1 / 10

PKI deployment in the Aerospace Industry

Explore the history and evolution of PKI deployment in the aerospace industry, its impact on communication protocols, challenges faced, and the benefits it brings in terms of reduced costs and complexity. Discover how a single policy and multiple vendors are revolutionizing operations for airlines.

hering
Download Presentation

PKI deployment in the Aerospace Industry

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PKI deployment in the Aerospace Industry ICAO WG-I Information Paper #3 Author: Patrick Patterson

  2. History • 1999 • DCWG Starts defining PKI Policy for Air Transport Industry • 2000 • SITA Builds first Aerospace PKI • 2004 • ATA adopts DCWG • Renamed DSWG • Published CP in iSpec2200 (Chapter 5)‏ • Individuals • Devices • Software Signing

  3. History (cont.)‏ • 2006 • CertiPath formed • ARINC • SITA • Exostar • CP derived from US FBCA Policy and DSWG CP • DSWG Starts work on Secure ACARS • Identifying aircraft and ground stations • 2007 • CertiPath cross certifies with: • US FBCA, Boeing, Lockheed Martin, Northrop-Grumman, Raytheon, SITA • Exostar and ARINC are derive directly from CertiPath root

  4. Today: • 2008 • To Cross-Certify: • EADS (Airbus)‏ • US DoD • UKMoD • In Discussion: • Honeywell • Rockwell-Collins • General Dynamics • CA, FR, NL governments • Approach to airlines being worked on • DSWG is the standard, CertiPath is an implementation

  5. What is using DSWG PKI Policy in Air Transport? • “Secure ACARS” final specification • AEEC 823 • Derived, in part from ICAO ATN SARPs • “Gatelink” in progress specification • AEEC 822 • Field Loadable Software • Boeing 787 and Airbus A380 • Electronic 8130 Airworthiness • Electronic Flight Bag • Signed Flight Plans, Manifests, weather reports, maps, etc. • Various Military programs ALL USING DSWG/CertiPath BASED PKI

  6. What does this mean for ICAO? There is an: • Existing • Deployed • Functional • Government recognised PKI for Aerospace and Air Transport use • Communication protocols are already starting to use it • AEEC 822 and 823 • Problems with PKI are being solved • Low Bandwidth Environment == ECC • Revocation? == Short life certificates • Key management? (still in progress)‏

  7. Challenges • It is important for there to be only one PKI standard for the industry • Setting up a CA is expensive • A cross-certified environment makes it less so. • Unless we have convergence on a single policy, there will be no providers willing to set up those CAs • Do we really want communications “protected” by a CA running from under someone's desk? • Policy is as important as the technical deployment

  8. What DSWG/CertiPath makes possible: • Single Policy for all aspects of an airlines operations • Maintenance • Flight Ops • Supply Chain Management • Reduced cost and complexity • Single point of audit • Single Certificate per use • Single Trust anchor • Multiple vendors ready today • if the airline does not want to set up their own PKI

  9. How does this work?

  10. Questions?

More Related