"Zero Trust" Strengthens Aviation Cybersecurity

The Federal Aviation Administration is pursuing a stronger and more resilient cybersecurity approach for its mission-critical infrastructures. MITRE research outlined the path forward.

"The world of cybersecurity is changing," says Frank Buck, who led the research. "Traditional cybersecurity models erect protective boundaries around an organization's systems and data and allow traffic in and out through a single path—a firewall. But as systems and data become more distributed—to the cloud and mobile devices, for instance—that becomes more challenging to do effectively."

The result is that data breaches are occurring across a variety of sectors.

Today, many industries assume attackers will be able to penetrate their networks, and they're taking steps to ensure they immediately detect and thwart those breaches. They're also adopting new approaches to protecting their networks. And they're changing their attitudes about the trust they confer to systems and entities within them.

Many are adopting an approach called "zero trust," where no user and no system—whether inside or outside the organization's network—is trusted.

At MITRE's recommendation, the FAA is moving toward a zero-trust model, starting with its modernization of the infrastructure providing communications at over 4,000 locations. These include air traffic control facilities and remote sites that supply radar, weather, and ground-based navigation aid data.

Zero-Trust Strengthens Boundaries

Zero trust offers several potential benefits in improving security.

"It's not a single technology," Buck says. "Rather, it's made up of existing and new capabilities."

Zero trust seeks to mitigate current cybersecurity weaknesses by distributing protection capabilities closer to sensitive resources and enforcing end-to-end system protections.

"Rather than using a single firewall, zero trust places security resources at the 'edge,' or as close as possible to the end user," Buck explains. "Firewalls are erected at the point where devices touch the network. Traffic is constantly monitored at each of those entry and exit points—not just at one point, as in the traditional model."

The zero-trust model also eliminates the concept of an inside trusted network.

"Instead of trusting devices because of the network they inhabit, zero trust imposes strict access limits on enterprise resources. It always verifies the user and device within the context of the transaction before granting access to the requested resource.

"And data—even data at rest—is encrypted. All of these measures serve to deter attacks."

Considering the Future of Aviation

MITRE, which operates the FAA's federally funded research and development center, researched the issue from several angles before recommending the zero-trust model.

"We assessed the most promising approaches to cybersecurity that industry employs, and we did so with an eye toward future aviation needs," Buck says.

"For instance, as the aerospace system evolves to accommodate new types of vehicles—from the Earth's surface to space—shared commercial telecommunications solutions will be needed to connect vehicles, operators, and service providers." That will require the FAA to move from its current, privately owned infrastructure to a shared Internet Protocol-based infrastructure (an IP network).

"We also determined that the FAA will need to move beyond a traditional cybersecurity model to combat the increasingly sophisticated capabilities of malicious actors. There are also growing security demands that new technologies and the move toward the Internet of Things create. Our analysis indicated that the zero-trust model was the best option."

The FAA is now working toward both goals—the move to an IP network and adoption of the zero-trust model.

MITRE is helping the agency develop the requirements for its replacement telecommunications system and the zero-trust model cybersecurity capabilities that will help keep that infrastructure secure.

The FAA is also exploring options for integrating the components of a zero-trust model into its other systems and networks over time.

Supporting the Future Vision of Seamless Surface-to-Space Operations

The move to zero trust will become increasingly valuable as the FAA implements its future vision for the National Airspace System. The agency's vision considers all of the infrastructures, partnerships, and information dissemination mechanisms that will be needed to support seamless operations from surface to space.

"One of the tenets of that vision is ubiquitous system-to-system communications and collaboration across aviation users and partners," Buck says. "Traditional security models will not be effective in that kind of distributed system. But a zero-trust model offers great promise."

—By Marlis McCollum