I 115 145 SSUUJ CHE 2'13 3 GETERAL TECI-DIICAL CI-IAPI ER til SECURITY Sectiun 1 Safety Assurance System Evaluate the 14 CPR Parts 111 111 135 125 and 119 Aircraft Security Program REPDRTIHC A Prugr'am Traclcing and Repur'ting Acli'rity Cndes 31 i initialj and 3 l resisicn B Safets Assurance Sy stenr Antematicn This seclic-n is related tn SAS Elements 4 45 1 All Atinnics Special Emphasis Pregams i tsS-SS APPLICABILITY A Aircraft Herr-Inch Security Requirement The requirement felt an SP is dependent an aircraft design and intended nperaticn An aircraft an AISP is c-ne that is certi ed ssith a special ccnditicn SIS re ected an the aircraft Type Certificate Data Sheet requiring nperatcr actic-ns tc- mitigate electtc-mc securits rislrs- 'Ihese mandaters actic-ns are In the desien apprc-tal hclder maintenance cr cperalic-nal prccedures as required by the special ccnditicn Per the purpnse cf this chapter these aircraft still be referred tc as ccnnected aircraft B Ccnnecterl Aircraft A ccnnected aircraft cperated under Title 14 cf the Cede cf Federal Regulaticns 14 parts 111- 111 135 125 and 139 require an Clperalinns under 14 lSl-T-Lparts '91 1251s and 13 7 are net required tc hate an AESP Hcsyeyer parts 91 1251s and 1337 as a ccnditicn issuance cf an certi cate are required tc- fc-llms' the RAE precedures cr ccntinued det'elcped tc meet SCs addressing electrc-mc system security The DAH pracedures must be included in the maintenance and cuperaticnal prcugrams Sac-me aircraft may have an SC fc-r security that applies tc the DAI-I design truly and dces require cperatcur acticn These aircraft dc- ric-t need an as maintenance and nperaticnal precedtrtes- 'Ihis sectic-n cnntains infcurmaticn and guidance that the principal ayicnnics inspects-rs use when evaluating an cperatcr s nf cial ncti calinn that an cuperatcnr intends tc add ccnnected aircraft tc their eet die PAI must ccnsult the Flight Standards Service Aircra Maintenance Dit1sicun Ayicnics Branch 350 at 'Ihis 1 1 'ill prelude early ccncurdmatic-n tcu ensure all pres-gram requirements are met pricnr tc issuing c-peralicuns speci catinn The PAI 1s fc-r acceptance cf the prcugram 1a 11i1 the ccuncm'rence c-f AP 3154 Scum the ICl'flice c-f Infc-11nalicln and Senices 1 Security and P'ritacy Eisl L Ianagement Sta will supp-art in the eyalnatic-n Because cf this 1mique applicatic-n c-f cnmputer technculcgs 1still cc-llah-a-rate 1a'ith AIS- lltl tc prcu1 1de techincal inferniatic-n technc-lcgy II securits AP 3454 still rely cn fc-r their eaperlise in IT cyher securits tc- assist in evaluating the cperatc-r securits The PAI still make etaluaticns with assistance and Sam the assigned AP 3454 a11aticn safety inspectcur ASI KDTE The PM may require cencuITence ef ASIs in ether specialties te- assure all aspects ef training are addressed- and te assure that die full eperatic-nal impact efthe cennected aircraft ceu guratien is assessed- 1 1-3911 GENERAL This sectie-n centains a general et'ertiev ef the requirements fer eyaluating an RESP under parts 121- 121 135 113 and 115'- This sectie-n centains infermatien and guidance aheut gaming fer an eperater s RESP HDTE Cl'pSpec D3111 fer part 123'- certi cate helders dees net apply te part 111111 Letter ef Detiatien Audie ty eperaters It applies tc- aircraft eperated under part 129- and dees net apply te part 119 eperaters that de- ne-t hat'e aircraft It applies te all aircraft eperated under pair 119- 119 14 3 1391 The is in 'DpS-pec D301 Leg in te the Web-based Ctperatiens Safety System and fella-11' en screen prempts tc- cemplete the autheliaalien- 1439 LEE DF Pre11eusly- aincraft designers used a11atien 439 1519 er Military Standard 11-111 - data huses tc- intercennect ight critical atienics sy stems Advance cennectitrity technelegy 1 1 as used enly te suppert the passenger infermatien and entertaimnent s1 stems 11 h1ch 1 1 ere lphy sically and legicall1 separated em the ight cIitical atienics sy stems he aircraft designs use advanced technc-legy fer the main aircraft hachhene cennectiug flight critical a11enics as 11 ell as passenger infermatien land entertainment sy stems in a manner that maltes the aircraft an airheine mterce-nnected net's er1 11 Enterual Systems Access The architecture ef this airherne netyy'c-rlc may alleu' read and er 1 11ite access tc- and er em eitternal systems and net'a'erl's such as tiireless airhne eperatiens and maintenance systems satellite cemmunicaliens email the lutemet etc I Illnheard 1aired and 11 1reless de11ces may else have access tc- pertiens ef the aircraft's digital data buses that pre11de ight-c1111cal mctiens KDTE The design ef these cennected aircraft makes it dif cult te maintain the certi cated ceu guratien ef the aircraft felleyying dectmiented in an 15 21 311- IDpEpec D301 is necessary tc- T erif l that eperaters hate the skills teehng and precedures In place te accemplish the requirements cf the DAH aircraft eperater sectuity guidance 11 111511 ISennectecl aucraft hate the capability te repregram ight ciilical ayienics cempenents 1 11relessl1 and 1ia T siieus data transfer mechanisms This capability alene er ceupled 1 11111 passenger Icennectitity en the aircraft net11 er1 may result cyher secu1it1 T 111nerahilities 'em mtentienal er unintentienal cen11ptien ef data and er systems cIitical be the safety and centmued airla'erthiness ef the airplane re eeaam sens- me etentIa r Cdihl ple Iudthp 'Ife h-ialu'are te infect an aincraft system 5111 attac1 er te use unheard 1 1 ireless te access aircraft system mterfaces Denial ef se111ce efuireless interfaces Denial ef se111ce ef safety c11lical systems Misuse ef persenal detices that access aircraft systems and Misuse ef elf-heard netlarer1 cennectic-ns te- access aircraft system interfaces REGULATDET The esisling regulatie-ns did net anticipate this type cf system architecture er electrenic access te aircraft sy stems that preside flight- ciitical Title 14 CFR and cmrent s1 stem safety assessment pelicy and techniques de net address petenlial cyher sectuity tulnerahililies that access te aircraft data buses and sewers ceuld cause In 1 1 ith 14 CFR part 11-31 11- 15'- as desciihed 14 CFR part 21- 15- aircra net'acrl stems are certi cated threugh means including hut net limited te type certi cates and Supplemental Type Certi cates that include SC Irequirements ef the insh11ctiens fer centinued airu erdiiness Title 14 CFR part 43 43 13 requires each parse-n perferming maintenance- alteralien- er preventive maintenance en an aircraft- engine- prepeller- er appliance tc use the metlicds- techniques and practices prescribed in the cm'rent manufacturer's maintenance manual cr ICE prepared by its manufacture er ether medicds techniques- and practices acceptable tc the Admimstratcr P ls 1 yill determine that an cperatcr s BEEP is in 1sith applicable regulalicns and manufacturers instructiens- The manufacturer's instructicns may he in die feim cf a reccmmended aircraft secm'ity pregram aini'erdimess liniitalicns er ether mstructiens REFEREHCES F l hi Ali-l CIR 1135 11 References current editicns Fidt'iscry Circular AC 119-1- and Ctperaticnal Authe saticn cf Aircraft Netty-ark Security AHSPJ RICA DID-325A- Piiru'crdiiness Security Prccess Speci caticn and Security ICicnunuing Anu'erthiness- at htlp 1 yuna ' rtca erg B Farms licne C Jeh iids licne ACTIUH 11 Develop an Clperatcrs cf ccnnected aircraft must des'elcp and maintain an that is su iciently in sccpe and detail tc the 1 Ensure that security pretecticn is suf cient tc preuent access by unaudicrised external tc the aircraft 1 Ensure that security threats speci c re the certi cate hclder's cperatiens are identi ed and assessed and that risl mitigaticn strategies are implemented tc ensure the centmued airu'crthiness cf the aircraft 3 Present inadvertent cr malicicus changes te the aircraft neta'crl including these pcssibly caused by maintenance actitity 4 Present Lmauthcrised access 'cm scurces enbeard the aircraft I ELIE-DID will he the fecal peint Tceri ying the items in suhparagaphs 3439531 thrcughii-l l- B Guidelines fer Antharizatian Ctperaters cf cennected aircra during initial certi caticn the addilien ef new types cf ccnnected aircraft I shculd ensure that the initial statement clearly describes the prccedures that the cperatcr 1sill use fer the PEEP The cperatcr must det'elcp a seclicn in its General Maintenance Manual Cl-11m cr cther apprepriate manual that presides detailed instnicticn cn Reles and including persens 1 t'itli authcrity and Training quali catiens I - cf maintenance laptcp greund equipment access and me - cf access tc 1sired and 1arireless service netit'crl access tc Leadahle Heftu'are Airplane Part Illibufj librarian Creating secure parts signing precess and access te piisate keys mcnitcr cf physical access tc aircraft cf aircraft tc type design as amended Prctisicns parts pccling and parts PIccedures part estchanges u idiin its cu'n eet Eyent recegmtien and Eyent e1alualicn precess 11itd1 censideraticns fer pregram imprcuements and I - SecuIity emirenment descripticn- P1511 sheuld enccirrage the cperatcr te submit the request fer autheliaaticn I'DpEpec D301- aldng 111th 151 SP at least 5D da1 3 plier te planned cperaticn cfthe ccnnected aiucraft crL'ing 111111 3 1333151 the PM that the cperatcr has established apprep1iate e1ent receguilien respense precesses and secmity awareness training 111mm their respectiye pregram area- IJ t d PEEICE SE 111th assistance em 511 F's-350 11i l cellaberate 11ith certi cate helders tc determine the mandatery and recemmended requirements cf the manufacturer's s-ecmity 1 the Meat Recent 1F 'er'sien that the certi cate helder has the meat recent 11ersien ef the manufacturers secuIity dccument Use the felle11ing reseurces tc determine the recent 1'ersicn Limitalicn Secticn ef the Aircraft Maintenance Manual Aircraft lCierti calicn El' ice 151131 Aircraft Et'aluaticn Ercup B Cempia1'e the Requirements and Recemmendatians Cempare the requirements and 1n the manufacturer secm'ity decument te these In the RESP 1 1111 ft that the certi cate helder addresses the requirements and that any apprepriate tn the certi cate helder eperalicns are included I EDIE It is net necessary fer the P 5d tc 1'erif1 ' the technical aspects ef data security 3113 11111 will accemplish this duiing headquarters Hill- re1'ie11' C 1Ffer'rfy the Apprapriate Changes E e fy d1at changes are re ected in the certi cate Ihelder maintenance and that the 1311-1211 at equi1'alent manual is re1is-ed Fer enample- if an 311 3 states there is a precess tc 1' ahdate the manufacturer's digital signature en seftu are parts rece11' ed that precess sheuld be desc1ibed 1n the' Parts Receiying sectien ef the Gh sf Else if SP sensiliy parts are recent ed em a parts peel the parts peeling precedures shculd address this D Review the SP Dming initial implementatien ef 'DpEpec D301- the regienal specialist is net tasleed te re1ie11' the E Complete the Package The PM 11ill submit the request directly te 111th a ccmtesy cep1 ' tc the regicnal specialist Wheney er pcssihle tc allc11 fer the meat timel1 and ef cient re1'ie11' the EDIEP package 11ill be submitted elecn'cnically 1'ia email with receipt requested The 5151 11 111 submit lthe te the assigned 15113- secIiIity specialist fer a cencurrent re11e11' The APS- 35' #131 and er the 5115- secuiity specialist ma1 cellaberate directl1 1 1ith the PAL the certi cate helder er the regicnal specialist tc sa1i3f1 any issues er ccncems- 1iThen satis ed 511 S-SISEI 11i l retiu11 the cemplete package tc the PM 11itd1 a cc1'er letter recemmending authcrisatien ef OFSPEI 113111 15 1- 11ill prcyide a ceurtesy ccpy cf the carer letter te the regicnal Flight Standards specialist F Data Securi11i Manager tltheugh neta requirement e1e11 manufacturer's 3ecuiit1 decmnent it Iis critical that the ALSP identi a data secu1it'I manager The identit1 ma'I be b1 title- crganiaalicn and e ice 1n the SP prc1ided the certi cate helder submits a letter in 111iting tc the cerh cate hclding district cf ce Cl-DJD 11ith the name and centact fer the data secu1it1 manager The SP shciild state that the eperater shall netify the CHDCII 11id1in- '3 da1 ef subsequent changes tn the data secuIity manager The data secm'it1 manager 13 the perscn 111111 primary fer the and ser1es as the fecal pcint interface 11ith the Federal til-7 1 51 regarding data secuIity_ 3 139 LIERGEES ACQUISITIDNE AND When t1 1 'e er mere SPs cense-lidate hecause ef a merger er acquisitien the censelidatie-n e-f these pregrams is If particular impertance The must give plieIit1 te the accmate censelidatien ef these pregams IE'Ince the R511 accepts the surviving Ipr-e-grani- the eperater she-uld talre actien te ensure secmit1 recerrls reperts- and legs are maintained archived- er transferred as apprepliate em the existing pregram mte the surviving pregram Dining this transiti-e-n the nill determine the time peIied reqmred fer maintaining the tire- s1 'stems in parallel eperatien The pregram sheuld have at least the same capability as the existing pregram_ The integraIi-e-n ef the er-tistingr and surviving pregrams must maintain the integ1it1 ef the secmit1 s1 'stem PEUTIDEFLS The eperater must ensure the centract maintenance previder eemplies 1aith its as required h part 111- 1 111- 353 er part 1 i E- 1133-13- The eperat-e-r 1aill verif1 eempliance 1aith this requirement h1 use If the audit required h1 its Centimung nals sis and Surveillance S1 stem E and I lentinueus 511111 erthIness EIamtenanee Pregam as required 11-1 121 and 111- 37-1- er 1111-1 15 certi cated repairs statien ICES that perferms maintenance prev mamtenanee er alteratiens fer an eperat-e-r that has an under DPS-pee D301 must felleiv the eperat-e-r's pregram as reqtured 111 CF13- part 145- 145 2115 TASK 1L ICemplete the PTRS L'se PTEE cede 5315 fer initial BEEP autl1eIi - alien er i315 fer reiisie-n theree-f In the 'lt-Iatienal Use field- enter 15 3513 Init fer initial autherisatie-u er Rev fer anj resisi-e-ns te DpSpec D3131 er an signi cant secmit1 pregam revisiens even if CtpEpec D3131 is net revised- The Rail must dectmient all reasens te rlen1 ' the in the eemnients secti-e-n ef the PTFLE recerrl- B Future Activities Reutine surveillance can he feund in 5 513 Elements 4-5-1 Estiemcs Special Emphasis PIegrani- PMs Itill cenduct penedic reuline sun eillance ef a11 eperater's 513-1511 te ieii that the eperater maintains net'aerk secmit1 and that the eperate-r has made ne- signi cant changes te the pregram 1aitheut PEI cencm'rence P ls 1sill eiif1 that the recerds and secmit1 legs centinue te centain the re-qtured infermatien t-e- sheiv cempliance If the eperater makes changes te the 15 11313 even 1 1 hen the change Is 111 a revisien te the manufacttuer secmit1 decmnent er adds additicnal medels ef cennected aircraft the 1aill eensult 1911-75-3 te determine if the pee-gram requires reevaluatien In accerdance 1 1' itl1 R'elume 3- Chapter 13 Sectien 2 cf this erder- an1 ' changes reqtming reissuance ef D3111 requires ELF 13-3154 appreval its new cennected aircraft are delivered te- eperaters is taking a preactive appreach te reach eut tn the affected te infemi and assist them in initial implementalien ef DpSpec D3131 HDTE AIS-DID mav reside additie-ual recemmended surveillance tasks in the future- I - Paragraphs 3-49EIIZI threugh 3-4916