For many years, the commercial aviation industry has been engaged in a major transition towards the ‘digital aircraft’. With the next generation of aircraft, the industry is moving towards the ‘connected aircraft’. This evolution is propelled by the need for increased efficiency and interoperability at reduced overall cost. This generation of aircraft has extensive requirements for external interaction. This is where the greatest data security challenges lie. Whether it is aircraft avionics communicating with a ground station, or a passenger in the aircraft accessing a service using the Internet, great care must be taken to ensure that only legitimate communication or ‘information transfer’ is occurring.
To satisfy the identity assurance and data integrity requirements of the civil aviation industry, identity management solutions, based on Public Key Infrastructure (PKI) technology must be deployed. PKI is a set of policies, practices, and technologies used to create a trust framework for securing digital data and authenticating digital identities. ATA Specification 42 describes the PKI requirements and specifications for the civil aviation industry.
Key highlights for this revision include:
• Provides additional guidance on non-repudiation
• Adds a new appendix for Digital Data Archiving Considerations.