemy to defeat a multi-layered system than a single layer of defense. “We have layered security techniques put in place to protect our systems,” said Peyton.
A unified approach
Rockwell Collins uses a multifaceted approach to internal security as well. In 2015, the Rockwell Collins Cybersecurity Council was chartered, bringing together 11 members from across the globe, each representing a Rockwell Collins business and area of expertise.
Rockwell Collins Fellow Scott Zogg, senior director of Enterprise Security Operations and Management and Cybersecurity Council leader, explained that this structured strategy to cybersecurity positions us as a leader in cybersecurity governance. “Our customers rely on our cybersecurity expertise,” he said. “The Council enables us to view our organization as a whole — just like a hacker would — and draw from our vast cybersecurity capabilities to protect both our customers and our company.”
“Cyberthreats and attacks don’t recognize geopolitical boundaries,” said Marielle Roux, principal manager for the EuMEA (Europe, Middle East and Africa) Avionics Certification, Safety and Cybersecurity group in Blagnac, France. “The council brings an added layer of resilience and protection to our regional information systems while enhancing visibility of local threats and trends.”
“The lines are blurring between traditional information technology and the businesses,” stated Amy McDonald, vice president of Internal Audit, who represents Audit and Finance on the council. “The Cybersecurity Council enables us to bring together the different cybersecurity perspectives from across the enterprise. As a result, we have better visibility into potential vulnerabilities, trends and best practices and can take action in a cohesive, systematic way.”
As networking and connectivity become universal, security has become an integral part of everything Rockwell Collins does.
“Security is no longer a domain or a function,” said Peyton. “It’s a completely different way of thinking and of doing business.”
By Kalindi Garvin