Caracterização de Cenários e Garantias de Segurança em Carregamentos de Software Aeronáutico
Resumo
O carregamento de software em campo acontece quando uma nova versão de software é necessária para corrigir erros previamente identificados ou incluir novas funcionalidades ou melhorias. O software carregado em campo (Field-Loadable Software FLS) fornece dados externos transmitidos através do carregamento de dados na aeronave a partir das conexões externas que suportam a manutenção. Quando há uma adição ou modificação de conectividade e interfaces, novas oportunidades para corrupção e adulteração de sistemas na aeronave podem ser acrescentadas. O objetivo deste trabalho é caracterizar os cenários de carregamento de software em aeronaves e tratativas para possíveis ameaças que envolvam segurança da informação neste processo.
Referências
CAAR (2009). "When failure is an option: Redundancy, reliability and regulation in complex technical systems". Em: Relatório do Center for Analysis for Risk and Regulation.
Dolega, B., Kopecki, G. and Tomczyk, A. (2016). Possibilities of using software redundancy in low cost aeronautical control systems. In. 2016 IEEE Metrology for Aerospace (MetroAeroSpace), páginas 33-37.
Eisemann, U. (2016). Applying Model-Based Techniques for Aerospace Projects in Accordance with DO178C, DO-331, and DO-333. Em: 8th European Congress on Embedded Real Time Software and Systems.
Lemes, M. J. R., Altoé, F. O., Domiciano, A. J. and Carbonari, A. J. (2003). Software certification in airborne systems: process and challenges. Em: 2003 Latin American on Dependable Computing (LADC).
Marcil, L. (2012). Realizing DO-178C's value by using new technology: OOT, MBDV, TQC & FM. Em: 2012 IEEE/AIAA 31st Digital Avionics Systems Conference (DASC).
Marques, J. C., Yelisetty, S. M. H., Cunha, A. M., Dias, L. A. V. (2013). CARD-RM: A Reference Model for Airborne Software. Em: 2013 10th International Conference on Information Technology: New Generations.
Marques, J. C., Cunha, A. M. (2017). Verification scenarios of onboard databases under the RTCA DO-178C and the RTCA DO-200B. Em: 2017 IEEE/AIAA 36th Digital Avionics Systems Conference (DASC).
Marques, J. C., Cunha, A. M. (2018). Tailoring Traditional Software Life Cycles to Ensure Compliance of RTCA DO-178C and DO-331 with Model-Driven Design. Em: 2018 IEEE/AIAA 37th Digital Avionics Systems Conference (DASC).
Marsden, J., Windisch, A., Mayo, R., Grossi, J., Villermin, J., Fabre, L., Aventini, C. (2018). ED-12C/DO-178C vs. Agile Manifesto – A Solution to Agile Development of Certifiable Avionics Systems. Em: 9th European Congress of Embedded RealTime Software and Systems.
Moy, Y., Ledinot, E., Delseny, H., Wiels, V., Monate, B. (2013). Testing or Formal Verification: DO-178C Alternatives and Industrial Experience. Em: IEEE Software (Volume:30, Issue:3), páginas 50-57.
Paz, A., Bousaidi, G. (2016). On the Exploration of Model-Based Support for DO-178C- Compliant Avionics Software Development and Certification. Em: 2016 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW).
Rogers, C. (2008). Choosing a CRC & specifying its requirements for field-loadable software. Em. 2008 IEEE/AIAA 27th Digital Avionics Systems Conference.
RTCA (1992). "DO-178B - Software Considerations in Airborne Systems and Equipment Certification", Washington, Estados Unidos.
RTCA (2011). "DO-178C - Software Considerations in Airborne Systems and Equipment Certification", Washington, Estados Unidos.
RTCA (2014a). "DO-326A - Airworthiness Security Process Specification", Washington, Estados Unidos. Washington, Estados Unidos.
RTCA (2014b). "DO-356 - Airworthiness Security Methods and Consideration", Sarkis, A., Dias, L. A. V. (2014). A Set of Rules for Production of Design Models Compliant with Standards DO-178C and DO-331. Em: 2014 11th International Conference on Information Technology: New Generations.
Sklaroff, J. R. (1976). Redundancy Management Technique for Space Shuttle Computers. Em. IBM Journal of Research and Development (Volume: 20, Issue: 10).
VanderLeest, S. H., Andrew Buter, A. (2009). Escape the waterfall: Agile for aerospace. Em: 2009 IEEE/AIAA 28th Digital Avionics Systems Conference.
Youn, W. K., S Hong, S. B., Oh K. R., Sung Ahn O. S. (2015). Software certification of safety-critical avionic systems: DO-178C and its impacts. Em: IEEE Aerospace and Electronic Systems Magazine (Volume: 30, Issue: 4), páginas 4-13.
Dolega, B., Kopecki, G. and Tomczyk, A. (2016). Possibilities of using software redundancy in low cost aeronautical control systems. In. 2016 IEEE Metrology for Aerospace (MetroAeroSpace), páginas 33-37.
Eisemann, U. (2016). Applying Model-Based Techniques for Aerospace Projects in Accordance with DO178C, DO-331, and DO-333. Em: 8th European Congress on Embedded Real Time Software and Systems.
Lemes, M. J. R., Altoé, F. O., Domiciano, A. J. and Carbonari, A. J. (2003). Software certification in airborne systems: process and challenges. Em: 2003 Latin American on Dependable Computing (LADC).
Marcil, L. (2012). Realizing DO-178C's value by using new technology: OOT, MBDV, TQC & FM. Em: 2012 IEEE/AIAA 31st Digital Avionics Systems Conference (DASC).
Marques, J. C., Yelisetty, S. M. H., Cunha, A. M., Dias, L. A. V. (2013). CARD-RM: A Reference Model for Airborne Software. Em: 2013 10th International Conference on Information Technology: New Generations.
Marques, J. C., Cunha, A. M. (2017). Verification scenarios of onboard databases under the RTCA DO-178C and the RTCA DO-200B. Em: 2017 IEEE/AIAA 36th Digital Avionics Systems Conference (DASC).
Marques, J. C., Cunha, A. M. (2018). Tailoring Traditional Software Life Cycles to Ensure Compliance of RTCA DO-178C and DO-331 with Model-Driven Design. Em: 2018 IEEE/AIAA 37th Digital Avionics Systems Conference (DASC).
Marsden, J., Windisch, A., Mayo, R., Grossi, J., Villermin, J., Fabre, L., Aventini, C. (2018). ED-12C/DO-178C vs. Agile Manifesto – A Solution to Agile Development of Certifiable Avionics Systems. Em: 9th European Congress of Embedded RealTime Software and Systems.
Moy, Y., Ledinot, E., Delseny, H., Wiels, V., Monate, B. (2013). Testing or Formal Verification: DO-178C Alternatives and Industrial Experience. Em: IEEE Software (Volume:30, Issue:3), páginas 50-57.
Paz, A., Bousaidi, G. (2016). On the Exploration of Model-Based Support for DO-178C- Compliant Avionics Software Development and Certification. Em: 2016 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW).
Rogers, C. (2008). Choosing a CRC & specifying its requirements for field-loadable software. Em. 2008 IEEE/AIAA 27th Digital Avionics Systems Conference.
RTCA (1992). "DO-178B - Software Considerations in Airborne Systems and Equipment Certification", Washington, Estados Unidos.
RTCA (2011). "DO-178C - Software Considerations in Airborne Systems and Equipment Certification", Washington, Estados Unidos.
RTCA (2014a). "DO-326A - Airworthiness Security Process Specification", Washington, Estados Unidos. Washington, Estados Unidos.
RTCA (2014b). "DO-356 - Airworthiness Security Methods and Consideration", Sarkis, A., Dias, L. A. V. (2014). A Set of Rules for Production of Design Models Compliant with Standards DO-178C and DO-331. Em: 2014 11th International Conference on Information Technology: New Generations.
Sklaroff, J. R. (1976). Redundancy Management Technique for Space Shuttle Computers. Em. IBM Journal of Research and Development (Volume: 20, Issue: 10).
VanderLeest, S. H., Andrew Buter, A. (2009). Escape the waterfall: Agile for aerospace. Em: 2009 IEEE/AIAA 28th Digital Avionics Systems Conference.
Youn, W. K., S Hong, S. B., Oh K. R., Sung Ahn O. S. (2015). Software certification of safety-critical avionic systems: DO-178C and its impacts. Em: IEEE Aerospace and Electronic Systems Magazine (Volume: 30, Issue: 4), páginas 4-13.
Publicado
02/09/2019
Como Citar
MARQUES, Johnny; HAYASHI, Sarasuaty; BARROS, Lillian.
Caracterização de Cenários e Garantias de Segurança em Carregamentos de Software Aeronáutico. In: WORKSHOP DE REGULAÇÃO, AVALIAÇÃO DA CONFORMIDADE E CERTIFICAÇÃO DE SEGURANÇA, 5. , 2019, São Paulo.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 1-10.
DOI: https://doi.org/10.5753/wrac.2019.14031.
