Printed headline: Securing Shared Data
There are huge advantages in airlines’ sharing operations and maintenance data with OEMs and among each other. But in the age of cyberattacks, there are risks, too. How do the major OEMs and MROs deal with these risks?
In brief, very carefully. Some are willing to talk about cybersecurity very generally, some in greater detail and others not at all.
Airbus Senior Vice President for Digital Solutions Norman Baker says each airline has access to its own data on the OEM’s Skywise platform. “All Skywise member airlines that choose to share data for aggregation can, in return, benchmark their own fleet performance against aggregate industry levels computed from other participating operators,” he adds.
He stresses that all data in Skywise is protected and secure “period.” No Skywise member or operator can see another operator’s data. All that a participating airline can see are anonymized and aggregated industry performance and reliability statistics and averages from global fleets representing operators that have chosen to share.
Baker says specific security measures are confidential. “There are multiple layers of robust security measures to counter all potential threats,” he adds.
Boeing AnalytX offers self-service analytics, analytics consulting and digital solutions based on analytics. All data shared for AnalytX programs is under contract. Boeing processes incoming data, indexes it and stores it for use in improving fleet support and future aircraft design. The company validates and corrects data for customer support, engineering and improving operational performance.
Under analytics-consulting agreements, airlines can share limited data with Boeing for specific projects and business challenges such as optimizing check-in, improving flight planning or enhancing maintenance efficiency.
Most airline data, from 14,000 aircraft and 175 airlines, is shared with Boeing for self-service analytics. This includes the in-service data program, airplane health management, fuel dashboard and aerdata insights.
Boeing uses in-service data to improve operations and address emerging issues. Data on landings, flight hours and part reliability has been collected from 150 airlines and more than 10,000 aircraft flying 1 billion flight hours. Participating airlines can opt to share data with designated staff in their own companies or with other participating airlines or suppliers.
For the other programs such as airplane health management, airlines share data only within their own teams and with Boeing.
Fleet reliability statistics available on MyBoeingFleet provide high-level, fleet-wide data—such as for 737s and 777s—to participating airlines. Airlines see only data for their own aircraft.
Under self-service analytics, airlines can share data, thus benchmarking their own operations against that of other operators.
Suppliers participating in the in-service data program see only data on their own parts, with access controls. Participating airlines see all parts data for all suppliers.
Boeing’s self-service portal does not allow an airline to see another airline’s data. Airplane health management customers have access only to their own data. The company says it applies the strictest standards for data security and governance.
Lee Glazier, head of service integrity at Rolls-Royce’s R2 Data Labs, says all his data belongs to airlines, and Rolls must seek permission to use or share it with trusted partners. Rolls does not provide a subscription data platform as some aviation companies do. “Our platform and the data in it are there solely to deliver contracted services. We can be much more in control of what data is in the platform, what it is used for and who has access.”
Rolls-Royce and its suppliers, including cloud services, have contracts ensuring that shared data is confidential. Services provided by trusted partners are managed by Rolls, which is responsible for this confidentiality. The OEM controls partners’ viewing and use of data and shares data only when confident in partners’ data management.
Airline access to data is strictly controlled, so one airline never sees another airline’s data. But access rights can be complex, given the industry’s mix of airlines, alliances and lessors.
Security Challenges, Controls
To deal with security challenges, Rolls has established a set of policies aligned with ISO 27001, an information-security standard developed by the International Organization for Standardization and the International Electro-Technical Commission. All Rolls IT projects are reviewed by an information assurance board that must approve security architecture, processes and access controls.
Cybersecurity experts assess each IT project and permit it only if suitable measures are available to protect data. The OEM uses several government and private threat alerts to protect its networks. Rolls security operations centers around the world monitor security issues and proactively hunt for threats.
Glazier observes that using the cloud is a huge advance in scalable computing and accessing leading-edge capabilities. But companies must know how to exploit the cloud without compromising data integrity. “How do you know where your data is? How do you know who else is running software on the same physical computers? How do you know if there is a risk?” he asks.
Rolls works with the Azure Cloud provided by Microsoft, which Glazier says leads the industry in setting and meeting security requirements. Azure meets global, industry-specific and country-specific compliance standards. Rigorous audits, for example by the British Standards Institute, verify compliance with the standards.
The OEM also has been working with SITAOnAir, a data provider familiar with the aviation industry’s need for security. “We are proud that our security controls and use of the cloud are world-leading,” Glazier says.
“Airlines own the data,” stresses Jon Dunsdon, chief technology officer of GE Aviation digital solutions. Access to this data, whether individual airline or anonymous and aggregated, is controlled by an identity management team or by the airline’s single sign-on. GE monitors access to ensure only employees or authorized contractors can view data.
Dunsdon cites GE’s attention to detail and the secure configuration of its stored data, in the cloud or GE’s data centers. “The simplest strategies are often the most effective: prevent, detect and respond,” he says. The OEM establishes boundary protection for airline data based on its sensitivity. If a breach were to occur, a GE computer emergency response team could detect it and prevent exfiltration of data.
Dunsdon notes that any data connected to the internet is exposed to hundreds of attempted breaches a day, mostly by automated bots. But GE’s system architecture prevents breaches by allowing only connections through controlled and monitored endpoints, with automated responses to attempted intrusions.
Lufthansa Technik has limited access to each airline’s data on its Aviatar platform, explains Tobias Mohr, head of IT strategy and governance. “The airline has full control of all its data, because data are owned by the airline.” Aviatar data scientists and data engineers have limited access to anonymized and aggregated data, but only if granted by the airline and only as long as they need this data for algorithm development. “Each airline’s data are separated, even for anonymized and aggregated data,” he says.
Further, Mohr says Aviatar has fine-grained, role-based access controls, which can create roles and groups for each airline to ensure appropriate access to data. This system lets an airline control what data it shares, even within the airline or with external partners.
And Aviatar uses data encryption throughout. It encrypts data at rest in storage and encrypts data on the move in transit with strong algorithms and ciphers. All data is further protected by enterprise-class firewalls and threat protection. “Aviatar also employs advanced security analytics and security monitoring, like automatic threat detection and anomaly detection using machine-learning algorithms,” Mohr adds.
Besides these technical measures, LHT has put several organizational security measures in place. “We made data security a key priority within our development process and implement security by design,” Mohr says.
He acknowledges that IT systems are generally vulnerable to both inside and outside attacks. But he stresses that LHT uses the latest security systems, including both preventive and reactive measures, and is continuously improving these. “There has been no security breach of Aviatar,” he notes.
Access to un-anonymized data in AFI-KLM E&M’s Prognos is restricted to authorized staff, says Digital Vice President Jacques Guichard. Authorization contracts divide access into two phases.
For one or two months, Prognos’ existing algorithms are fine-tuned with each new airline’s data to improve accuracy. The airline can choose to keep its data secret by using existing algorithms, but it would thus lose precision in predictive capabilities.
The remainder of the contracted airline data needed by Prognos is sent to the cloud and processed. Only IT staff access this data for administration. Processed results are sent to Prognos’s engineering teams.
Prognos data scientists and engineers have access to aggregated, anonymized data from Air France, KLM and customer airlines to develop algorithms. Once data is processed, customers can choose to share data, anonymize or delete it. By default, each airline’s data stays in the secured cloud.
Guichard say Prognos uses state-of-the-art tools to guarantee security: a dedicated environment for each customer, no access except for IT operations and Prognos, limited network access, encrypted protocols and multi-factor authentication when possible and other steps. No attempts to breach Prognos security have been detected so far.