Global Aerospace Leader Achieves Aviation Data Security Controls and Standards
Customer Profile
A world leader in aerospace. The company is a leading manufacturer of comercial jetliners, defense, space, and security systems.
Products
Data Security Manager
Challenge
- Over the last decade, the commercial aviation industry has been going through a major transition towards the ‘digital and connected aircraft’. These changes have been propelled by the increasing need to improve overall efficiency within the aviation space and reduce the cost of operations. This has led to the installation of several onboard systems on commercial airplanes to improve the overall efficiency and maintenance. Aircrafts today increasingly interact with external systems and applications, including the internal avionics systems communicating with the ground station or even a passenger accessing a service using internet. Some of these systems are also used for air-ground communications and transfer of data collected onboard to the back office.
Solutions
Customer had prioritized on the code signing project but was not able to zero in on a vendor that could offer a scalable solution with minimized impact on airplane operations. The project was literally months behind schedule. The customer approached Fortanix for a POC. The solution was offered as a quick to deploy and easy to use SaaS. After a successful POC, the project was fully implemented for their operations in one key geographic region
The Fortanix cloud based FIPS 140-2 Level 3 HSM utilizing Intel® SGX: Software Guard Extensions.
All HSMs provided by the service were fully redundant, and no action was required (by humans or external applications) to access a “redundant node” in the event that a “primary node” becomes unavailable.
The SaaS user interface was accessible via two-factor authentication. Applications and APIs communicate with the HSM “nodes” through authenticated API mechanisms. Authorized, and authenticated users use the GUI to establish “groups” of HSMs and generate required keys within the HSMs.
Certificate Signing Requests (CSRs) are then generated through the service GUI or via customer applications.
Keys are always maintained within the HSMs as well as all cryptographic processes (signing, authentication, etc.).
Key Differentiators
SaaS based solution was quick to deploy and easy to use with a user-friendly centralized console to monitor all data security operations of the aircraft.
Fortanix offered a state-of-the-art code signing solution that included a FIPS 140-2 level 3 assurance for private key protection and advanced capabilities like strict rolebased access controls, quorum-based approval workflows, automation, and audit logs for all code signing operations.
Supported all types of asymmetric keys, signing, and hashing algorithms used for code signing
Secure storage of sensitive objects/keys during the signing and verification processes.
