Aerospace America logo, click or touch this logo to return to the homepage Aerospace America - click or touch the Aerospace America logo to return to the homepage.
Search Access the Aerospace America search by clicking or touching here Menu Access the Aerospace America menu by clicking or touching here
⟵ Back to the 2020 Year in Review Landing Page
Information Systems

Digital breaches heighten awareness of cybersecurity needs

By SAM ADHIKARI|December 2020

The Aerospace Cybersecurity Working Group provides awareness, education and standards development to help protect aerospace’s digital infrastructure.

Governments and cybersecurity research organizations unmasked several alleged cyber espionage groups targeting the aerospace sector in 2020, including Iran-based hackers, who the U.S. Department of Justice indicted in September.

In July, ransomware reportedly hit Garmin, and the subsequent outage caused problems in Garmin’s aviation services, including flight planning and mapping. The attempt heightened awareness on ransomware cyberattacks on aviation communication and software.

In the interest of data privacy, national security and defense, President Donald Trump in May extended a ban on telecom infrastructure from Chinese companies Huawei and ZTE for another year. Multiple outlets reported in March that the White House was planning to roll out a ban on drones from China-based manufacturer DJI, but such an order was never issued.

In October, Sens. Rob Portman, R-Ohio, and Gary Peters, D-Mich., introduced the Risk-Informed Spending for Cybersecurity Act to require cyber-risk-based budgeting “in response to a 2019 report revealing most agencies lack comprehensive cyber risk frameworks.”

The U.S. Department of Transportation Office of Inspector General in September published its report, “FAA and Its Partner Agencies Have Begun Work on the Aviation Cyber Initiative and Are Implementing Priorities,” which recommends that FAA in consultation with its ACI partners identify the resources needed to meet the current schedule for achieving ACI’s remaining priorities, determine how to allocate the resources and revise the schedule as necessary.

Also in September, the U.S. Department of Defense published a notification of plans to issue an interim rule to amend the Defense Federal Acquisition Regulation Supplement to implement the Cybersecurity Maturity Model Certification framework and associated assessment methodology to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the Defense Department supply chain. CMMC certification will be a five-year rollout and is not applicable for recently awarded contracts. CMMC has five levels starting at Level 1, which focuses on performing basic cyber hygiene practices, and going to Level 5, which showcases advanced cybersecurity processes and demonstrated ability to optimize cybersecurity capabilities. CMMC’s initial focus will be acquisitions in the areas of missile defense and nuclear security.

In March, the Cyberspace Solarium Commission released its report outlining a U.S. cyber infrastructure to protect government operations, industry and Americans from cyberattack. Actions include the sharing of national intelligence information with industry to perform precise threat analysis and development of discrete protections.

In September, the U.S. National Institute of Standards and Technology published Special Publication 800-53, Revision 5, which introduces capabilities and functionality to protect personal-private information in government and within sectors of critical infrastructure. Previous versions of this baseline have not included protection of privacy as critical to the development and operation of systems. The revision aligns the Risk Management Framework, which is critical to development of Defense Department systems, with the Cybersecurity Framework, a primary base for development of cyber resilience in the critical infrastructure from a 2016 presidential executive order.

In February, Lockheed Martin released the Cyber Resiliency Level measurement tool as a means to establish a system’s current cyber resiliency risk and to allow customer discussion of a future state of cyber resiliency risk for the system under evaluation. In August, Lockheed Martin declared full operating capability of the first cyber range, specifically focused on cyber testing of avionics systems. The National Cyber Range is a DARPA project to build internet-based infrastructure that can be used to carry out cyberwar games. The project serves as a test range where the military can create antivirus and other cyber defense technologies to guard against cyberterrorism and cyberattacks from hackers.

Contributors: Dawn M. Beyer, Stephen Blanchette, Gabriel Elkin, Preston D. Frazier, Margee Herring, Jeremy Jacobsohn, Steve Lee, Jimmie McEver, Bryce Leonard Meyer, Gerald L. Ourada and Virginia Stouffer

2020 Year in Review

Aerospace Design and Structures

Atmospheric picture of space

Design progress on many fronts

Developing technology for smallsat solar arrays and antennas

New computing tools, international collaboration spell design progress

Aerospace Outreach

50 years after Apollo 11, the world took note

Airbus a330 in a hangar with flynas livery, undergoing maintenance with visible engine covers and detached wing components.

Programs encourage carbon-emission reductions

Apollo anniversary inspires more exploration and milestones

Aerospace Sciences

Software releases, a corporate acquisition and advances in simulation propel meshing forward

Close-up of a spacecraft module with labeled parts: comars 1, 2, 3, and radiometer.

Validating advanced thermophysics models

Autonomous systems adapting to uncertain and contested operating conditions

Aircraft Technology, Integration and Operations

Altitude-controlled balloons in development for Earth and planetary missions

Steady progress in aircraft design despite covid-19 disruptions

Space vehicle, automation testing prevalent

Engineering and Technology Management

Solar Impulse 2

A year that caught public’s notice

Blue Origin’s BE-4 engine for ULA’s Vulcan

Profits dip in aerospace, defense sectors

British F-35Bs

Vertical flight continues to grow

Information Systems

Communications satellites proliferate into an expanding multi-orbit domain

Year brings greater dependency on software

Information and command and control systems play pivotal role in modern warfare

Integration

Space exploration focuses on asteroids

Continued progress toward the CFD Vision 2030 goals

Bringing civil supersonic flight closer to fruition

Program Committees

130-foot-long fuel tank test article for NASA’s Space Launch System

Mars, Jupiter and the human factor

Space Launch System keeps pace

solar-powered Aquila high-altitude unmanned aircraft

Unmanned integration efforts gain speed

Propulsion and Energy

New hybrid rockets prepare for inaugural flights

Progress made toward hydrogen-powered aircraft and biofuels

Levitating droplets, 3D-printed gun propellants, electromagnetic munitions and a game-changing solid-fuel ramjet

Space and Missiles

Longer-range and advanced seekers dominate missile development

Launch of Perseverance rover caps 2020 in space robotics

Space robotic arms and rovers push the limits of lunar exploration

PreviousNext

Digital breaches heighten awareness of cybersecurity needs