DC Field | Value | Language |
dc.contributor.author | Gaga, Getero | - |
dc.date.accessioned | 2021-09-24T07:46:01Z | - |
dc.date.available | 2021-09-24T07:46:01Z | - |
dc.date.issued | 2021-07 | - |
dc.identifier.uri | . | - |
dc.identifier.uri | http://hdl.handle.net/123456789/6242 | - |
dc.description.abstract | Aircraft avionics systems are one of the most critical components of an airplane
due to their criticality for safe flight operations. These systems rely on loadable software
aircraft parts to perform functions previously handled manually or by analog systems.
When a new or update to an existing software is needed to be installed on the aircraft, the
software parts are transferred from the manufacturer/supplier to operators. Operators
should have a software management process that includes adequate protections from
software tampering while the software is in storage and during transfers.
Currently, there is no security mechanism that can prevent installation of software
from non-official sources for the previous design airplanes that did not adapt technology
advancements. The attackers could take advantage of this vulnerability and tamper the
software parts, which could negatively affect the safe operation of the airplane.
To solve this problem, this study employed the design science research
methodology, which is a rigorous research framework that creates and evaluates
information technology (IT) artifacts, to solve the identified security problems. This
study performed a comprehensive security analysis of the aircraft software distribution
systems by applying the systems approach called Systems Theoretic Process Analysis for
Security.
This study found out two critical security vulnerabilities in the aircraft software
distribution system: (1) there is no security mechanism for the previous design airplanes
to authenticate the identity of the sender of the software and to ensure that the original
content of the document is unchanged and (2) password-based single-factor
authentication is used for accessing the ground-based software servers as well as
maintenance laptops.
Finally, this study demonstrated that the identified vulnerabilities could be
eliminated or prevented from being exploited by applying the proposed solutions.
Therefore, the major contribution of this study is applying a multi-layer security
mechanism for the aircraft software distribution system, which enhances the existing
security mechanisms and provides adequate security protection. | en_US |
dc.language.iso | en | en_US |
dc.publisher | ST. MARY’S UNIVERSITY | en_US |
dc.title | MULTI-LAYER SECURITY MECHANISM FOR COMMERCIAL AIRCRAFT SOFTWARE DISTRIBUTION SYSTEM: CASE OF AIRLINES | en_US |
dc.type | Thesis | en_US |
Appears in Collections: | Master of computer science Master of computer science
|