Home' RTCA Documents for Review : ACAS X MOPS DRAFT Vol.1 Contents 5
ACAS X MOPS
alternate means of communicating with the flight crew or cabin (e.g., in -flight
entertainment, weather, etc.).
In most countries, the State provides oversight of safety-of-flight systems (sometimes
referred to as “authorized services”), which provide information to aircraft, such as an
Instrument Landing System (ILS), VHF Omnidirectional Range Radar (VOR), Global
Navigation Satellite System (GNSS), and Distance Measuring Equipment (DME), to
name a few. However, the State typically does not provide oversight on “non-trusted”
connectivity such as the internet, Wi-Fi, or manufacturer-supplied equipment interfaces
that permit input of externally-supplied data into aircraft systems. A manufacturer may
expose aircraft information vulnerability through equipment design, or introduce
vulnerability as a result of being connected to a common interface. Therefore, it is
important that manufacturers consider aircraft information security risk mitigation
strategies in their equipment design, particularly when the equipment is responsible for
an interface between the aircraft and aircraft-external systems.
Apart from any specific aircraft-information-security-related performance requirements
contained in these MOPS, it is recommended that manufacturers look at a layered
approach to aircraft information security risk mitigation that includes both technical (e.g.,
software, signal filtering) and physical strategies. From a technical perspective, for
example, this could include signal spoofing detection capabilities or more stringent,
multi-factored authentication techniques such as passwords, Personal Identification
Numbers (PINs), and digital certificates. From a physical perspective, for example, such
as in an in-flight entertainment system in the cabin, a manufacturer could consider
connectors that require special tools to remove to prevent passenger tampering. And
finally, but just as important, manufacturers should consider supply chain risk
management; for example, if a manufacturer is outsourcing software code development,
is the contractor and its staff properly vetted?
Civil aviation authorities have a regulatory interest when an applicant’s design makes use
of a non-trusted connectivity where the installation can potentially introduce aircraft
information security vulnerability. This requires the applicant to address not only the
information security vulnerabilities and mitigation techniques for the new installation, but
to also consider how vulnerability could propagate to existing downstream systems.
Therefore, it is recommended that manufacturers reference their equipment aircraft
information security review and mitigation strategies in the equipment’s installation
manual so that the applicant can consider them in meeting the installation regulatory
Collision Avoidance Systems
A Collision Avoidance System (CAS) identifies short term airborne conflicts (i.e.
encounters) and provides last-resort measures to pilots to prevent collision, when all
others functions have failed (i.e. where there is an imminent risk of collision). The
precursor CAS to ACAS X is TCAS II.
 A “non-trusted” connectivity (sometimes referred to as third-party system) is any frequency or service where an Air
Navigation Service Provider (ANSP) is not providing direct monitoring/protection.
Links Archive MOPS GNSS Aviation Antenna-FRAC Release ACAS X MOPS DRAFT Vol. 2 Navigation Previous Page Next Page