Authenticating an aircraft data exchange using detected differences of onboard electronics

US 10,148,653 B2
Filed: 12/14/2016
Issued: 12/04/2018
Est. Priority Date: 12/14/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprisingdetecting a request for an exchange of data between an aircraft and an off-board system;

selecting a Line Replaceable Unit (LRU) of the aircraft based on at least one parameter of the request;

issuing a challenge to a Physically Unclonable Function (PUF) connected with at least one electronic component of the LRU;

obtaining a hardware signature based on a response of the at least one electronic component of the LRU to the challenge, wherein the PUF derives the hardware signature from a unique physical property of the at least one electronic component; and

validating the hardware signature to authenticate the request and initiate the exchange of data between the aircraft and the off-board system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for authenticating aircraft communications using detected difference of on board electronics. One embodiment is a method that includes detecting a request for an exchange of data between an aircraft and an off-board system, and selecting a Line Replaceable Unit (LRU) of the aircraft based on at least one parameter of the request. The method also includes issuing a challenge to a Physically Unclonable Function (PUF) connected with at least one electronic component of the LRU, and obtaining a hardware signature based on a response of the at least one electronic component of the LRU to the challenge. The PUF derives the hardware signature from a unique physical property of the at least one electronic component. The method further includes validating the hardware signature to authenticate the request and initiate the exchange of data between the aircraft and the off-board system.

32 Citations

View as Search Results

20 Claims

1. A method comprisingdetecting a request for an exchange of data between an aircraft and an off-board system;
- selecting a Line Replaceable Unit (LRU) of the aircraft based on at least one parameter of the request;
  
  issuing a challenge to a Physically Unclonable Function (PUF) connected with at least one electronic component of the LRU;
  
  obtaining a hardware signature based on a response of the at least one electronic component of the LRU to the challenge, wherein the PUF derives the hardware signature from a unique physical property of the at least one electronic component; and
  
  validating the hardware signature to authenticate the request and initiate the exchange of data between the aircraft and the off-board system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - determining a security level of the data in the request;
      
      selecting a combination of LRUs based on the security level of the data;
      
      obtaining hardware signatures using PUFs connected with the combination of LRUs; and
      
      determining whether the hardware signatures match with challenge-response pairs stored in a database of a trusted entity.
  - 3. The method of claim 1 wherein:
    - the at least one parameter of the request includes a type of aircraft data for the exchange.
  - 4. The method of claim 1 wherein:
    - the at least one parameter of the request indicates the exchange is an upload operation from the off-board system to the aircraft.
  - 5. The method of claim 1 wherein:
    - the off-board system includes a database of challenge-response pairs recorded for the at least one electronic component.
  - 6. The method of claim 5 further comprising:
    - validating an identity of the aircraft based on a match between the hardware signature and a challenge-response pair entry in the database; and
      
      authorizing the exchange of data in response to validation of the identity of the aircraft.
  - 7. The method of claim 6 further comprising:
    - deleting the challenge-response pair entry from the database in response to the authorizing.

8. A non-transitory computer readable medium embodying programmed instructions which, when executed by a processor, are operable for performing a method comprising:
- detecting a request for an exchange of data between an aircraft and an off-board system;
  
  selecting a line replaceable unit (LRU) of the aircraft based on at least one parameter of the request;
  
  issuing a challenge to a Physically Unclonable Function (PUF) connected with one or more electronic components of the LRU;
  
  obtaining a hardware signature based on a response of the one or more electronic components of the LRU to the challenge, wherein the PUF derives the hardware signature from a unique physical property of the one or more electronic components; and
  
  validating the hardware signature to authenticate the request and initiate the exchange of data between the aircraft and the off-board system.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The medium of claim 8 wherein the method further comprises:
    - determining a security level of the data in the request;
      
      selecting a combination of LRUs based on the security level of the data;
      
      obtaining hardware signatures using PUFs connected with the combination of LRUs; and
      
      determining whether the hardware signatures match with challenge-response pairs stored in a database of a trusted entity.
  - 10. The medium of claim 8 wherein:
    - the at least one parameter of the request includes a type of aircraft data for the exchange.
  - 11. The medium of claim 8 wherein:
    - the at least one parameter of the request indicates the exchange is an upload operation from the off-board system to the aircraft.
  - 12. The medium of claim 8 wherein:
    - the off-board system includes a database of challenge and response pairs recorded for the one or more electronic components.
  - 13. The medium of claim 12 wherein the method further comprises:
    - validating an identity of the aircraft based on a match between the hardware signature and a challenge-response pair entry in the database; and
      
      authorizing the exchange of data in response to validation of the identity of the aircraft.
  - 14. The medium of claim 13 wherein the method further comprises:
    - deleting the challenge-response pair entry from the database in response to the authorizing.

15. A system comprising:
- a ground system operable to upload aircraft data to Line Replaceable Units (LRUs) over a network, the ground system comprising;
  
  an airline device operable to request the upload of the aircraft data to an LRU of the aircraft; and
  
  a hardware authentication system operable to retrieve a challenge from the airline device that is associated with the LRU, to obtain a hardware signature from PUF circuitry coupled with the LRU, and to authenticate the aircraft for receiving the upload based on a match between the hardware signature and a challenge-response pair stored in the airline device that includes the challenge.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15 wherein:
    - the hardware authentication system is further operable to identify a security level associated with the LRU.
  - 17. The system of claim 16 wherein:
    - the hardware authentication system is further operable to determine that the security level is above a threshold, and in response, to identify at least one additional LRU for authenticating the upload.
  - 18. The system of claim 15 wherein:
    - the hardware authentication system is further operable to generate a warning in response to a determination that there is a mismatch between the hardware signature and a challenge-response pair.
  - 19. The system of claim 15 wherein:
    - the hardware authentication system is further operable to restrict the upload in response to a determination that there is a mismatch between the hardware signature and a challenge-response pair.
  - 20. The system of claim 15 wherein:
    - the hardware authentication system is further operable to obtain hardware signatures for multiple line replaceable units (LRUs), each LRU having at least one electronic component coupled with Physically Unclonable Function (PUF) circuitry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Lawson, Jack, Mitchell, Timothy M.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US15/378,405
Publication Number

US 20180167391A1
Time in Patent Office

720 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/25   Integrating or interfacing ...

G06F 21/44   Program or device authentic...

G06F 7/02   Comparing digital values G0...

H04L 63/0876   based on the identity of th...

H04L 67/12   specially adapted for propr...

H04L 9/3278   using physically unclonable...

H04W 12/06   Authentication

H04W 12/082   using revocation of authori...

H04W 4/70   Services for machine-to-mac...

H04W 84/06   Airborne or Satellite Netwo...

Authenticating an aircraft data exchange using detected differences of onboard electronics

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating an aircraft data exchange using detected differences of onboard electronics

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links