Security risk mitigation of cyber physical systems: A case study of a flight simulator

Abstract

Avionics has seen a greatest shift in technology over the last two decades. The severity of the consequences resulting from a lack of risk management in avionics can be seen from recent incidents of unmanned aerial vehicles being hacked or in the hacking of vendor-controlled systems installed in commercial aircrafts. Over a million incidents related to security breaches at cyber layer have been recorded over the last decade, among which 350,000 cyber-attacks alone have taken place in the year 2018. Unfortunately, only a limited set of studies have been conducted on security risk management, particularly specific to avionics. In this article, we aim to identify, analyze and mitigate the security risks of 6 Degree of Freedom Flight Simulator. As a result, we identify 8 risks of level 3–4 as per the IEC 61508 standard. Further analysis of the identified risks yields in another 34 risks. We then mitigate the severity of the identified risks from level 4 to level 2 as per the IEC 61508 standard. The cryptosystem used for risk mitigation performed relatively faster as compared to some of the most recently proposed encryption schemes.