Avionics protection apparatus and method

US 10,235,523 B1
Filed: 05/11/2016
Issued: 03/19/2019
Est. Priority Date: 05/10/2016
Status: Active Grant

First Claim

Patent Images

1. An apparatus for protecting electrical and/or electronic device(s) coupled to a data bus from a threat, the data bus comprising two differential signal lines within a shield, said apparatus comprising:

a data bus coupler comprising one or more connections with at least one differential signal line, said one or more connections configured to acquire analog signal(s) conducted through the at least differential signal line;

a sensor coupled to said data bus coupler, said sensor configured to capture said acquired analog signals;

one or more processors or logic devices; and

a non-transitory computational medium comprising executable instructions that, when executed by said one or more processors or logic devices, cause said one or more processors or logic devices to perform the following steps on said captured analog signals;

measuring a feature value in at least one region of a time domain or a frequency domain of said captured analog signals,calculating a difference value between said measured feature value and one or more baseline feature values, anddetermining, based on said calculated value, a presence or an absence of said threat to the electrical and/or electronic devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for a network of electrical and/or electronic devices coupled to a data bus comprises a sensor coupled to the data bus and configured to capture information content communicated through the data bus in a form of electromagnetic emissions being at least one of differential mode electromagnetic emissions, common mode electromagnetic emissions, coupled radiated electromagnetic emissions, and data bit streams; one or more processors or logic devices, and a non-transitory computational medium comprising executable instructions. The apparatus measure a feature value in at least one region of a time domain or a frequency domain of the captured electromagnetic emissions, calculates a difference value between the measured feature value and one or more baseline feature values, and determines, based on the calculated value, a presence or an absence of anomalies indicative of at least one of cyber intrusion attempt, cyber attack, cyber-physical attacks, malware, etc.

45 Citations

View as Search Results

21 Claims

1. An apparatus for protecting electrical and/or electronic device(s) coupled to a data bus from a threat, the data bus comprising two differential signal lines within a shield, said apparatus comprising:
- a data bus coupler comprising one or more connections with at least one differential signal line, said one or more connections configured to acquire analog signal(s) conducted through the at least differential signal line;
  
  a sensor coupled to said data bus coupler, said sensor configured to capture said acquired analog signals;
  
  one or more processors or logic devices; and
  
  a non-transitory computational medium comprising executable instructions that, when executed by said one or more processors or logic devices, cause said one or more processors or logic devices to perform the following steps on said captured analog signals;
  
  measuring a feature value in at least one region of a time domain or a frequency domain of said captured analog signals,calculating a difference value between said measured feature value and one or more baseline feature values, anddetermining, based on said calculated value, a presence or an absence of said threat to the electrical and/or electronic devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The apparatus of claim 1, further comprising an antenna coupled to the data bus and to said sensor and configured to collect emissions of electromagnetic energy radiated form the electrical and/or electronic devices.
  - 3. The apparatus of claim 1, wherein said electrical and/or electronic device(s) are installed in one of an aircraft, a naval vessel, a land vehicle, and a building.
  - 4. The apparatus of claim 1, wherein said threat being of at least one of cyber intrusion attempt, cyber attack, cyber-physical attacks, malware, physical malware, tamper, malicious software, anomalous software, modified software, malicious firmware, anomalous firmware, modified firmware, malicious circuitry, anomalous circuitry, modified circuitry, cyber-physical attack, compromised said electronic systems connected to the data line, aged electronics, faulty electronics.
  - 5. The apparatus of claim 1, wherein said executable instructions, when executed by said one or more processors or logic devices, cause said one or more processors or logic devices to perform a spectrographic transform on said captured analog signal(s).
  - 6. The apparatus of claim 1, wherein said executable instructions, when executed by said one or more processors or logic devices, cause said one or more processors or logic devices to perform an additional step of analysis including at least one of a spectrographic analysis, time-frequency analysis, electromagnetic emission radiation response analysis related to data bit stream information content, a phase analysis, an informatics analysis, and a statistical analysis.
  - 7. The apparatus of claim 1, wherein one connection from said one or more connections comprises a first connection portion with one of said two differential signal lines and a second connection portion with the shield, said one connection from said one or more connections is configured to acquire a common mode difference in voltage or a difference in common mode current flow between the shield and the two differential signal lines.
  - 8. The apparatus of claim 1, wherein one connection from said one or more connections comprises connections with the two differential signal lines, resistors and a transformer, said one connection from said one or more connections acquires voltage differential between the two differential signal lines.
  - 9. The apparatus of claim 1, wherein one connection from said one or more connections comprises connections with the two differential signal lines, said one connection from said one or more connections acquires an individual near field emission of the two differential signal lines or as a difference between near field emissions of the two differential signal lines.
  - 10. The apparatus of claim 1, wherein one connection from said one or more connections comprises connections with the two differential signal lines, resistors and capacitors, said one connection from said one or more connections provides impedance matching.
  - 11. The apparatus of claim 1, wherein one connection from said one or more connections comprises a first connection portion with one of said two differential signal lines and a second connection portion with the shield, resistors and capacitors, said one connection from said one or more connections acquires said analog signal as a high impedance isolating output to reference a voltage differential between the two differential signal lines and the shield.

12. A multimodal coupler system for a data bus with differential signal lines within a shield, comprising:
- a plurality of analog sensing input forms comprising connection(s) with at least the differential signal lines, said analog sensing input forms including at least one of unintended digital radiated, unintended analog radiated, unintended digital conducted, unintended analog conducted, intended digital radiated, intended analog radiated, intended digital conducted and intended analog conducted emissions through the differential signal lines; and
  
  wherein said analog sensing input forms provide information on at least one of intrusion detection, health monitoring, equipment operational status, equipment presence, remaining useful life, operational mode, fault detection, software authenticity, software download in progress, and software change in progress.
- View Dependent Claims (13, 14)
- - 13. The multimodal coupler system of claim 12, wherein said multimodal sensor system is configured to use said sensed signal forms to at least one of send a signal, log an event, reinitialize a device, or to control a device.
  - 14. The multimodal coupler system of claim 13, wherein a control of said device comprises at least one of a redundant switchover, a disablement of said device, an alarm indication, an operator alert, a service request transmission, an isolation of said device, and an enablement of said device.

15. A sensor system configured to sense analog signal forms originating in a bus common mode unintended emissions, bus differential mode unintentional emissions, and digital bus data, said sensor system is further configured to use said signal forms to determine status, operational information, or configuration information related to devices connected to said bus.
- View Dependent Claims (16, 17, 18)
- - 16. The sensor system of claim 15, further configured to employ a Bayesian network to fuse data from said signal forms to form an overall status result.
  - 17. The multimodal sensor system of claim 16, further configured to extract signals and/or signatures from a data bus.
  - 18. The multimodal sensor system of claim 17, wherein the data bus comprises a MIL-STD-1553 data bus.

19. A method of protecting electrical and/or electronic device(s) connected to a MIL-STD-1553 data bus from a threat, said MIL-STD-1553 data bus comprising differential signal lines, said method comprising:
- providing an apparatus comprising a sensor and a controller coupled to said sensor, said apparatus being configured to receive and process electromagnetic emissions conducted through said differential signal lines in said MIL-STD-1553 data bus, said conducted emissions being at least one of differential mode electromagnetic emissions, common mode electromagnetic emissions, coupled radiated electromagnetic emissions, free field electromagnetic emissions and data bit streams;
  
  providing a coupling device configured to acquire said conducted emissions;
  
  coupling said coupling device to at least said differential signal lines in said MIL-STD-1553 data bus;
  
  operatively connecting said coupling device to said apparatus;
  
  acquiring, with said coupling device, said conducted emissions;
  
  capturing, with said sensor, said acquired conducted emissions;
  
  processing, with said controller, said captured conducted emissions; and
  
  determining, with said controller based on processing of said captured conducted emissions, a presence or an absence of said threat to said electrical and/or electronic device(s).
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising:
    - coupling an antenna to said sensor;
      
      collecting, with said antenna, emissions of electromagnetic energy radiated from said data bus and/or from said electrical and/or electronic device(s);
      
      capturing, with said sensor, said radiated emissions collected at said antenna; and
      
      processing, with said controller, said radiated emissions captured at said sensor in a parallel relationship with processing said captured conducted emissions.

21. An aircraft electronic device protection system, comprising:
- a MIL-STD-1553 data bus comprising signal lines within a shield, said signal lines being coupled to one or more electronic devices within the aircraft;
  
  a coupling device being coupled to at least said signal lines in said MIL-STD-1553 data bus, said coupling device acquires analog signal(s) conducted through said signal lines;
  
  a sensor being coupled to said coupling device, said sensor configured to capture emissions of electromagnetic energy conducted from one or more electronic devices through said signal lines in said MIL-STD-1553 data bus; and
  
  a controller coupled to said sensor, said controller being configured to process said conducted emissions of electromagnetic energy, and determine, based on processing of said captured conducted emissions of electromagnetic energy, a presence or an absence of a threat to the one or more electronic devices; and
  
  said conducted emissions of electromagnetic energy being at least one of differential mode electromagnetic emissions, common mode electromagnetic emissions, coupled radiated electromagnetic emissions, free field electromagnetic emissions and data bit streams.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokomis Inc.
Original Assignee
Nokomis Inc.
Inventors
Keller, III, Walter J., Portune, Andrew
Primary Examiner(s)
Avery, Jeremiah L

Application Number

US15/152,307
Time in Patent Office

1,042 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 13/4282   on a serial bus, e.g. I2C b...

G06F 21/556   involving covert channels, ...

G06F 21/564   by virus signature recognition

G06F 21/577   Assessing vulnerabilities a...

Avionics protection apparatus and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

45 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Avionics protection apparatus and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links