A Boeing Next-Generation 737 operator faced a challenge in analyzing log files generated by their e-Enabled aircraft. They needed to meet regulations (AC119-1) but lacked in-house aircraft log file analysis capabilities and technology. Additionally, they required a solution that would minimize time to market and lacked analysis correlation algorithms and historical data for comparisons.
To address these challenges, Boeing implemented the following approach:
Boeing dedicated subject matter experts to analyze the aircraft log files.
A kick-off workshop was conducted to establish log baselines, ensuring a solid foundation for analysis.
Boeing performed monthly analyses on log files for 26 tails, allowing for regular monitoring and identification of potential threats.
Results from the analysis were benchmarked against global fleet data, providing valuable insights and comparisons.
Boeing prepared monthly reports summarizing findings, documenting threshold spikes, and identifying areas that required additional investigation.
Monthly conference calls and quarterly onsite visits were conducted to help develop strategies to mitigate recurring risks.
The implementation of the cybersecurity log file monitoring solution yielded the following results:
The Boeing 737 NG operator successfully met the regulatory requirements set by FAA AC119-1.
Leveraging Boeing's subject matter expertise and data, the performance of threat identification was significantly improved.
The solution added in-house capability on an extension of staff basis, reducing reliance on external resources.
Risks associated with staff turnover and unexpected absences were eliminated, ensuring consistent monitoring and analysis.
The solution also paved the way for adding future functionality for off-board communications, specifically Class 2 EFB.
Overall, the implementation of the cybersecurity log file monitoring solution not only helped the Boeing 737 NG operator meet regulatory requirements but also improved their threat identification capabilities, added in-house expertise, and mitigated risks associated with staff turnover and absences.