Patents by Inventor Steven L. Arnold
Steven L. Arnold has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10938689Abstract: In general, certain embodiments of the present disclosure provide techniques or mechanisms for automatically filtering network messages in an aviation network for an aircraft based on a current system context. According to various embodiments, a method is provided comprising receiving a network message transmitted from a source avionic device to a destination avionic device via one or more network packets within the aviation network. A current system context, indicating an aggregate status of avionic devices within the aviation network, is determined based on monitoring the avionic devices. The network message is analyzed by identifying a plurality of attributes corresponding to header and data fields of the one or more network packets corresponding to the network message. The acceptability of the network message within the current system context is determined based on one or more filter rules that specify what attributes are allowed within a particular system context.Type: GrantFiled: August 3, 2018Date of Patent: March 2, 2021Assignee: The Boeing CompanyInventors: John E. Bush, Steven L. Arnold, Arun Ayyagari
-
Patent number: 10721259Abstract: In general, certain embodiments of the present disclosure provide methods and systems for automatic generation of filter rules based on functional network flows for e-Enabled aviation systems. According to various embodiments, a method is provided comprising capturing network packets corresponding to a functional network flow transmitted within a networked aviation system, and parsing the network packets in order to extract one or more network messages corresponding to the functional network flow. The network message is examined in order to identify and classify a plurality of attributes corresponding to the header and data fields of the network packets. A table corresponding to the network messages is automatically generated, which includes one or more filter rules. In some embodiments, the table may be used to determine which communications are authorized during a particular context of the networked aviation system. The method further comprises validating the one or more filter rules.Type: GrantFiled: March 31, 2016Date of Patent: July 21, 2020Assignee: The Boeing CompanyInventors: John E. Bush, Arun Ayyagari, Steven L. Arnold
-
Publication number: 20180375747Abstract: In general, certain embodiments of the present disclosure provide techniques or mechanisms for automatically filtering network messages in an aviation network for an aircraft based on a current system context. According to various embodiments, a method is provided comprising receiving a network message transmitted from a source avionic device to a destination avionic device via one or more network packets within the aviation network. A current system context, indicating an aggregate status of avionic devices within the aviation network, is determined based on monitoring the avionic devices. The network message is analyzed by identifying a plurality of attributes corresponding to header and data fields of the one or more network packets corresponding to the network message. The acceptability of the network message within the current system context is determined based on one or more filter rules that specify what attributes are allowed within a particular system context.Type: ApplicationFiled: August 3, 2018Publication date: December 27, 2018Applicant: The Boeing CompanyInventors: John E. Bush, Steven L. Arnold, Arun Ayyagari
-
Patent number: 10063435Abstract: In general, certain embodiments of the present disclosure provide techniques or mechanisms for automatically filtering network messages in an aviation network for an aircraft based on a current system context. According to various embodiments, a method is provided comprising receiving a network message transmitted from a source avionic device to a destination avionic device via one or more network packets within the aviation network. A current system context, indicating an aggregate status of avionic devices within the aviation network, is determined based on monitoring the avionic devices. The network message is analyzed by identifying a plurality of attributes corresponding to header and data fields of the one or more network packets corresponding to the network message. The acceptability of the network message within the current system context is determined based on one or more filter rules that specify what attributes are allowed within a particular system context.Type: GrantFiled: April 11, 2016Date of Patent: August 28, 2018Assignee: The Boeing CompanyInventors: John E. Bush, Steven L. Arnold, Arun Ayyagari
-
Publication number: 20170295031Abstract: In general, certain embodiments of the present disclosure provide techniques or mechanisms for automatically filtering network messages in an aviation network for an aircraft based on a current system context. According to various embodiments, a method is provided comprising receiving a network message transmitted from a source avionic device to a destination avionic device via one or more network packets within the aviation network. A current system context, indicating an aggregate status of avionic devices within the aviation network, is determined based on monitoring the avionic devices. The network message is analyzed by identifying a plurality of attributes corresponding to header and data fields of the one or more network packets corresponding to the network message. The acceptability of the network message within the current system context is determined based on one or more filter rules that specify what attributes are allowed within a particular system context.Type: ApplicationFiled: April 11, 2016Publication date: October 12, 2017Applicant: The Boeing CompanyInventors: John E. Bush, Steven L. Arnold, Arun Ayyagari
-
Publication number: 20170289189Abstract: In general, certain embodiments of the present disclosure provide methods and systems for automatic generation of filter rules based on functional network flows for e-Enabled aviation systems. According to various embodiments, a method is provided comprising capturing network packets corresponding to a functional network flow transmitted within a networked aviation system, and parsing the network packets in order to extract one or more network messages corresponding to the functional network flow. The network message is examined in order to identify and classify a plurality of attributes corresponding to the header and data fields of the network packets. A table corresponding to the network messages is automatically generated, which includes one or more filter rules. In some embodiments, the table may be used to determine which communications are authorized during a particular context of the networked aviation system. The method further comprises validating the one or more filter rules.Type: ApplicationFiled: March 31, 2016Publication date: October 5, 2017Applicant: The Boeing CompanyInventors: John E. Bush, Arun Ayyagari, Steven L. Arnold
-
Patent number: 8739270Abstract: The methods and systems of the present disclosure provide a high assurance means for multiple legacy communication (e.g., Mil-Std-1553 communications protocol) system users and/or devices and multiple IP based network users and/or devices to seamlessly, and in real time, share information across various security domains. Specifically, the system enables multiple legacy communication system protocols and interfaces to communicate with existing IP interfaces and protocols with a high degree of trust. The system includes a configurable filtering capability to allow for the data to be inspected prior to being passed from one security domain to another security domain.Type: GrantFiled: April 19, 2011Date of Patent: May 27, 2014Assignee: The Boeing CompanyInventor: Steven L. Arnold
-
Patent number: 8286231Abstract: A method for communicating information packets from a first host system operating in a first security domain and in accordance with a non-secure communications protocol, using a dataguard, to a second host system operating in a second security domain different than the first security domain, and where the second host system is also operating in accordance with the non-secure communications protocol.Type: GrantFiled: January 28, 2009Date of Patent: October 9, 2012Assignee: The Boeing CompanyInventor: Steven L. Arnold
-
Patent number: 8185944Abstract: A server for transferring data between networks. The server is programmed to perform the following steps: (a) creating a receiving process, a filtering process and a forwarding process, the filtering process being dictated by a file that specifies filtering rules, wherein: (b) the receiving process receives data transmitted from a source host; (c) the filtering process filters the transmitted data based on the filtering rules; and (d) the forwarding process forwards only filtered data to a destination host.Type: GrantFiled: February 28, 2006Date of Patent: May 22, 2012Assignee: The Boeing CompanyInventors: Daniel D. Schnackenberg, Janell Schnackenberg, legal representative, Kelly S. Bunn, Thomas E. Donofrio, Steven L. Arnold, Travis S. Reid, Ryan D. Hammond
-
Patent number: 8024788Abstract: A method and apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message from the second application to the first application.Type: GrantFiled: May 31, 2007Date of Patent: September 20, 2011Assignee: The Boeing CompanyInventors: Steven L. Arnold, Thomas E. Donofrio
-
Patent number: 7873071Abstract: In exemplary embodiments, data with a format compatible with a first protocol standard is received on behalf of a first application. When the format of the data is not compatible with a second protocol standard, the format of the data is automatically transformed to a format that is compatible with the second protocol standard. The data is transmitted to a second application service using the second protocol standard. The data may be received from the second application. When the format of the data is not compatible with a third protocol standard, the format of the data is automatically transformed to a format that is compatible with the third protocol standard. The data is transmitted on behalf of a third application using the third protocol standard. The first and third applications may be in first and second protected enclaves. The second application may include a security gateway service.Type: GrantFiled: May 15, 2006Date of Patent: January 18, 2011Assignee: The Boeing CompanyInventors: Kevin Y. Ung, Michael J. Murphy, Brett Hartman, Samuel C. Kwok, Thomas E. Donofrio, Steven L. Arnold, Richard M. Balza
-
Publication number: 20100192217Abstract: A method for communicating information packets from a first host system operating in a first security domain and in accordance with a non-secure communications protocol, using a dataguard, to a second host system operating in a second security domain different than the first security domain, and where the second host system is also operating in accordance with the non-secure communications protocol.Type: ApplicationFiled: January 28, 2009Publication date: July 29, 2010Applicant: The Boeing CompanyInventor: Steven L. Arnold
-
Publication number: 20080301799Abstract: A method, apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message to from the second application to the first application.Type: ApplicationFiled: May 31, 2007Publication date: December 4, 2008Inventors: Steven L. Arnold, Thomas E. Donofrio