Clemens-Alexander Brust

🧪 research in software security ǀ 🏢 team lead Secure Software Engineering at DLR Data Science ǀ 🎓 FSU Jena

2025
Digital Avionics Systems Conference (DASC)

Authors: Hany Abdelmaksoud and Tim Schubert and Sven Friedrich and Clemens-Alexander Brust and Andreas Lund and Daniel LĂĽdtke

Abstract: Software avionic systems are critical for aircraft and spacecraft, incorporating key subcomponents such as Collision Avoidance Systems (CAS) and Terrain Awareness and Warning Systems (TAWS). The software within these systems must be resilient against failures, often using hypervisors to separate subcomponents into partitions that share resources. However, because these systems are subject to dynamic constraints, failures, or attacks, precompiled configurations can become inflexible and insufficient. To address these challenges, adaptive systems are increasingly necessary for responding to dynamic operational and security conditions, a requirement driven particularly by military needs.

One promising approach is dynamic reconfiguration, where alternative subcomponents take over from failing ones. For example, if camera vision fails in the dark we switch to a full RADAR relying approach. However, ARINC 653-compliant hypervisors offer limited support for reconfiguration at run-time due to their fixed inter-partition communication structure. In this work, we introduce a “mitigator”—along with routing and health monitoring components—to handle run-time failures of software components that process sensor data in an ARINC 653-compliant environment. The mitigator dynamically reconfigures the system using redundancies and a run-time scoring scheme to replace failed components and optimize the use of remaining ones, ensuring continued functionality and performance. Our evaluation measures the system’s adaptation speed and output coverage, revealing a trade-off between fault tolerance and processing overhead.

Updated: