Preventing Airplane Crashes with Cryptography?

January 3, 2024

The ILS investigates, how cryptographic methods can be used to detect and mitigate failures of avionics hardware.
[Picture: ILS 2024, Johannes Reinhart]

Computer systems in airplanes must meet particularly high safety requirements, as a failure could have catastrophic consequences. Modern transport aircraft have multiple redundant computers for safety-critical digital control systems in order to reliably detect and mitigate such failures. For example, a flight control function in a typical large transport aircraft is made up of around 10 computers for redundancy reasons. The Institute of Aircraft Systems (ILS, is investigating a novel approach, that could reduce the number of computers needed for high integrity: With the help of Succinct Non-Interactive Arguments of Knowledge (SNARKs), a new family of cryptographic methods, computer failures can be detected reliably such that fewer redundant computer units are required. The proof-of-concept was presented at the Digital Avionics Conference (DASC):

However, there is a big challenge: The additional computing power required for the cryptographic operations is huge and a major obstacle for a practical application. We could reduce the computational overhead significantly by selecting compatible cryptographic building blocks and by carefully applying manual optimizations: Using a demonstrator of a simplified pitch control system (see image), the team led by PhD student Johannes Reinhart was able to achieve a control loop frequency of 25Hz (compared to 10Hz previously). Among other things, the SNARK circuit for signature verification was improved by using a compatible hash function called Poseidon and implementing more efficient SNARK-compatible operations for elliptical curves.

Laboratory demonstrator of controller that uses SNARKs to prove the correctness of its commands.

See it at LinkedIn

To the top of the page