Computer systems in airplanes must meet particularly high safety requirements, as a failure could have catastrophic consequences. Modern transport aircraft have multiple redundant computers for safety-critical digital control systems in order to reliably detect and mitigate such failures. For example, a flight control function in a typical large transport aircraft is made up of around 10 computers for redundancy reasons. The Institute of Aircraft Systems (ILS, https://www.ils.uni-stuttgart.de/) is investigating a novel approach, that could reduce the number of computers needed for high integrity: With the help of Succinct Non-Interactive Arguments of Knowledge (SNARKs), a new family of cryptographic methods, computer failures can be detected reliably such that fewer redundant computer units are required. The proof-of-concept was presented at the Digital Avionics Conference (DASC):
https://doi.org/10.1109/DASC58513.2023.10311290
However, there is a big challenge: The additional computing power required for the cryptographic operations is huge and a major obstacle for a practical application. We could reduce the computational overhead significantly by selecting compatible cryptographic building blocks and by carefully applying manual optimizations: Using a demonstrator of a simplified pitch control system (see image), the team led by PhD student Johannes Reinhart was able to achieve a control loop frequency of 25Hz (compared to 10Hz previously). Among other things, the SNARK circuit for signature verification was improved by using a compatible hash function called Poseidon and implementing more efficient SNARK-compatible operations for elliptical curves.
