Methods and systems for use in identifying cyber-security threats in an aviation platform
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
H04L-029/06
G06F-021/55
출원번호
US-0540955
(2012-07-03)
등록번호
US-9178897
(2015-11-03)
발명자
/ 주소
Bush, John Eric
Ayyagari, Arun
Li, Winfeng
Lorimer, Shawn W.
Benson, Matthew L.
Bates, Steven J.
Craig, John A.
출원인 / 주소
The Boeing Company
대리인 / 주소
Armstrong Teasdale LLP
인용정보
피인용 횟수 :
1인용 특허 :
9
초록▼
Methods and apparatus for use in identifying cyber-security threats for an aircraft are provided. The method includes storing parts information relating to each hardware and software component used on the aircraft in an aircraft parts database, receiving, by a computing device, a cyber-security thre
Methods and apparatus for use in identifying cyber-security threats for an aircraft are provided. The method includes storing parts information relating to each hardware and software component used on the aircraft in an aircraft parts database, receiving, by a computing device, a cyber-security threat, and determining, by the computing device, a threat is relevant to the aircraft by comparing the received threats to the stored parts information.
대표청구항▼
1. A method for use in identifying cyber-security threats for an aircraft, said method comprising: storing parts information relating to at least some hardware and software components used on the aircraft, including a map of how each hardware and software component is connected together within the a
1. A method for use in identifying cyber-security threats for an aircraft, said method comprising: storing parts information relating to at least some hardware and software components used on the aircraft, including a map of how each hardware and software component is connected together within the aircraft;receiving, by a first computing device, a cyber-security threat;determining, based at least in part on the map, a potential path of the cyber-security threat to a targeted system of the aircraft;determining a number of components in the potential path between an entry point of the threat and the targeted system; andadjusting a threat priority in inverse proportion to the number of components in the potential path. 2. A method in accordance with claim 1, wherein storing parts information further comprises storing at least a safety description and a business description associated with a hardware and software component. 3. A method in accordance with claim 2, further comprising determining at least one of a safety impact and a business impact by comparing the received threat to at least one of the stored safety description and the stored business description. 4. A method in accordance with claim 3, further comprising determining a threat relevancy score based on at least one of the determined safety impact and the determined business impact. 5. A method in accordance with claim 1, further comprising: determining that one of the components in the aircraft is affected by the cyber-security threat and that the component is isolated from the other components in the aircraft; andassigning a lower threat priority score to the cyber-security threat than if the component was not isolated. 6. A method in accordance with claim 1, further comprising comparing the threat to a threat tree model in a threat tree database. 7. A method in accordance with claim 1, further comprising analyzing the received cyber-security threat to update at least one of a business description and a safety description. 8. A method in accordance with claim 1, wherein receiving, by a first computing device, a cyber-security threat further comprises receiving a cyber-security threat with at least one of a safety description and a business description associated with the received threat. 9. A method in accordance with claim 1, wherein receiving a cyber-security threat further comprises receiving a cyber-security threat from at least one of Common Vulnerabilities and Exposures List (CVE), National Institute of Standards and Technology (NIST), European Network and Information Security Agency (ENISA), and MITRE. 10. A system for use in identifying cyber-security threats for an aircraft, said system comprising: a storage device that stores part information relating to at least some hardware and software components used on the aircraft, including a map of how each hardware and software component is connected together within the aircraft;a communications unit configured to receive at least one cyber-security threat; anda processor unit coupled to said storage device and said communications unit, wherein said processor unit is programmed to:determine, based at least on the map, a potential path of the cyber-security threat to a targeted system of the aircraft;determine a number of components in the potential path between an entry point of the threat and the targeted system; andadjust a threat priority in inverse proportion to the number of components in the potential path. 11. A system in accordance with claim 10, wherein said processor unit is programmed to determine at least one of a safety impact and a business impact by comparing the received threat to at least one of a safety description and a business description stored in said storage device. 12. A system in accordance with claim 11, wherein said processor unit is further programmed to determine a threat relevancy score based on at least one of the determined safety impact and the determined business impact. 13. A system in accordance with claim 10, wherein said processor unit is further programmed to: determine that one of the components in the aircraft is affected by the cyber-security threat and that the component is isolated from the other components in the aircraft; andassign a lower threat priority score to the cyber-security threat than if the component was not isolated. 14. A system in accordance with claim 10, wherein said processor unit is further programmed to analyze the received cyber-security threat to update at least one of a business description and a safety description. 15. A system in accordance with claim 10, wherein said communications unit is further configured to receive the cyber-security threat from at least one of Common Vulnerabilities and Exposures List (CVE), National Institute of Standards and Technology (NIST), European Network and Information Security Agency (ENISA), and MITRE. 16. One or more non-transitory computer readable media having computer-executable components, said components comprising: a communications component that when executed by at least one processor unit in a first computing device causes the at least one processor unit to: receive a cyber-security threat; andstore part information relating to at least one hardware and software component used on an aircraft, including a map of how each hardware and software component is connected together within the aircraft;a threat evaluation component that when executed by the at least one processor unit causes the at least one processor unit to: determine, based at least in part on the map, a potential path of the cyber-security threat to a targeted system of the aircraft;determine a number of components in the potential path between an entry point of the threat and the targeted system; andadjust a threat priority in inverse proportion to the number of components in the potential path. 17. One or more non-transitory computer readable media in accordance with claim 16, wherein said threat determination component further causes the at least one processor to determine at least one of a safety impact and a business impact by comparing the received cyber-security threat to at least one of a safety description and a business description stored by said communications component. 18. One or more non-transitory computer readable media in accordance with claim 17, further comprising a threat relevancy component that when executed by at least one processor unit causes the at least one processor unit to: determine a threat relevancy score based on at least one of said determined safety impact and the determined business impact. 19. One or more non-transitory computer readable media in accordance with claim 16, further comprising computer-executable instructions that cause the at least one processor to: determine that one of the components in the aircraft is affected by the cyber-security threat and that the component is isolated from the other components in the aircraft; andassign a lower threat priority score to the cyber-security threat than if the component was not isolated. 20. One or more non-transitory computer readable media in accordance with claim 16, wherein said threat evaluation component, when executed by the at least one processor unit, further causes the at least one processor unit to: analyze the received cyber-security threat to update at least one of a business description and a safety description.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (9)
Mullen, Jeffrey D, Advanced cooperative defensive military tactics, armor, and systems.
Abraham, Michael R.; Witt, Christian C.; Yelton, Dennis J.; Sanders-Reed, John N.; Musial, Christopher J., Aircraft collision sense and avoidance system and method.
Varghese, Thomas Emmanual; Fisher, Jon Bryan; Harris, Steven Lucas; Durai, Don Bosco, System and method for fraud monitoring, detection, and tiered user authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.