Home' RTCA Documents for Review : DO-XYZ_ED-ABC_FRAC_SC236_MASPS Contents 4
© 2019 RTCA, Inc.
The availability of SARPs for WAIC is a necessary condition for the operation of WAIC
as part of the aeronautical mobile (R) service, per Resolution 424 (WRC-15). The
publication of this MASPS will be a critical step towards developing SARPs and thus
enabling the use of WAIC on board civil aircraft.
Aircraft Equipment Information Vulnerabilities
Aircraft equipment information vulnerabilities (such as cybersecurity risks) have been
present for digital systems since the development of the personal computer (PC) in the late
70’s and even longer for RF systems, and the advent of internet connectivity has
substantially increased those risks. Internet and Wi-Fi connectivity have become popular
as a means for aircraft or equipment manufacturers to update installed avionics software,
to update databases, or provide an alternate means of communication among members of
the flight or cabin crew (e.g., in-flight entertainment, weather, etc.).
In most countries, the State provides oversight of safety-of-flight systems (sometimes
referred to as “authorized services”) which provide information to aircraft, such as ILS,
VOR, GNSS, and DME, to name a few. However, the State typically does not provide
oversight on “non-trusted”
connectivity such as the Internet, Wi-Fi, or manufacturer-
supplied equipment interfaces which permit input of externally-supplied data into aircraft
systems. An equipment manufacturer may expose aircraft information through a
vulnerability in its equipment. Therefore, it is important that manufacturers consider
aircraft information security risk mitigation strategies in their equipment design.
Apart from any specific aircraft-information-security-related performance requirements
that are contained in these MASPS, it is recommended that manufacturers look at a layered
approach to aircraft information security risk mitigation that includes both technical (e.g.,
software, signal filtering) and physical strategies. From a technical perspective, for
example, this could include signal spoofing detection capabilities or more stringent, multi-
factored authentication techniques such as passwords, PINs, and digital certificates. From
a physical perspective, for example, in an in-flight entertainment system in the cabin, a
manufacturer could consider connectors that require special tools to remove to prevent
passenger tampering. And finally, but just as important, manufacturers should consider
supply chain risk management; for example, if a manufacturer is outsourcing software code
development, is the contractor and its staff properly vetted?
Civil Aviation Authorities (CAAs) have a regulatory interest when an applicant’s design
makes use of a non-trusted connectivity where the installation can potentially introduce
aircraft information security vulnerability. This requires the applicant to address not only
the information security vulnerabilities and mitigation techniques for the new installation,
but to also consider how a vulnerability could propagate to existing downstream systems.
Therefore, it is recommended that manufacturers reference their equipment aircraft
information security review and mitigation strategies in the equipment’s installation
manual so that the applicant can consider them in meeting the installation’s regulatory
 Report ITU-R M.2283-0: Technical characteristics and spectrum requirements of
wireless avionics intra-communications systems to support their safe operation.
1 A “non-trusted” connectivity (sometimes referred to as third-party system) is any frequency or service where an Air
Navigation Service Provider (ANSP) is not providing direct monitoring/protection.
Links Archive DO-363 Ch1 C2 Link Systems MASPS_Draft Navigation Previous Page Next Page