Aircraft Fleet Protection

Argus provides airlines’ Security Operations Centers (SOCs) with the unprecedented ability to monitor aircraft networks, receive detailed alerts of abnormal behavior and start the mitigation process with dedicated tools and procedures. Argus Aircraft Fleet Protection helps airlines cost-effectively comply with current and future regulations.

Continuous Monitoring

Argus Aircraft Fleet Protection enables airlines to monitor the cyber health of their connected aircraft and positions them to take effective, preventive action. This SaaS service supports both batch processing (after landing) and real-time processing (such as via SATCOM), depending on OEM security log transfer design.

Streamlined Integration to Your Security Incidents and Event Management (SIEM) System

Our Fleet Protection solution can readily integrate with the SIEM that you already have in place, adding value to your investment in technology and training. Argus will provide an API to your existing SIEM, allowing your organization to manage fleet alerts without the need to acquire a new and unfamiliar SIEM system.

Dedicated, Secure, and Accessible from Anywhere

The Argus user interface lets you use our Aircraft Fleet Protection System instantly, even before integration with your SIEM. Designed specifically to meet the needs of the airline industry, this dedicated and secure user interface allows your organization to rapidly examine and investigate alerts from your aircraft. And as threats and technologies evolve, Argus continues to enhance this interface with new tools, features, and dashboards to meet security challenges.

A Forward-Thinking Approach to Regulatory Compliance

The Aircraft Fleet Protection System is designed to comply with current regulations regarding aviation security logs analysis and monitoring and to rapidly accommodate changes in technology and regulatory requirements as they emerge.

A Single Monitoring System for Your Entire Fleet

The Aircraft Fleet Protection System is built to monitor virtually all e-enabled fleets: B787, B737MAX, A350, A220, aircraft with ONS/ FOMAX, and modern business jets. If your fleets generate security logs, we can integrate them into the system, and you can monitor them all from a single system.

Supports IFEC Systems and Cabin Networks

Not only for e-enabled aircraft, the Aircraft Fleet Protection System can also monitor cabin IFEC, IFC, and IFE networks. You can integrate your security logs from these networks right into the Argus system, so that you can monitor them and explore malicious activity by rogue passengers or hackers on the ground who target your SATCOM modem and server.

Unparalleled Industry Expertise

Rather than waste time and money on unwieldy implementation of rules based on OEM guidelines and other tools, you can rely on industry-leading Argus cyber researchers — experts in cyber hacking, security logs analysis, avionics, IFEC, and e-enabled systems. The Argus research team includes data analysts, machine learning experts, veterans of elite military cyber units, embedded reversers who can find 0-days themselves and understand 1-days published by others, and avionics consultants. Argus specializes in security logs analysis and monitoring, and we can deliver these services more efficiently, professionally, and cost effectively than each airline can do for itself.

Unique Rule Engines with Correlation Capabilities

Argus rules engines are the heart of the Aircraft Fleet Protection system. With unsurpassed understanding of the systems our solutions monitor, our team continually investigates common vulnerabilities and exposures (CVEs), the attack vectors that can be used on a specific network with those particular components, and the traces that they would leave on your security logs. Based on this extensive and ongoing research, Argus has developed proprietary rules engines using statistical analysis, machine-learning, vulnerabilities research, cross correlating events with each other and with external data sources, to generate timely and accurate alerts. Our rules-based engines significantly reduce false positives resulting from inappropriate thresholds and do much more than simply count events. With the Aircraft Fleet Protection System, incidents are less likely to go undetected because of the inability of basic rules to identify them.

Data Fusion from Multiple Sources

An Intrusion Detection System is only as good as its data, and multi-source correlation and extension data fusion are essential to optimal outcomes. The Aircraft Fleet Protection System utilizes flight schedules, geo-location, ACARS logs, IFEC logs (if you have them), EFB logs, and of course, different servers and routers in the AC itself. Our system cross-correlates these sources, providing more comprehensive situational awareness – often the difference between alerting you to an incident or missing it.

Detailed Alerts Descriptions

The effective monitoring and identification of aircraft cyber threats requires extensive expertise, in-depth understanding of your aircraft architecture, and ongoing cyber research to keep pace with threats. However, many airlines outsource their SOC to MSSP, whose expertise is IT, rather than aviation or avionics. Even when aircraft security log monitoring is performed by airline staff, it’s unlikely that most personnel fully understand AC alerts and their significance for aircraft operations. It’s also likely that staff who monitor the system at L1/ L2 levels are not aircraft experts. The Argus Fleet Protection System supports your cyber team and provides them with the tools and information they need to assess alerts and mitigate aircraft cyber incidents.

Mitigation Specifically Suited to Your Procedures

The Aircraft Fleet Protection System provides your cyber team with recommendations for further forensics and investigation, so that they can more accurately determine whether an alert represents an actual cyber incident or a maintenance issue. We work with you to qualify alert mitigation steps to fit each airline’s procedures.

L3/L4 Close Support

Intuitive and easy to use, the Aircraft Fleet Protection System helps airline cyber teams make the most of their abilities. However, as threats and technologies become more sophisticated, situations arise that require additional expertise. The Argus team can help your organization make sense of unexplained events and anomalies, conducting forensics and investigations side by side with your response team. If needed, we can also provide a detailed incident report to open a ticket with your OEM.

Invest Only in What You Use

Argus delivers this SaaS subscription-based service on a monthly basis per operational tail. The decision on how it’s deployed is up to you: for the fleets and AC network domains you choose to monitor and for operational aircraft and not for grounded ones. Argus will credit or refund your investment surplus. With Argus, there is no overhead, no payments for IT infrastructure or hosting, no extra payments for integrating a new network/ system or new aircraft type to the system — only a reasonable investment per tail.