Abstract: Disclosed is a bus data monitor (“BDM”) for use with a MIL-STD-1553 data bus (“1553 bus”). The BDM includes one or more processing units and a computer-readable medium. The computer-readable medium includes encoded thereon computer-executable instructions to cause the one or more processing units to receive data from the 1553 bus in signal communication with the BDM, access a rule set from a computer file stored on the computer-readable medium, compare the received data from the 1553 bus against the rule set, and determine if the received data violates any of the sub-rules defined in the rule set, where the rule set includes a plurality of defined sub-rules.

Abstract: Disclosed is a Multiple Security Level Monitor (“MSLM”) for monitoring a plurality of MIL-STD-1553 data buses (“1553 buses”) having at least one security level. The MSLM includes a system high processing device (“SHPD”) and a plurality of bus data monitors (“BDMs”). Each BDM is in signal communication with the SHPD via a plurality of signal paths that are separate from the plurality of 1553 buses. The plurality of BDMs includes least two BDMs. The first and second BDMs are in signal communication with a first and second 1553 bus having a first security level and second security level, respectively, where the signal communication is only in a receive mode from the first and second 1553 buses to the two BDMs.

Abstract: A system and method for monitoring data traffic on a MIL-STD-1553 data bus system with a data guard. The monitoring system includes a data guard, which may be toggled between a passive mode and an active mode using two switches. In the active mode, using a first switch, data traffic from remote terminals on the MIL-STD-1553 data bus system are placed on a guarded bus of the data guard system and sent to the data guard by way of a coupler for filtering data messages through a plurality of pre-generated data set rules. If the data traffic is validated, it is returned to the MIL-STD-1553 data bus system through a second coupler. In the passive mode, the data traffic is directed to a transparent bus by way of a third coupler using a second switch, thus allowing the MIL-STD-1553 data bus system to operate without latency concerns.

Abstract: A system and method for monitoring data traffic on a MIL-STD-1553 data bus system with a data guard. The monitoring system includes a data guard, which may be toggled between a passive mode and an active mode using two switches. In the active mode, using a first switch, data traffic from remote terminals on the MIL-STD-1553 data bus system are placed on a guarded bus of the data guard system and sent to the data guard by way of a coupler for filtering data messages through a plurality of pre-generated data set rules. If the data traffic is validated, it is returned to the MIL-STD-1553 data bus system through a second coupler. In the passive mode, the data traffic is directed to a transparent bus by way of a third coupler using a second switch, thus allowing the MIL-STD-1553 data bus system to operate without latency concerns.

Abstract: Disclosed is a Multiple Security Level Monitor (“MSLM”) for monitoring a plurality of MIL-STD-1553 data buses (“1553 buses”) having at least one security level. The MSLM includes a system high processing device (“SHPD”) and a plurality of bus data monitors (“BDMs”). Each BDM is in signal communication with the SHPD via a plurality of signal paths that are separate from the plurality of 1553 buses. The plurality of BDMs includes least two BDMs. The first and second BDMs are in signal communication with a first and second 1553 bus having a first security level and second security level, respectively, where the signal communication is only in a receive mode from the first and second 1553 buses to the two BDMs.

Abstract: Disclosed is a bus data monitor (“BDM”) for use with a MIL-STD-1553 data bus (“1553 bus”). The BDM includes one or more processing units and a computer-readable medium. The computer-readable medium includes encoded thereon computer-executable instructions to cause the one or more processing units to receive data from the 1553 bus in signal communication with the BDM, access a rule set from a computer file stored on the computer-readable medium, compare the received data from the 1553 bus against the rule set, and determine if the received data violates any of the sub-rules defined in the rule set, where the rule set includes a plurality of defined sub-rules.

Abstract: A server for transferring data between networks. The server is programmed to perform the following steps: (a) creating a receiving process, a filtering process and a forwarding process, the filtering process being dictated by a file that specifies filtering rules, wherein: (b) the receiving process receives data transmitted from a source host; (c) the filtering process filters the transmitted data based on the filtering rules; and (d) the forwarding process forwards only filtered data to a destination host.

Abstract: A method and apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message from the second application to the first application.

Abstract: In exemplary embodiments, data with a format compatible with a first protocol standard is received on behalf of a first application. When the format of the data is not compatible with a second protocol standard, the format of the data is automatically transformed to a format that is compatible with the second protocol standard. The data is transmitted to a second application service using the second protocol standard. The data may be received from the second application. When the format of the data is not compatible with a third protocol standard, the format of the data is automatically transformed to a format that is compatible with the third protocol standard. The data is transmitted on behalf of a third application using the third protocol standard. The first and third applications may be in first and second protected enclaves. The second application may include a security gateway service.

Abstract: A method, apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message to from the second application to the first application.