Verification of devices connected to aircraft data processing systems

US 9,239,247 B1
Filed: 09/27/2011
Issued: 01/19/2016
Est. Priority Date: 09/27/2011
Status: Active Grant

First Claim

Patent Images

1. A method for accessing an aircraft network data processing system, comprising:

receiving, by a first data processing device, an expected value from a hash function on the first data processing device that reflects updates to software on the first data processing device, wherein the expected value is generated by a second device other than the first data processing device;

receiving, by the first data processing device, a first digital signature from the second device indicating a first source of the expected value;

generating, by the first data processing device, an actual value from the hash function that reflects the updates to the software;

generating on the first data processing device a second digital signature that indicates a second source of the actual value;

connecting the first data processing device to the aircraft network data processing system on an aircraft through an interface, wherein the first data processing device is separate from the data processing system on the aircraft;

sending the expected value and the actual value from the first data processing device to the aircraft network data processing system;

sending the first digital signature and the second digital signature from first the data processing device to the aircraft network data processing system;

comparing, by the aircraft network data processing system, the expected value to the actual value to determine whether the first data processing device is allowed to access the aircraft network data processing system;

determining on the aircraft network data processing system whether the first digital signature and the second digital signature are from trusted or approved sources as an additional step in determining whether the first data processing device is allowed to access the aircraft network data processing system; and

accessing the aircraft network data processing system by the first data processing device in response to a determination that the first data processing device is allowed to access the aircraft network data processing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for allowing access to an aircraft network data processing system on an aircraft. A data processing device receives an expected measurement of software on the data processing device. The expected measurement is generated by a device other than the data processing device. The data processing device identifies an actual measurement of the software on the data processing device. The data processing device is connected to the aircraft network data processing system on an aircraft. The expected measurement and the actual measurement are sent from the data processing device to the aircraft network data processing system to determine whether the data processing device is allowed to access the aircraft network data processing system. The data processing device accesses the aircraft network data processing system in response to a determination that the data processing device is allowed to access the aircraft network data processing system.

Citations

16 Claims

1. A method for accessing an aircraft network data processing system, comprising:
- receiving, by a first data processing device, an expected value from a hash function on the first data processing device that reflects updates to software on the first data processing device, wherein the expected value is generated by a second device other than the first data processing device;
  
  receiving, by the first data processing device, a first digital signature from the second device indicating a first source of the expected value;
  
  generating, by the first data processing device, an actual value from the hash function that reflects the updates to the software;
  
  generating on the first data processing device a second digital signature that indicates a second source of the actual value;
  
  connecting the first data processing device to the aircraft network data processing system on an aircraft through an interface, wherein the first data processing device is separate from the data processing system on the aircraft;
  
  sending the expected value and the actual value from the first data processing device to the aircraft network data processing system;
  
  sending the first digital signature and the second digital signature from first the data processing device to the aircraft network data processing system;
  
  comparing, by the aircraft network data processing system, the expected value to the actual value to determine whether the first data processing device is allowed to access the aircraft network data processing system;
  
  determining on the aircraft network data processing system whether the first digital signature and the second digital signature are from trusted or approved sources as an additional step in determining whether the first data processing device is allowed to access the aircraft network data processing system; and
  
  accessing the aircraft network data processing system by the first data processing device in response to a determination that the first data processing device is allowed to access the aircraft network data processing system.
- View Dependent Claims (2, 3, 4, 5, 6, 14, 16)
- - 2. The method of claim 1 further comprising:
    - receiving, by the first data processing device, the updates to the software, from the second device, wherein the first data processing device is a portable device;
      
      changing the software on the first data processing device by using the updates to the software to form updated software andloading the updated software from the first data processing device into the aircraft network data processing system.
  - 3. The method of claim 2, wherein generating, by the first data processing device, the actual value from the hash function comprises identifying at least one hash of the updated software on the first data processing device.
  - 4. The method of claim 1, wherein generating, by the first data processing device, the actual value from the hash function comprises generating the actual value from the hash function using a trusted platform module in the first data processing device.
  - 5. The method of claim 1, wherein the first data processing device is portable.
  - 6. The method of claim 1, wherein the first data processing device is an aircraft maintenance device.
  - 14. The method of claim 1, wherein the expected value is saved temporarily in transient storage of the aircraft network data processing system.
  - 16. The method of claim 1, wherein the software comprises an operating system for the first data processing device and the software comprises substantially all of the software on the first data processing device.

7. A method for allowing access to an aircraft network data processing system, comprising:
- connecting a portable data processing device to the aircraft network data processing system through an interface;
  
  receiving, from the portable data processing device by the aircraft network data processing system on an aircraft, an expected value from a hash function on the portable data processing device that reflects updates to software on the portable data processing device, wherein the expected value is generated by a device other than the portable data processing device and the portable data processing device is a separate device from the aircraft network data processing system;
  
  receiving, by the aircraft network data processing system, a first digital signature from the portable data processing device indicating a first source of the expected value;
  
  generating on the portable data processing device an actual value from the hash function that reflects the updates to the software;
  
  generating on the portable data processing device a second digital signature that indicates a second source of the actual value;
  
  receiving, from the portable data processing device by the aircraft network data processing system, the actual value;
  
  comparing, by the aircraft network data processing system on the aircraft, the expected value to the actual value;
  
  determining, by the aircraft network data processing system, whether the second digital signature and the first digital signature are from trusted or approved sources; and
  
  allowing the portable data processing device to access the aircraft network data processing system responsive to a determination that the expected value matches the actual value and that the first digital signature and the second digital signature are from trusted or approved sources.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7, wherein the expected value is not a part of a configuration of the aircraft.
  - 9. The method of claim 7, wherein generating on the portable data processing device the actual value from the hash function comprises:
    - changing the software on the portable data processing device by using the updates to the software to form updated software; and
      
      identifying at least one hash of the updated software on the portable data processing device.
  - 10. The method of claim 7, wherein the data processing device is an aircraft maintenance device.

11. An apparatus comprising:
- an interface configured to connect the apparatus to an aircraft network data processing system on an aircraft, the apparatus being portable, the apparatus is separate from the aircraft network data processing system;
  
  software stored on the apparatus, the software and updates to the software provided by a provider distinct from the apparatus and the aircraft network data processing system;
  
  a measurement module configured to identify an actual value from a hash function on the apparatus that reflects the updates to the software stored on the apparatus; and
  
  a processor unit configured to receive an expected value from the provider for the hash function on the apparatus that reflects the updates to the software stored on the apparatus and to receive a first digital signature from the provider indicating a first source of the expected value is the provider, wherein the expected value is generated by the provider, and further configured to generate a second digital signature that indicates a second source of the actual value, send the expected value, the actual value, the first digital signature and the second digital signature from the apparatus to the aircraft network data processing system to determine whether the apparatus is allowed to access the aircraft network data processing system, and to access the aircraft network data processing system responsive to a determination that the apparatus is allowed to access the aircraft network data processing system.
- View Dependent Claims (12, 13, 15)
- - 12. The apparatus of claim 11, wherein:
    - the processor unit is further configured to receive the updates to the software and to change the software stored on the apparatus using the updates.
  - 13. The apparatus of claim 11, wherein the measurement module comprises a trusted platform module.
  - 15. The apparatus of claim 11, wherein the software comprises an operating system for the apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Angus, Ian Gareth, Venema, Steven Craig
Primary Examiner(s)
Algahaim, Helal A
Assistant Examiner(s)
FOUCHE, MICHAEL P

Application Number

US13/246,610
Time in Patent Office

1,575 Days
Field of Search

717/171
US Class Current

1/1
CPC Class Codes

G01C 23/00   Combined instruments indica...

G01C 23/005   Flight directors indicating...

G05B 23/0283   Predictive maintenance, e.g...

G06Q 10/20   Administration of product r...

G08G 5/0021   located in the aircraft

Verification of devices connected to aircraft data processing systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of devices connected to aircraft data processing systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links