FAA asks industry for aircraft system security and protection technologies

WASHINGTON, 4 March 2016. Federal Aviation Administration (FAA) officials in Washington, concerned about aircraft network systems security on current and future aircraft, have issued Broad Agency Announcement (BAA) DTFACT-16-R-00037 for Aircraft Systems Information Security/Protection (ASISP).

FAA asks industry for aircraft system security and protection technologies
FAA asks industry for aircraft system security and protection technologies

WASHINGTON, 4 March 2016. Federal Aviation Administration (FAA) officials in Washington, concerned about aircraft network systems security on current and future aircraft, have issued Broad Agency Announcement (BAA) DTFACT-16-R-00037 for Aircraft Systems Information Security/Protection (ASISP).

Future generations of aircraft will be increasingly network centric to expand aircraft connectivity for improved safety, operations, and maintenance. Aircraft manufacturers and modifiers are installing avionics systems to enable increased connectivity within an aircraft as well as to networks external to the aircraft to take full advantage of new computer technologies for more efficient aircraft operations and safety enhancements.

FAA asks industry for aircraft system security and protection technologiesFAA asks industry for aircraft system security and protection technologies
Stoyan Yotov / Shutterstock.com

The increased connectivity, particularly to external networks and systems without sufficient security controls could introduce information security vulnerabilities, which if exploited, might impact the safety of aircraft operations and continued airworthiness.

Examples of such external networks and services include: airline operation centers, airport gate links, flight information databases, and aircraft software uploads and maintenance.

FAAFAAResearch is needed to address Aircraft Systems Information Security / Protection (ASISP) concerns, encompassing aircraft certification and continued operational safety. The focus is on the aircraft itself and does not encompass the entire national airspace system (NAS), but does include aircraft connectivity to external links (also called access points or apertures). The research will explore where ASISP-related threats and risks can compromise fail-safe mechanisms in the architecture, design, and operation of aircraft systems, including ASISP-related particular risks that might lead to common cause failures.


Some of these concerns were documented by the Government Accountability Office (GAO) in report GAO-15-370, “FAA Needs a More Comprehensive Approach to Address Cybersecurity.” Click here for more information.

In summary, this ASISP research effort will develop a timely process to explore security vulnerability/threat identification and risk identification/mitigation to provide the necessary information to support the FAA’s eventual development of aviation policies, regulation, and training requirements to ensure the resilience of aircraft network systems from cyber-attacks.

More specifically, this Broad Agency Announcement (BAA) provides direct support to the FAA NextGen Aviation Research Division (ANG-E2) to research, develop, and apply methodologies for ASISP Safety Risk Assessment (SRA) associated with avionics systems onboard aircraft operated in the U.S. National Airspace System (NAS). This research, including the resulting methodologies and SRAs, is intended to assist decision-making by the FAA’s Aviation Safety (AVS) organization to establish appropriate safety policies and regulations.

BROAD AGENCY ANNOUNCEMENT (BAA) for
Aircraft Systems Information Security/Protection (ASISP)
Date Posted 03/01/2016
Date Closed 06/30/2016
Solicitation / Contract #DTFACT-16-R-00037
Contact Name / Organization Karen Mercer / AAQ-610
Region Issuing Office CT - William J. Hughes Technical Center (Atlantic City, NJ)
Phone / Email 609-485-6747 / karen.mercer@faa.gov
NAICS Code 541712 -- Research and Development in the Physical, Engineering, and Life Sciences (except Biotechnology)
Classification Code A -- Research & Development
Region(s) of Performance CT - William J. Hughes Technical Center (Atlantic City, NJ)
The purpose of this announcement is to inform all interested parties of this research and development opportunity. The Technical Summary Proposals (TSP) must meet the document requirements described in the attached. Offerors will submit TSPs of no more than 5 pages (see details in attachment). TSPs received within 21 calendar days of BAA posting will receive priority consideration for review and funding.
An electronic version of the summary proposal will be emailed to technical POC john.peace@faa.gov, and to contracting officer karen.mercer@faa.gov. The electronic version must be provided in either Microsoft Word (.docx) or portable document (pdf) format.


You might also like:

  • Avionics
  • Air Traffic Control (ATC)
  • Satellite and Space
  • Unmanned Aircraft Systems (UAS)
  • Subscribe today to receive all the latest aerospace technology and engineering news, delivered directly to your e-mail inbox twice a week (Tuesdays and Thursdays). Sign upfor your free subscription to the Intelligent Inbox e-newsletter at http://www.intelligent-aerospace.com/subscribe.html.

    Connect with Intelligent Aerospace on social media: Twitter (@IntelligentAero), LinkedIn,Google+, and Instagram.

    Ias No Tagline
    Intelligent Aerospace
    Global Aerospace Technology Network

    Intelligent Aerospace, the global aerospace technology network, reports on the latest tools, technologies, and trends of vital importance to aerospace professionals involved in air traffic control, airport operations, satellites and space, and commercial and military avionics on fixed-wing, rotor-wing, and unmanned aircraft throughout the world.

    More in ATC/ATM