Abstract: A vehicle network system is configured to detect unauthorized intrusions by a passenger-owned device, and to identify the passenger-owned device based at least in part on stored information representative of network communications. The vehicle network system can be further configured to determine a position of the intruding passenger-owned device within a passenger area of the vehicle and to obtain a name and/or camera image of a passenger associated with the device. The position of the intruding device can be identified based at least in part on communications between the intruding device and one or more network-access devices distributed throughout the passenger area.

Abstract: This disclosure relates to updating information in devices of remote systems over a network. A method includes receiving, via a first switch, a first selection. The method also includes activating, based on the first selection, a data partition in a storage device corresponding to the first device. The method further includes deactivating based on the first selection, data partitions in the storage device corresponding to non-selected devices. Additionally, the method includes storing information in the data partition corresponding to the first device. Moreover, the method includes receiving, via a second switch, a second selection. The method also includes determining that the first selection matches the second selection. The method further includes retrieving, based on the determining, the information from said activated data partition. Additionally, the method includes providing the retrieved information to a first device that corresponds to the first selection and the second selection.

Abstract: Systems for and methods of securely communicating between a ground station and an aircraft are presented. The communications are among a plurality of nodes, including a ground based node and a plurality of aircraft based nodes. Each node stores at least a respective portion of a blockchain representing interactions among at least some of the nodes. Control nodes may initiate a privileged network action by: broadcasting to the plurality of control nodes a blockchain record representing the privileged network action, receiving from control nodes a plurality of votes representing validation results of the privileged network action, determining that a consensus from the control node votes indicates that the privileged action is permissible, and publishing to respective blockchain portions of each of the plurality of nodes a derivation of the blockchain record representing the privileged action, where the system implements the privileged action based on the determining.

Abstract: A method and system for providing medical assistance onboard an aircraft is provided. A number of secure wireless connections are established between an onboard device located on the aircraft and a remote device located remotely with respect to the aircraft, to enable communications between a device operator using the onboard device and a medical professional using the remote device. Information about a medical event that occurs onboard the aircraft is sent from the onboard device to the remote device using the number of secure wireless connections. A medical assessment of the medical event by the medical professional is received at the onboard device from the remote device over the number of secure wireless connections.

Abstract: Provided are methods and systems for multiband wireless data transmission between aircraft and ground systems. The transmission uses different wavelength ranges, each wavelength range corresponding to a different data domain and establishing a different communication channel. This wavelength differentiation provides physical separation between different data domains and, as a result, improves data security. Furthermore, a single broadband antenna is used on the exterior of the aircraft for transmitting data sets from different data domains. The single antenna configuration reduces drag and weight and improves structural integrity of the aircraft in comparison to multi-antenna configurations. Different aircraft communication modules, which are connected to different aircraft systems, handle different data domains and operate at different wavelength ranges. These modules are connected to the same antenna using a multiplexer.

Abstract: A system for evaluating a cyber-attack on an aircraft may include a display associated with the aircraft, a sensor system configured to generate sensor data for a pilot, and a data processing system configured to: (1) generate simulation data, (2) generate a flight simulation from the simulation data, (3) simulate the cyber-attack on at least one aircraft system during the flight simulation, (4) generate virtual flight data during the flight simulation, and (5) present the sensor data and the virtual flight data.

Abstract: A system includes a transmitting line replaceable unit (TLRU) configured to receive messages including instructions for avionics receiving line replaceable units (RLRUs). The system further includes a memory configured to store validation data including a set of expected messages. A monitor is further included and is configured to monitor messages received at the TLRU and further configured to determine whether received messages are valid based on at least a portion of the set of expected messages stored in the memory. A plurality of RLRUs are further included and configured to receive message from the TLRU and to execute the instructions included in the received messages.

Abstract: The present invention generally relates to systems and methods for encrypting data. The disclosed techniques can include tracking a plurality of flight parameter values for a plurality of flight parameters of an aircraft, generating a first cryptographic key from the plurality of flight parameter values, encrypting plaintext using the first cryptographic key to generate a first ciphertext, and sending, from a sender to a receiver, a message comprising the first ciphertext.

Abstract: An aircraft includes an aircraft network having nodes and links and a sandbox network in communication with the aircraft network. The sandbox network simulates the aircraft network and includes sandbox nodes corresponding to the nodes of the aircraft network, a first set of sandbox links corresponding to the links of the aircraft network, and a second set of sandbox links providing communication between sandbox nodes not in communication via the first set of sandbox links. Computer executable instructions, when executed, perform the steps of: generating network traffic over the sandbox network such that the sandbox network models a behavior of the aircraft network; identifying a suspicious activity on the aircraft network; routing the suspicious activity from the aircraft network to the sandbox network; and analyzing the suspicious activity as the suspicious activity traverses through the sandbox network.

Abstract: A cyber-attack scenario simulation system and method may include an aircraft simulator operable to generate an aircraft simulation, a cyber-attack generator operable to generate a cyber-attack simulation, a cyber defense generator operable to generate a cyber defense simulation, a scenario generator operable to generate a cyber-attack scenario including the cyber attack simulation and the cyber defense simulation and launch the cyber-attack scenario against the aircraft simulation, and a cyber-attack scenario analysis tool operable to assess an impact of the cyber-attack scenario on the aircraft simulation.

Abstract: An inline ARINC data authenticity inspection module, method and computer program product are provided. In the context of a method, ARINC data that is transmitted via an ARINC bus is received into a buffer partition. The method also includes inspecting the ARINC data from the buffer partition within an inspection partition. The method further includes determining, as a result of having inspected the ARINC data within the inspection partition, whether the ARINC data is authentic. In an instance in which the ARINC data is determined to not be authentic, the method logs receipt of the ARINC data that is determined to not be authentic. However, in an instance in which the ARINC data is determined to be authentic, the method permits data corresponding to the ARINC data to be transmitted to an intended destination.

Abstract: Provided are methods and systems for multiband wireless data transmission between aircraft and ground systems. The transmission uses different wavelength ranges, each wavelength range corresponding to a different data domain and establishing a different communication channel. This wavelength differentiation provides physical separation between different data domains and, as a result, improves data security. Furthermore, a single broadband antenna is used on the exterior of the aircraft for transmitting data sets from different data domains. The single antenna configuration reduces drag and weight and improves structural integrity of the aircraft in comparison to multi-antenna configurations. Different aircraft communication modules, which are connected to different aircraft systems, handle different data domains and operate at different wavelength ranges. These modules are connected to the same antenna using a multiplexer.

Abstract: An aircraft includes an aircraft network having a plurality of nodes that are segregated into a plurality of zones, each zone defining a different level of potential threat to the aircraft network. Each of the plurality of nodes has computer executable instructions that can receive data from another of the plurality of nodes; inspect net flow across the aircraft network based on a source location of the data; and identify a security event based on the received data, the plurality of potential entry points, a plurality of potential attack vectors that include vectors between nodes organized in the same zone and vectors between nodes organized in different zones, and a model of the dataflow of the aircraft network.

Abstract: The present invention generally relates to systems and methods for encrypting data. The disclosed techniques can include tracking a plurality of flight parameter values for a plurality of flight parameters of an aircraft, generating a first cryptographic key from the plurality of flight parameter values, encrypting plaintext using the first cryptographic key to generate a first ciphertext, and sending, from a sender to a receiver, a message comprising the first ciphertext.

Abstract: An aircraft includes an aircraft network having nodes and links and a sandbox network in communication with the aircraft network. The sandbox network simulates the aircraft network and includes sandbox nodes corresponding to the nodes of the aircraft network, a first set of sandbox links corresponding to the links of the aircraft network, and a second set of sandbox links providing communication between sandbox nodes not in communication via the first set of sandbox links. Computer executable instructions, when executed, perform the steps of: generating network traffic over the sandbox network such that the sandbox network models a behavior of the aircraft network; identifying a suspicious activity on the aircraft network; routing the suspicious activity from the aircraft network to the sandbox network; and analyzing the suspicious activity as the suspicious activity traverses through the sandbox network.

Abstract: A system includes a transmitting line replaceable unit (TLRU) configured to receive messages including instructions for avionics receiving line replaceable units (RLRUs). The system further includes a memory configured to store validation data including a set of expected messages. A monitor is further included and is configured to monitor messages received at the TLRU and further configured to determine whether received messages are valid based on at least a portion of the set of expected messages stored in the memory. A plurality of RLRUs are further included and configured to receive message from the TLRU and to execute the instructions included in the received messages.

Abstract: A system for evaluating a cyber-attack on an aircraft may include a display associated with the aircraft, a sensor system configured to generate sensor data for a pilot, and a data processing system configured to: (1) generate simulation data, (2) generate a flight simulation from the simulation data, (3) simulate the cyber-attack on at least one aircraft system during the flight simulation, (4) generate virtual flight data during the flight simulation, and (5) present the sensor data and the virtual flight data.

Abstract: Provided are methods and systems for multiband wireless data transmission between aircraft and ground systems. The transmission uses different wavelength ranges, each wavelength range corresponding to a different data domain and establishing a different communication channel. This wavelength differentiation provides physical separation between different data domains and, as a result, improves data security. Furthermore, a single broadband antenna is used on the exterior of the aircraft for transmitting data sets from different data domains. The single antenna configuration reduces drag and weight and improves structural integrity of the aircraft in comparison to multi-antenna configurations. Different aircraft communication modules, which are connected to different aircraft systems, handle different data domains and operate at different wavelength ranges. These modules are connected to the same antenna using a multiplexer.

Abstract: An inline ARINC data authenticity inspection module, method and computer program product are provided. In the context of a method, ARINC data that is transmitted via an ARINC bus is received into a buffer partition. The method also includes inspecting the ARINC data from the buffer partition within an inspection partition. The method further includes determining, as a result of having inspected the ARINC data within the inspection partition, whether the ARINC data is authentic. In an instance in which the ARINC data is determined to not be authentic, the method logs receipt of the ARINC data that is determined to not be authentic. However, in an instance in which the ARINC data is determined to be authentic, the method permits data corresponding to the ARINC data to be transmitted to an intended destination.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for processing search results. In one aspect, a transition from a first search result environment to a second, different search result environment is done in a manner that preserves the user experience of focusing on a selected search result. The transition can be facilitated by an intermediate search result environment that appears during the transition from the first search result environment to the second search result environment. The intermediate search result environment displays search result data of a search result that was selected in the first search result environment. The search result data that is displayed is, for example, data that was provided for display in the first search result environment. For example, in the case of image search results, the search result data that is displayed is a thumbnail image of the image search result.