Aerospace Village - Checklist for Aviation Vulnerability Disclosure: Don't go it alone

Cite

DEF CON

Angus, Jay

Formal Metadata

Title

Aerospace Village - Checklist for Aviation Vulnerability Disclosure: Don't go it alone

Title of Series

DEF CON Safe Mode

Number of Parts

374

Author

Angus, Jay

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/49205 (DOI)

Publisher

DEF CON

Release Date

2020

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Cybersecurity vulnerabilities are ever present in IT and OT systems and the aerospace sector is not exempt from these findings. What should a researcher or vendor do when they find a vulnerability? This is a common question but can have many and variety complex answers. Showing how a few simple steps by each participant in the process of coordinated disclosure can decrease the stress of the efforts and result in trust among researchers and a more resilient aviation sector. Major points will focus on: - What researchers should be doing in preparation of disclosure. - When a researcher should be looking for help with coordination. - Questions vendor should be asking in preparation of a public disclosure. - Each disclosure is a unique event and should be leveraged to build upon.