Shift5: Harnessing Raw Data for Enhanced Aircraft Security
LONG BEACH, Calif. — The aviation industry has long grappled with a pivotal challenge: how to make use of the vast amounts of data generated by aircraft, both for enhanced security and for deeper insights into their operations. Bobby Anderson, Vice President/General Manager for Commercial Aviation at Shift5 Inc., provided perspectives on this subject at the recent Connected Aviation Intelligence Summit.
Shift5 Inc. was founded roughly five years ago, with its roots tracing back to the founders of Army Cyber Command. The company’s mission initially centered on fortifying weapons systems within the Department of Defense against cyber threats. This intent to protect critical assets naturally extended to commercial aviation platforms, considering the cyber vulnerabilities inherent in avionics systems.
In April, Shift5 introduced a new module for commercial air operators that leverages onboard data to automate compliance with Aircraft Network Security Program (ANSP) requirements.
IT vs. OT
“Typically, where you see the line drawn is between IT systems (information technology, like your tablets and corporate laptops) and operational technologies,” Anderson said. Operational technologies, or OT, pertain to avionics systems on the aircraft. Their role isn’t just informational; they enact physical outcomes on the aircraft. This distinction is crucial because while IT systems usually offer a wealth of observable data, the same cannot be said for OT.
Serial bus networks, such as ARINC 429 in commercial aviation or MIL-STD-1553 in military applications, are paramount to avionics communication. These serial buses underpin most avionics systems globally, and Shift5’s goal is to provide “observability” to these previously unexposed networks.
“Once you have access to those serial buses, you can actually vacuum up all of this data and you can serve multiple use cases,” according to Anderson.
The Data Challenge
A stark contrast exists between the visibility we have on data transiting our regular corporate IT infrastructure and the data generated by multimillion-dollar aircraft. Often, critical avionics data, rich with insights, remains unobserved and disappears after its generation. This “missing visibility” is what Shift5 aims to address.
The Limitations of Legacy Systems
ARINC 429 “was completely designed around safety, which makes perfect sense,” Anderson said. “Safety is the most critical component for commercial aviation, so that protocol was engineered as an open protocol to provide access to a much larger supply chain of tier one, tier two, [and] tier three suppliers, such that when you bring all of these systems together on an aircraft in a federated fashion, they all talk to each other.”
“Because safety was the paramount element, there is no encryption on those protocols,” he added.
“The amount of data these aircraft are producing is astounding. But no one’s looking at that data, and it just disappears. That’s one of the big problems that we’ve been working to solve at Shift5: how do we actually tap into that data such that it doesn’t disappear.”
The Retrofit Dilemma
Implementing retrospective upgrades in an aircraft can be prohibitively complex and expensive. Adding hardware and cables not only increases weight but involves tapping into potentially hundreds of wires. Moreover, the challenge isn’t just about accessing the data but determining its relevance and use.
“Airlines already have prioritized parameters for what comes off an aircraft in priority order to make sure they get the most important things,” Anderson remarked. “The pipe is still in many ways constrained, so that has been a huge roadblock. Shift5 has circumvented some of this with our existing customers.”
Cybersecurity, Maintenance, Operations, and Regulatory Compliance
The data derived can serve multiple use cases, and a holistic approach ensures that the investment for data extraction is distributed efficiently across various departments. Regulatory changes, especially those concerning cybersecurity in aviation, underscore the importance of this harmonized approach.
“Cybersecurity teams within airlines are cost centers,” noted Anderson. “They’re not revenue-generating parts of the airline. So how does a cost center get the attention of business leaders to convince them to retrofit an aircraft, even though it’s probably going to take two years to retrofit an entire fleet of aircraft? It’s difficult, and that’s where the maintenance and operations side comes in.”
“We strongly recommend that the ecosystem doesn’t look at solving this data problem myopically, within a single use case. You have to look at all of the use cases. By using the same amount of data, all three of these can be supported, and effectively, the investment needed to achieve this within an airline can be shared across the teams. Since operations is the revenue-generating unit, it typically takes the lead on what makes sense. We found that supporting all three is a much more feasible and productive discussion.”
Observability means capturing every bit of raw data, without any sampling. They prioritize ingesting every frame of data on each monitored serial bus, ensuring comprehensive visibility. But raw data is just the start. Adding context to this data is the true game-changer. “Once you start looking not just at one aircraft, but across an entire fleet of aircraft—as well as across multiple types of aircraft and other vehicles—that’s where we talk about providing the context that enables the analysis,” Anderson said. “We are huge advocates for on-platform or on-aircraft processing or analysis of this data.” Their vision is not just to collect the data but to analyze it in real time on the aircraft.
As aviation continues to evolve, harnessing the raw power of its data will become even more crucial. Shift5’s innovative approach promises to redefine how the industry views data, turning it from an underutilized resource into a wellspring of insights and enhanced security.