Threat modeling for aircraft access to national airspace system wide information management program

Within the Federal Aviation Administration's (FAA) NextGen project, System Wide Information Management (SWIM) program is the essential core in facilitating the collaborative access to the aviation information by various stakeholders. The Aircraft Access to SWIM (AAtS) is a Service Oriented Architecture (SOA) that provides the technical platform for the exchange of situational information between the aircraft and the National Airspace System (NAS). In this research project, we investigate the challenges in one and two way communication between the Electronic Flight Bag (EFB) and the SWIM network architecture. EFBs are utilized for allowing aircrafts' access to SWIM through a Data Link Service (DLS) provided by a Data Link Service Provider (DLSP). Issues such as cybersecurity, performance, availability, and quality of service in the AAtS are investigated and mitigation approaches toward more secure and efficient service provided to the aircraft and to NAS are discussed. To this end, a set of comprehensive tests are carried out in an emulated network in a lab environment to identify and assess some of the issues associated with quality of service (QoS) as well as cybersecurity in both wired and wireless connectivity of Electronic Flight Bags (EFBs). This work also aims to assess the efficiency of different approaches in the downlink and uplink data transmission between aircraft and the AAtS system. Nine operational scenarios are identified in AAtS, where they are tested with three technical communication scenarios that are further correlated with messaging patterns using web-services.