ModSecAero is a French RAPID project. RAPID projects are about industrial research or experimental development with high technological value. This project should have military and civilian application.
Aircraft development, whether it is a civil one or a military one, relies on safety standards for a long time and on cybersecurity standards for several years. ED202 and ED203 standards define the process and methodology for cybersecurity and the hook to take this concern into account in a safety-based classical development. Nevertheless, it is of the upmost importance to develop specific technics and tools and to demonstrate them on concrete use cases.
The French CEA and Trialog are together to develop modelling tools that enable to describe threats and risk analysis from the system architecture models. It should reduce drastically the time and efficiency of such analysis in an integrated way within a model based engineering process. Trialog provides his know-how in MDE and Security Engineering process (e.g. TERESA FP7 project) to build models of attack in a database, and some efficient way to find the related countermeasures against known threats. One of the goal is to allow the update of risks models and attack/defense tree models easily to take into account the technology evolution. The related risk analysis will be update at the same time, to make it a living document.