Shift5, the observability platform for onboard operational technology, and Boeing have entered into a global strategic reseller partnership to offer Shift5’s Compliance Module to automate Aircraft Network Security Program (ANSP) compliance efforts for commercial and civil aviation operators. The partnership will drastically reduce the time and manual effort required by maintenance and security teams to identify and report anomalies in onboard data in e-enabled aircraft, allowing them to address credible cyber threats and potential safety issues to improve the safety and operations of fleets.
Federal Aviation Administration’s (FAA) guidelines in Advisory Circular (AC) 119-1 and European Union Aviation Safety Agency’s (EASA) guidelines in Common Requirements Regulation (EU) 2017/373 and the Single European Sky Framework require operators flying connected or e-enabled aircraft with advanced connectivity capabilities to create an ANSP to ensure their safety, integrity, and reliability are in alignment with regulatory standards.
Aviation operators are now able to automate compliance efforts for cybersecurity data created on board connected aircraft, through this partnership. The partnership leverages Shift5’s ANSP Compliance Module software and Boeing’s Aviation Business Solution’s Cybersecurity Certified Information Security Professionals (CCISP) to deliver an industry-leading analytics solution for analyzing aircraft security log files. This new service will help operators of e-enabled aircraft to analyze large datasets to identify possible cybersecurity anomalies and determine mitigation actions.
The Shift5 Platform is the only original equipment manufacturer agnostic platform that captures, analyzes, and reports anomalies in core network security log files automatically. The Shift5 Compliance Module facilitates automated rules-based log file analysis, helping make ANSP compliance easier, faster, and more efficient.
“Modern connected aircraft are ushering in better flying experiences for pilots, staff, and passengers, but they also introduce complexity that invites cybersecurity risk. These next-gen aircraft usher in evolving cybersecurity requirements, including ANSP compliance – a regulation that’s notoriously difficult to navigate,” said Josh Lospinoso, CEO and co-founder, Shift5.
“Together, Boeing and Shift5 will flip the script, turning the challenges of ANSP compliance into a checklist item. This is a game changer for operators as FAA, EASA, and other regulatory requirements evolve and airlines face persisting staffing shortages. We’re going to save operators a ton of time, effort, and paperwork.”
“Digital technologies continue transforming the aviation ecosystem. Our partnership with Shift5 increases operator efficiency while meeting regulatory requirements and underscores Boeing’s commitment to maintaining the highest cybersecurity standards in aviation,” said Brett Burgess, Commercial Aviation director for Digital Aviation Solutions at Boeing
For aircraft certified with a special condition related to the security of their onboard computer networks, a key component of an ANSP requires operators to aggregate, decode, monitor, and alert on potential security conditions in aircraft network security log files. With the partnership, Boeing’s cybersecurity analytics service, powered by Shift5, will enable airlines to apply rulesets to analyze aircraft log files, identify and assess anomalies caused by human error or malicious intent, and prioritize events using Shift5’s proprietary machine learning models based on the MITRE ATT&CK™ Framework. Operators will be able to automatically:
Retain security log files for recordkeeping and compliance purposes
Conduct continuous or scheduled analyses of log files to detect anomalies
Report any anomalies or threats in a manner consistent with industry standards
Demonstrate compliance with their documented ANSP
Export aircraft log file analysis to existing systems like ticketing and SIEM
Access Boeing Aviation Business Solution’s CISSPs to evaluate anomalies and mitigate incidents
About Shift5
Shift5 is the dual use, subscription-based observability platform for onboard operational technology (OT), enabling smarter, faster decisions through real-time data access, contextual insights, and actionable analytics at the edge for aerospace, rail, maritime, and defense. Created by officers who stood up U.S. Army Cyber Command and pioneered modern weapons system cyber assessments, Shift5 defends commercial and military fleets as well as weapon systems against operational failures and OT cybersecurity risks. Household name aviation companies, U.S. railroads, and fleets within the U.S. military rely on Shift5 for the security, availability, safety, resilience, and reliability of today’s fleets and tomorrow’s next-generation assets. For more information, visit shift5.io.
About Boeing
As a leading global aerospace company, Boeing develops, manufactures and services commercial airplanes, defense products and space systems for customers in more than 150 countries. As a top U.S. exporter, the company leverages the talents of a global supplier base to advance economic opportunity, sustainability and community impact. Boeing’s diverse team is committed to innovating for the future, leading with sustainability, and cultivating a culture based on the company’s core values of safety, quality and integrity.
Featured image credited to Shift5
