Introducing the HICLASS Research Programme - Enabling Development of Complex and Secure Aerospace Systems
1 like•1,194 views
The document discusses the HICLASS research program which aims to enable UK industry to build the most complex, connected, and cyber-secure avionic systems. It is a £32 million project over 4 years led by Rolls-Royce with 16 funded partners and 2 unfunded partners. The project will develop integrated solutions to address increasing challenges with system integrity, complexity, connectivity, security, and safety as systems continue to grow in scale and complexity. It will focus on developing technologies in areas like model-based development, verification, security, and future hardware platforms.
![© 2019 Rolls-Royce and Other HICLASS Partners.
© 2019 Rolls-Royce and HICLASS Partners
The information in this document is the property of Rolls-Royce and other HICLASS partners. This information is given in good faith based upon the latest information available to the HICLASS partners, no warranty or representation is given
concerning such information, which must not be taken as establishing any contractual or other commitment binding upon the HICLASS partners.
The information contained in this document is submitted in confidence and is of the kind contemplated by Section[s] [41 and 43] of the Freedom of Information Act 2000. No UK security
classification is applicable to this document. The information contained in this document is not controlled and no export license is required.
1
The HICLASS Research Programme
Enabling Development of Complex and Secure Aerospace Systems
Mike Bennett, Rolls-Royce Control Systems
on behalf of the HICLASS consortium
This work was supported by the HICLASS project,
funded by the Aerospace Technology Institute
and Innovate UK, as project number 113213.](https://image.slidesharecdn.com/bennett-his2019-hiclass-191211153211/85/Introducing-the-HICLASS-Research-Programme-Enabling-Development-of-Complex-and-Secure-Aerospace-Systems-1-320.jpg)
Introducing the HICLASS Research Programme - Enabling Development of Complex and Secure Aerospace Systems
- 1. © 2019 Rolls-Royce and Other HICLASS Partners. © 2019 Rolls-Royce and HICLASS Partners The information in this document is the property of Rolls-Royce and other HICLASS partners. This information is given in good faith based upon the latest information available to the HICLASS partners, no warranty or representation is given concerning such information, which must not be taken as establishing any contractual or other commitment binding upon the HICLASS partners. The information contained in this document is submitted in confidence and is of the kind contemplated by Section[s] [41 and 43] of the Freedom of Information Act 2000. No UK security classification is applicable to this document. The information contained in this document is not controlled and no export license is required. 1 The HICLASS Research Programme Enabling Development of Complex and Secure Aerospace Systems Mike Bennett, Rolls-Royce Control Systems on behalf of the HICLASS consortium This work was supported by the HICLASS project, funded by the Aerospace Technology Institute and Innovate UK, as project number 113213.
- 2. © 2019 Rolls-Royce and Other HICLASS Partners. 2 HICLASS will enable UK industry to build and support the most complex, connected, cyber-secure avionic systems in the world • £32M project over 4 years • Started July 2019 • Led by Rolls-Royce • 16 funded partners • 2 unfunded partners • Engagement with DSTL Project Overview Systems developers, tool suppliers and academics working together to develop integrated solutions
- 3. © 2019 Rolls-Royce and Other HICLASS Partners. Opportunity 3. Position for New Markets 4. Ongoing Cost Avoidance 1. Exploit Existing Markets Lower-cost assured software and electronics are key enablers Aerospace High-Integrity Tools and Services 2. Secure Existing Markets Adjacent Markets
- 4. © 2019 Rolls-Royce and Other HICLASS Partners. 0 1 2 3 4 5 6 7 8 9 Integrity Complexity Digital Dependence Connectivity Security Safety 4 Increasing Scale and Complexity The systems we can practically build today The systems we’d like to be able to build
- 5. © 2019 Rolls-Royce and Other HICLASS Partners. 5 Continuing the journey…. • Model-Based Development • Open Toolchains • Improved Architectures • Improved / Automated / Formal Verification • Pooling niche skills and build community • Enhance understanding of shared problems • Multi-core • Security • Electronic platform technologies Technologies Matured and Expanded ASSET
- 6. © 2019 Rolls-Royce and Other HICLASS Partners. 6 Work Package Overview WP4 Integration & Embedding Integrated product demonstrators WP3 Advanced Verification Timing Analysis for complex systems eg. multi-core and distributed Automated, scalable and model- based Early and virtual integration WP2 Future Platforms and Development Integrated Model- Based Engineering Reusable Components and Product Lines Cyber-secure architectures and mechanisms High-Integrity connectivity, networks and data distribution WP1 Domain Exploitation for HICLASS Systems Product opportunities and exploitation for HICLASS systems Develop a cross- industry cyber- security approach for avionics and drive regulation Themes Scope requirements, refine exploitation opportunities and develop cross-industry security approach Develop 34 advanced technologies in 14 complementary work packages Systems developers integrate technologies Advanced hardware platforms and smart sensors Security Verification Technologies
- 7. © 2019 Rolls-Royce and Other HICLASS Partners. 7 Technologies Model Based System Engineering Model-Based Software Development Automated Verification for Certification Secure Formal Code Executable Models Rapid Integration of Complex Systems Next Generation Platform 9 electronic and software platform technologies 11 Security Technologies 4 specification and modelling technologies 7 verification and test technologies Multi-Core Processing 3 Multi-Core Technologies Agile Find and Fix
- 8. © 2019 Rolls-Royce and Other HICLASS Partners. 8 New Areas - Multi-Core Timing Verification • Online monitoring limits contention and interference within predetermined bounds • Robust allocation & scheduling restricts contention for shared resources and supports graceful degradation • Processor & resource demands obtained via measurement-based analysis • Micro-benchmarks quantify sensitivity to different levels of interference • Multi-cores contain HW resources that are shared between cores causing timing unpredictability • Regulator provides objectives that must be met for certification • How to meet those objectives? 1. Mechanisms 2. Testing and Analysis 3. Building Argument 4. Improving Regulation • FAA/EASA Feedback
- 9. © 2019 Rolls-Royce and Other HICLASS Partners. • Current Status: - Safety: many years industry experience. - Security • Many security process standards. • Aerospace security standards (ED-202A/DO-326A) only recently published about to be adopted as Acceptable Means of Compliance - Lack of expertise in certification • Now expressed as customer requirements - Key Issues: • Expertise is theoretical rather practical • Integration of security and safety • Cost effectiveness 9 New Areas – Security (1/2) Security Risk Assessment related activities Airworthiness acceptability matrix 3 – Security Risk Assessment (3.2) 2 - Security Scope Definition (3.1) Certification related activities 1 - Plan for Security Aspects of Certification (PSecAC) 7 - Communication of evidences (PSecAC Summary) Not Acceptable Security Risk 4 - Are security risks acceptable ? Security Development related activities 5 - Security Development (3.4)6 - Security Effectiveness Assurance (3.3) Architecture Modifications Architecture under consideration
- 10. © 2019 Rolls-Royce and Other HICLASS Partners. - Share and Develop Best Practice • Create some common elements e.g. Threat Model • Stopping criteria • Advice covering the interaction of security measures with safety, - e.g. safety impact of security measure failure modes - Develop Security Technologies • Binary vulnerability analysis • Cyber-hardening (eg. compiler) • Fuzz testing • On-board Security Information and Event Management (SIEM) • Secure Data Communications, Loading and Update - Engagement with industry working groups 10 New Areas – Security (2/2) One example of some of the technology interactions
- 11. © 2019 Rolls-Royce and Other HICLASS Partners. • Dissemination events • Aerospace Software Systems Engineering & Technology (ASSET) partnership - Identification of Gaps! • Work with specific partners on particular topics - Case studies - Supply of tools 11 Engaging with HICLASS
- 12. © 2019 Rolls-Royce and Other HICLASS Partners. • The Aerospace Software Systems Engineering & Technology (ASSET) partnership. • ‘Club’ open to all organisations undertaking technical work in aerospace software and systems engineering in the UK - Inc. system suppliers, software houses, tool suppliers, government agencies, academic research organisations) - No NDA / Collaboration Agreement - Publication under Creative Commons Licence • Constitution developed during the SECT-AIR project • Starting small - currently run on a volunteer basis as a pilot with a proposed small subscription fee from 2020 managed through University of York • Sharing best practice in industry-led working groups (eg. Agile and CPD) 12 Offer different perspectives ASSET
- 13. © 2019 Rolls-Royce and Other HICLASS Partners. • Rolls Royce in on a software transformation journey • More products, projects and software • Current approach is difficult to sustain 13 Rolls-Royce Exploitation
- 14. © 2019 Rolls-Royce and Other HICLASS Partners. • HICLASS is key enabler to the UK to build cyber-secure systems of the future • Important part of enhancing the UK capability in high-integrity systems and software engineering • Highly collaborative with an array of technologies being developed • Main focus in civil aerospace but cross-sector exploitation is expected • Come and talk to us to find out more! 14 Summary and Conclusions
- 15. © 2019 Rolls-Royce and Other HICLASS Partners. 15 Partner leads Organisation Lead Contact Rolls-Royce Mike Bennett Adacore Paul Butcher Altran Katie Smith BAE Systems Malcolm Earl Callen-Lenz Martin Ward Cobham Paul Moses Cocotec Philippa Hopcroft D-RisQ Nick Tudor GDUK Matt Saint-Gregory GE Aviation Kevin Grover Leonardo Donald Taylor MBDA Lee Jacques Oxford Daniel Kroening Rapita Systems Adam Barker Southampton Colin Snook Thales Peter Bland Ultra Aleem Saleh York Iain Bate
- 16. © 2019 Rolls-Royce and Other HICLASS Partners. 16 WP Breakdown WP1 WP1.1 Future Products and Impact (Rolls-Royce) WP 1.2 Embedded Cyber-Security Standards, Approach and Process (Thales) WP2 WP2.1 Ensuring Data Communication Integrity (Thales) WP2.2 Technologies for Cyber Hardening (GDUK) WP2.3 Full-lifecycle Model-Based Development Environment (Altran) WP2.4 Specification Environment for Complex Systems (Altran) WP2.5 Flexible, Secure and Segregated Software Architecture Frameworks (Rolls-Royce) WP2.6 Enhanced Software Update and Maintenance Capability (Rolls-Royce) WP2.7 Future complex, safety-critical and modular hardware platform (Rolls-Royce) WP3 WP3.1 Automatic formal verification (D-RisQ) WP3.2 Semi-automatic formal verification (DRisQ) WP3.3 Automated Low Level Verification (Rapita) WP3.4 Automated verification tools for event-driven software (Cocotec) WP3.5 SPARK for HICLASS (Adacore) WP3.6 Integrated Framework for Managing the Timing of New Complex Architectures (York) WP3.7 Automated System-Level Testing (Altran) WP4 WP4.1 Future Engine Controls and Monitoring Computing Platform (Rolls- Royce) WP4.2 Innovative Flight Control System (Callen-Lenz) WP4.3 Next Generation Control System (Rapita) WP4.4 Safe & Secure Processing Reference Design (GDUK) WP4.5 Future Power Systems (GE)