Astronautics Continues Cybersecurity Research with Federal Aviation Administration

Oct. 30, 2020

Astronautics Corporation of America received additional research and development (R&D) funding from the Federal Aviation Administration (FAA) to execute the second major phase of its Aircraft Systems Information Security/Protection (ASISP) R&D risk assessment contract.

The contract for this portion of Phase 2 includes operational activities consistent with earlier research, including advanced studies of air-ground communications in order to identify vulnerabilities and propose mitigations.

Astronautics — a member of the Cyber Safety - Commercial Aviation Team (CS-CAT) — will present information to and acquire feedback from CS-CAT that may be included in the final assessment report being prepared for the FAA. CS-CAT is an organization committed to advancing safety in the National Airspace System through a proactive approach that focuses on identifying risk and implementing cost-effective mitigation strategies before cyber-attacks occur.

“Astronautics is an expert in air-ground communications and connectivity for aircraft,” explained David Jones, Astronautics’ manager of avionics security assurance. “Our cybersecurity team will use this air-ground communications expertise to conduct in-depth studies in order to find risks and propose actions to address them.”

“Astronautics has been at the forefront of cybersecurity research and knows the importance of security for our customers. We are committed to continuing to work with the FAA to begin a practical phase for using the developed cybersecurity risk assessment methodology,” said Astronautics president Chad Cundiff.

During Phase 1 of the ASISP program, Astronautics established one methodology that identified and categorized potential aircraft security risks to critical avionics systems; then identified and evaluated mitigation alternatives for these risks. In the beginning of Phase 2, Astronautics — working with industry colleagues — ran security risk assessments (SRA) to determine the effectiveness of the methodology and refine the methodology as necessary.