Business & Technology
Panasonic Avionics provides in-flight connectivity and infotainment content for more than 300 airlines around the world, addressing the growing demand from passengers for Internet access while in transit. The company also offers the same services to the shipping, maritime, mining, and oil and gas industries. With travelers bringing more personal devices, from laptops, tablets, to smartphones and Internet of Things (IoT) devices onto airplanes, Panasonic Avionics’ service delivery requirements have evolved, creating new demands and challenges for their IT and security infrastructure.
Fortinet's John Maddison recently talked with Michael Dierickx, director of security engineering and information security officer, about Panasonic Avionics’ security priorities and the tools they use to keep customers’ information safe on today’s connected aircraft.
Our No. 1 priority is always to protect the customer, both the passengers and the airlines. Customer satisfaction is a really big deal to us, and it’s important that, in a connected aircraft, the communications are secure. When there’s an incident, we want to be able to identify that incident and notify the customer first before anyone else does.
The top concern I have is related to the connected aircraft. It’s now a part, essentially, of the Internet of Things. Aircraft and cars, when they were first built, were never intended to be connected to anything. Now you have passengers depending on connectivity, or they don’t want to travel on that aircraft. With offering the IoT-type of user experience, the aircraft has become an extension of the corporate structure of the airline; therefore it adds a new type of attack vector. You have to have controls in place that were never needed before.
We’ve tested our deployments for years, and if our WiFi is deployed in the manner that has been prescribed or architected initially, I’m very confident that attack surface is mitigated. That said, the WiFi 802.11 standard has its flaws.
As aircraft become more connected, and as more devices become part of the IoT, there are more challenges that come into place. Not every product that’s connected to the IoT is capable of being as secure as others. Architecting security in place becomes more and more challenging.
Also being a part of the cloud is a scary thing as well. You have to have the proper security stack in place. Cloud providers may be secure, but with the infrastructure they give you, you have to add on security yourself. You have connected devices connecting to the cloud, and it really changes the dynamic and the attack vector that could potentially be used to compromise any of these systems.
You have to have the proper defenses in depth, but you also need notification. Defense is only going to get you so far. You really need to have visibility for anomalous traffic, identify it, and determine whether there’s an incident or not.
We use solutions from the Fortinet Security Fabric in several different ways. My group uses the FortiSIEM (Security Information and Event Management) product. It provides a single pane of glass, so that when there is an event, we’re able to be notified and take appropriate action. When we use a SIEM, we’re basically looking for indicators of compromise (IOCs), and with these IOCs coming from an aircraft, it’s not your traditional infrastructure, where it’s very cookie-cutter. We have different types of assets on an aircraft that do not necessarily communicate in the same manner as traditional data center equipment.
We patented specific correlation rules that would indicate an IOC aboard an aircraft, and it’s those events we want to be notified about. Each one of our airline customers have their own view, where they can see if an incident occurred. Some of the incidents we want to know in real time, and there are other incidents you don’t need to be woken up for. We’ve been working with Fortinet to really fine tune these rules and displays for our customers, so that a CSO of an airline can be on a tablet, and they have that data in front of them.
The real advantage is that Fortinet really works with us as a partner versus just a vendor. That’s extremely important to us because our environments are complex. We’re not an easy customer. We have very stringent demands and requirements. Something I can really say with a straight face is that every time we needed something unique or special done for us, Fortinet went the extra mile to ensure our success.
Having that type of partnership or relationship with a vendor is very, very important. It gives me peace of mind that they’re not just looking for next quarter’s quota. They’re really looking at our success. When we give our security portal to our airline customers, their reaction is, “Oh, my gosh, what is this?” It doesn’t look like any of the other SIEMs that are out there and is so streamlined and easy to use.
We’re looking for indicators of compromise on an aircraft, and I guaranteed there is no SIEM out there that has those rules by default. It’s almost 100-percent customized and gives us full visibility and control over our security infrastructure.
Service is No. 1. It’s extremely critical. That’s why we went with Fortinet. Their team has been extremely supportive of our efforts. Some of Fortinet’s competitors just looked at our business as dollar signs. Having a partner to go on this journey with us to secure the Internet of Things on connected aircraft and provide situational awareness to our customers is a really big deal.
This interview originally appeared on CSO.com.