AVIATION BUSINESS SOLUTIONS CASE STUDY

Cybersecurity log file monitoring for Boeing 737 NG Operator

  • Featuring

    IT and Cybersecurity consulting services

  • Customer

    Next-Generation 737 Operator

  • Solution

    Log file monitoring and analysis

The challenge

A Boeing 737 NG operator faced a challenge in analyzing log files generated by their e-Enabled aircraft. They needed to meet regulations (AC119-1) but lacked in-house aircraft log file analysis capabilities and technology. Additionally, they required a solution that would minimize time to market and lacked analysis correlation algorithms and historical data for comparisons.

"We are very pleased with the partnership we have with Boeing and grateful for the capability provided…"

Airline Director of Cybersecurity

Boeing approach

To address these challenges, Boeing implemented the following approach:

  • Subject matter experts

    Boeing dedicated subject matter experts to analyze the aircraft log files.
  • Kick-off workshop

    A kick-off workshop was conducted to establish log baselines, ensuring a solid foundation for analysis.
  • Log file analysis

    Boeing performed monthly analyses on log files for 26 tails, allowing for regular monitoring and identification of potential threats.
  • Benchmarking

    Results from the analysis were benchmarked against global fleet data, providing valuable insights and comparisons.
  • Monthly reports

    Boeing prepared monthly reports summarizing findings, documenting threshold spikes, and identifying areas that required additional investigation.
  • Collaboration

    Monthly conference calls and quarterly onsite visits were conducted to help develop strategies to mitigate recurring risks.

Results

The implementation of the cybersecurity log file monitoring solution yielded the following results:

  • Met regulatory compliance

    The Boeing 737 NG operator successfully met the regulatory requirements set by FAA AC119-1.
  • Improved threat identification

    Leveraging Boeing's subject matter expertise and data, the performance of threat identification was significantly improved.
  • Enabled in-house capability

    The solution added in-house capability on an extension of staff basis, reducing reliance on external resources.
  • Mitigated risks

    Risks associated with staff turnover and unexpected absences were eliminated, ensuring consistent monitoring and analysis.
  • Allowed for future functionality

    The solution also paved the way for adding future functionality for off-board communications, specifically Class 2 EFB.

Overall, the implementation of the cybersecurity log file monitoring solution not only helped the Boeing 737 NG operator meet regulatory requirements but also improved their threat identification capabilities, added in-house expertise, and mitigated risks associated with staff turnover and absences.