Composition of Information Assurance properties in Integrated Modular Avionics systems

Abstract

Systems deploying integrated modular avionics (IMA) architectures have enabled manufacturers to reduce aircraft weight and form common computing platforms; consequently, the demand for such systems has been increasing in both military and commercial aircraft. The benefits of IMA architectures are primarily fulfilled by a consolidation of multiple standalone (ldquofederatedrdquo) systems into a single systems-of-systems (SoS) deployment. Contemporaneous to the increase in demand for IMA systems in the military and commercial aviation fields is the increasing amount of security required in airborne systems. As the demand for IMA systems converges with the demand for secure systems, the need for composition of information assurance (IA) properties in such a SoS emerges. The IMA architecture and its associated IA properties are examined herein. An analysis of IMA system components is presented with the goal of forming a unified set of IA properties representative of a fully composed system that may be understood by those without domain-specific knowledge. The mission of composing identified recombinant IA properties is analyzed, using recognized assurance techniques such as those found in currently accepted security assurance documents (to the extent that they support the analysis). A comparative analysis of high assurance and low assurance techniques is performed to validate the relative merits of each as they apply to the composed IMA system.