By Jeff Zacuto, Director of Product Marketing, Commercial Aviation  

In the rapidly evolving world of connected military and transportation assets, ensuring the safety and security of operators, passengers, and critical onboard systems has become increasingly complex. At the same time, maintaining compliance with regulatory and policy requirements has also become a significant challenge. With so much on the line, resource-constrained security and compliance teams need new ways to meet these demanding requirements without significantly increasing their workload.  

Introducing the Shift5 Compliance Module 

Today, Shift5 announced the release of the Shift5 Compliance Module, which helps automate compliance efforts for data created on board fleet vehicles. This inaugural release, developed in partnership with aviation industry experts, enables automation of the Federal Aviation Administration’s (FAA) guidelines in Advisory Circular (AC) 119-1 requiring operators to create an Aircraft Network Security Program (ANSP).  

AC 119-1’s ANSP requirements are intended to help operators address credible cyber threats and potential critical safety issues, but they don’t provide clear guidance on operationalizing them, frequently leaving operators struggling to find a straightforward path to compliance. The Shif5 Compliance Module facilitates automated rules-based log file analysis, helping make compliance easier, faster, and more efficient so operators can focus on enhancing the safety and cybersecurity of connected aircraft.  

The module collects log files using existing aircraft data offloading processes, so there’s no additional hardware required to get started. It can also be deployed as a managed service, offering greater flexibility for teams to focus on other crucial tasks. 

Key Features  

The Shift5 Compliance Module offers several benefits for operators, enabling them to: 

  • Retain security log files for recordkeeping and compliance purposes. 

  • Conduct continuous or scheduled analysis of log files to detect anomalies. 

  • Report any anomalies or threats in a manner consistent with industry policies. 

  • Verify compliance with a documented ANSP and identify threats to the system. 

  • Export aircraft log file analysis to existing systems like ticketing and SIEM. 

Automate ANSP Compliance Efforts 

Modern connected aircraft generate vast amounts of raw data through advanced IP-based systems and serial-based onboard operational technology (OT) systems. For example, in the last year alone, the Shift5 platform processed over 9 billion messages from three aircraft types in a single fleet! Without the Shift5 platform, risk analysis and prioritization would have to be done manually — a task that would be virtually impossible at such a high volume.  

With the Shift5 Compliance Module, operators can automatically ingest, analyze, and visualize anomalies in core aircraft network security log files. They can also use the module to apply operator- and OEM-provided rulesets to analyze aircraft log files, identify and assess anomalies caused by human error or malicious intent, and prioritize events using Shift5’s proprietary machine learning models based on the MITRE ATT&CK™ Framework.  

Normalize and Centralize Data 

Aircraft log file data and formatting can vary widely across manufacturers, platforms, and even between similar aircraft. These inconsistencies can pose a challenge for compliance and security teams who rely on accurate data to support the airworthiness of their fleet. The Shift5 platform unpacks and automatically normalizes log file data into a consistent format, enabling operators with advanced data sets that can help them quickly identify abnormalities in global fleets. And, the Shift5 platform centralizes aircraft data and analysis, providing quick and easy access to information that can help teams across operations make more informed decisions and streamline their workflows.  

Focus on Critical Security Events 

Manually assessing and prioritizing risks from countless logged events can be daunting. Shift5’s platform automatically assesses the impact of suspicious or malicious events based on techniques in the MITRE ATT&CK Framework. This prioritization helps teams focus on the most critical security events and streamlines reporting and remediation efforts. The platform can also simplify packaging and exporting logfile analysis and assessments from the Shift5 console for internal team review and prompt regulatory reporting. 

Next steps 

Shift5’s Compliance Module offers a comprehensive solution for automating compliance efforts, enhancing fleet cybersecurity, and streamlining regulatory reporting. Operators can now more openly embrace the future of connected aircraft with confidence, knowing that Shift5’s cutting-edge solutions can help navigate the complexities of compliance and cybersecurity. 

To learn more about the Shift5 Compliance Module: