KIPS Transactions on Software and Data Engineering (정보처리학회논문지:소프트웨어 및 데이터공학)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Design of Risk-Based Security Threat Assessment Process for Fighter-Aircraft Airworthiness Security Certification

전투기 감항 보안 인증을 위한 위험기반 보안위협 평가 프로세스 설계

  • 김현주 (국방대학교 컴퓨터공학전공) ;
  • 강동수 (국방대학교 컴퓨터공학전공/사이버전과정)
  • Received : 2018.11.13
  • Accepted : 2018.12.12
  • Published : 2019.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

첨단 무기체계들이 고도로 연동되어 수행되는 네트워크 중심전에서는 사이버 공격이 전쟁의 승패를 좌우하는 커다란 위협으로 대두되었다. 또한 최신예 전투기로 발전할수록 증가하는 소프트웨어 의존도는 사이버 공격에 대한 전투기 소프트웨어의 강화된 보안대책을 요구하고 있다. 본 논문에서는 항공기 감항 보안 인증 표준인 DO-326A를 적용함에 있어 전투기의 특성 및 운용환경을 반영하여 위험기반 보안위협 평가 프로세스를 설계한다. 이를 위하여 DO-326A의 감항 보안 인증 프로세스의 보안위협 평가 단계에서 전투기 보안위협을 도출하고 사이버 공격의 발생 가능성과 전투기에 미치는 영향력의 관점에서 위협을 점수화하며 보안위험 심각도를 결정하는 단계를 추가하여 적용한다.

Keywords

JBCRJM_2019_v8n6_223_f0001.png 이미지

Fig. 1. Example of Threat Tree

JBCRJM_2019_v8n6_223_f0002.png 이미지

Fig. 2. Information Security Risk Management Process

JBCRJM_2019_v8n6_223_f0003.png 이미지

Fig. 3. Airworthiness Security Certification Process based on Risk

JBCRJM_2019_v8n6_223_f0004.png 이미지

Fig. 4. Rule of Generating Security Threat Sentence

JBCRJM_2019_v8n6_223_f0005.png 이미지

Fig. 5. Generating of Threat Tree

JBCRJM_2019_v8n6_223_f0006.png 이미지

Fig. 6. Data Interlocking System of Fighter-Aircraft

JBCRJM_2019_v8n6_223_f0007.png 이미지

Fig. 7. Example of Threat Tree

Table 1. Airworthiness Security Acceptability Matrix

JBCRJM_2019_v8n6_223_t0001.png 이미지

Table 2. Threat Sentence Structure of CC ToolBox/PKB

JBCRJM_2019_v8n6_223_t0002.png 이미지

Table 3. Threat Sentence Structure of OCTAVE

JBCRJM_2019_v8n6_223_t0003.png 이미지

Table 4. Comparison of Security Threat Derivation Methods

JBCRJM_2019_v8n6_223_t0004.png 이미지

Table 5. Threat Agent Factors

JBCRJM_2019_v8n6_223_t0005.png 이미지

Table 6. Attack Method Factors

JBCRJM_2019_v8n6_223_t0006.png 이미지

Table 7. Aircraft & Mission Impact Factors

JBCRJM_2019_v8n6_223_t0007.png 이미지

Table 8. Technical Impact Factors

JBCRJM_2019_v8n6_223_t0008.png 이미지

Table 9. Example of Likelihood & Impact Scoring

JBCRJM_2019_v8n6_223_t0009.png 이미지

Table 10. Likelihood & Impact Definition

JBCRJM_2019_v8n6_223_t0010.png 이미지

Table 11. Determining the Severity of the Risk

JBCRJM_2019_v8n6_223_t0011.png 이미지

Table 12. Likelihood & Impact Definition

JBCRJM_2019_v8n6_223_t0012.png 이미지

Table 13. Likelihood & Impact Definition

JBCRJM_2019_v8n6_223_t0013.png 이미지

Table 14. Determinig the Severity of the Risk & Apply Airworthiness Security Acceptability Matrix

JBCRJM_2019_v8n6_223_t0014.png 이미지

References

  1. Government Accountability Office, FAA Needs a More Comprehensive Approach to Address Cybersecurity As Agency Transitions to NextGen, GAO Report, 2015.
  2. H. J. Kim and D. S. Kang, "A Study of Fighter-plane Airworthiness Security Certification," in Proceedings of KIPS, Vol.25, No.1, pp.117-120, 2018.
  3. D. M. Seo, K. J. Cha, Y. S. Shin, C. H. Jeong, and Y. M. Kim, "Assessment Method of Step-by-Step Cyber Security in the Software Development Life Cycle," Jounal of KIISC, Vol.25, No.2, pp.363-373, 2015.
  4. M. G. Han and T. K. Park, "A Study on Intergrated Airworthiness Certification Criteria for Avionics Software Safety and Security," Journal of the Korean Society for Aeronautical & Space Sciences, Vol.46, No.1, pp.86-94, 2018. https://doi.org/10.5139/JKSAS.2018.46.1.86
  5. RTCA, DO-326A, Airworthiness Security Process Specification, Aug. 6, 2014.
  6. RTCA, DO-356, Airworthiness Security Methods and Consideration, Sep. 23, 2014.
  7. Adam Shostack, Threat Modeling: Designing for Security, H.Y., Yang, etc., Acorn Publisher, 2016.
  8. E. J. Park and S. J. Kim, "Derivation of Security Requirements of Smart Factory Based on STRIDE Threat Modeling," Journal of the Korea Institute of Information Security & Cryptology, Vol.27, No.6, pp.1467-1482, 2017. https://doi.org/10.13089/JKIISC.2017.27.6.1467
  9. J. S. Han, K. J. Kim, and Y. J. Song, Introduction of UML, Hanbit Academy, 2008.
  10. G. Sindre and A. L. Opdahl, "Templates for Misuse Case Description," Proceeding of. 7th International Workshop on Requirements Engineering, pp.26-28, 2001.
  11. S. S. Choi, S. J. Jang, M. G. Choi, and G. S. Lee, "A Methodology for CC-based Security Requirements Analysis and Specification by using Misuse Case Model," Journal of KIISC, Vol.14, No.3, pp.85-100, 2004.
  12. Common Criteria, Common Criteria for Information Technology Security Evaluation Version 3.1, 2017.
  13. K. S. Lee, J. H. Ko, S. J. Jang, S. J. Choi, and S. H. Hwang, Analysis of Security Environment for the Common Criteria based protection Profile, Research Report, Korea Information Security Agency, 2002.
  14. C. J. Alberts and A. J. Dorofee, OCTAVE Criteria, Version 2.0. Technical Report, Carnegie Mellon Software Engineering Institute, 2001.
  15. ISO/IEC 27001, Information technology, Security techniques, Information security management systems, Requirements, 2014.
  16. ISO/IEC 27005, Imformation Technology, Security techniques, Information security risk management, 2014.
  17. J. H. Ko and K. S. Lee, "A Threat Statement Generation Method for Security Environment of Protection Profil," Journal of Society for e-Business Studies, Vol.8, No.3, pp. 69-86, 2003.
  18. Matteo Meucci, Andrew Muller, "Testing Guide 4.0 Release," 2015.
  19. J. S. Choi and K. H. Kook, "Secure Coding Rule Selecting Evaluation for Air Warfare System Considering Military Air Worthiness," Journal of Security Engineering, Vol.11, No. 6, pp.439-454, 2014. https://doi.org/10.14257/jse.2014.12.01
  20. CVE Details [Internet], https://www.cvedetails.com/(Search 2018. 12.16.)