Aviation: Secure Flight Control Systems
Industry: Aviation
RunSafe Security provides a patented code protection solution designed to protect military and commercial flight control systems from memory-based vulnerabilities that could be exploited to alter the behavior of critical flight controls, like ailerons, elevators, or rudders. With RunSafe Protect, aerospace vendors are able to protect embedded systems in avionics that are critical to the safe and reliable operation of aircraft without rewriting code.
RunSafe Protect is on the path to becoming the first-of-its-kind cybersecurity solution to achieve Safety of Flight certifiability under DO-178C standards, ready for inclusion in Design Assurance Level A (DAL-A) systems by the end of 2025. In addition, RunSafe and Lynx have partnered to provide the industry’s first DAL-A-certified, memory-safe RTOS platform, uniting safety, security, and operational efficiency in a single solution.
Challenge
Aviation systems face persistent threats from adversaries targeting memory-based vulnerabilities in flight-critical software. A single exploit in components like flight control computers, engine controllers, or navigation systems can compromise command integrity, degrade combat effectiveness, or cause catastrophic failure. Legacy code, long certification cycles, and constrained update processes increase risk by limiting rapid patching or revalidation of safety-certified systems. As adversaries accelerate zero-day exploitation, protecting avionics at the binary level has become essential to maintaining aircraft survivability, mission continuity, and safety of flight.
“From our perspective, adding RunSafe means we have more opportunity to shrink the attack surface and reduce overall risks for our customers since security is now already built into our product.”
Key Features:
Automated mitigation and code protection
Minimized Attack Surfaces
Seamless
Integration
Futureproof from Zero Days
Solution
RunSafe offers a cybersecurity solution designed to secure flight control systems through code protection, runtime resilience, and software supply chain visibility.
Key features of RunSafe’s solution include:
- Automated mitigation and code protection: Prevents exploitation of memory-based vulnerabilities.
- Build-time Software Bill of Materials (SBOM): Generates a comprehensive inventory of applications, libraries, and dependencies for C/C++ builds.
- Automated vulnerability identification: Detects and quantifies vulnerabilities in aviation software to support risk-based mitigation decisions.
- Continuous protection for flight control systems: Applies Load-time Function Randomization to safeguard against memory safety vulnerabilities and future zero days.
- Seamless integration with LynxOS-178: Through collaboration with Lynx, RunSafe’s technology integrates into Lynx’s DO-178C DAL-A certified RTOS, maintaining certifiability while enhancing security posture.
Examples
Protecting flight control software: Emergent integrated RunSafe Security to protect its flight control software so that its customers can extend the life of products that are difficult to update and maintain after launch.
Code protection without slowing down development: For GE Aerospace’s dual-use FADEC engine controller, RunSafe deployed code protection without slowing down developers, with no change in system behavior, and no impact on runtime performance.
Enhanced cybersecurity through collaboration: RunSafe’s partnership with Lynx enhances cybersecurity for avionics and other critical aviation systems. The joint effort seamlessly integrates RunSafe Protect technology into DO-178C DAL-A-certifiable environments, providing Safety of Flight-level cybersecurity for both commercial and defense aviation applications.
Latest Resources
You Can’t Patch Your Way Out of AI-Accelerated Cyber Risk
“Trying to chase one bug at a time” isn’t a cybersecurity strategy, as anyone who has tried to keep up with patch cycles can tell you. Recently, Joe Saunders and Doug Britton joined Paul Ducklin on Exploited: The Cyber Truth for a conversation on what Claude Mythos...
RunSafe Leaders Share Their Take on Mythos, AI, and the Future of Product Security
AI is changing the speed and scale of vulnerability discovery. With Anthropic’s Claude Mythos showing how quickly AI can uncover vulnerabilities and zero days, product security teams are facing a new reality: the time between finding a vulnerability and turning it...
AI Medical Device Security: Why Build Vs. Borrow Is Now A Risk Decision
Key Takeaways AI-assisted development is accelerating the creation of medical device software while introducing new code security risks. Open source and third-party components increase software supply chain complexity and vulnerability exposure. Medical device teams...
Headquarters: 1775 Tysons Blvd, Fifth Floor McLean, VA 22102
Huntsville Regional Office: UAH I2C Building 301 Sparkman Dr. Huntsville, AL 35899
EMEA Office: Agnes-Pockels-Bogen 1 80992 Munich, Germany
+1 (571) 441-5076
Sales@RunSafeSecurity.com
© Copyright 2024 RunSafe Security. All Rights Reserved.