FlyNet Project Press Flight NRT Juli 1st 2004
FRA AN/T Andy Schweiger
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 2
Andy Schweiger - CC mobile Technologies
�Lufthansa Service: FlyNet – an exclusive offer
Senator Maier has time to relax and let himself be infotained on his trip from Frankfurt to Tokyo: • See the latest Business News online • Read his corporate e-mails • Browse through the onboard exclusive portal
Time for Infotainment
Various offers through the onboard network and user´s device of joy
Internet Services: • FlyNet Portal • Web Access • VPN Tunneling
Samstag, 24. Januar 2009 Seite 3
Andy Schweiger - CC mobile Technologies
�The Goal: Top Level FlyNet Services
Broadband internet Connectivity
corporate vpn tunelling
onboard portal service
Browser & Client:
• ran by CBB • Based on access to onboard LAN • Adapt any device! • Authentication and billing fully handled through CBB
Client based:
• Standard Tunnel Protocolls are fully supported • PPTP • IPsec (L2TP)
• • • • VPN Rate? Administration? Configuration? QOS?
PAX Client & InSeat:
• Onboard Portal • Exclusive Access (Partners) • Exclusive Offers (Products)
Samstag, 24. Januar 2009 Seite 4
Andy Schweiger - CC mobile Technologies
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 5
Andy Schweiger - CC mobile Technologies
�Online around the globe via Satellit (A/C WAN Interface)
CBB network
VPN
corporate networks
web access
billing
Samstag, 24. Januar 2009 Seite 6
roaming
Andy Schweiger - CC mobile Technologies
�The near goal – easy, seamless Use for Customers...
Samstag, 24. Januar 2009 Seite 7
Andy Schweiger - CC mobile Technologies
�How do you use the service as passenger?
2
1
Open your standard browser
Browse through the FlyNet Portal
• • • •
exclusive for passengers actual information content of partners free of charge
3
Use the Internet Access of Connexion by Boeing
• • • •
unlimited web access surf WWW, Webmail, Chat, etc. VPN passthrough possible fee mandatory
4
Launch your VPN-Tunnel (Client Application)
Samstag, 24. Januar 2009 Seite 8 Andy Schweiger - CC mobile Technologies
• access your corporate network • Send and receive e-mails including attachements • fee mandatory
�All in all – a challenging Multilevel Project
Business Model & Strategy Business Processes Applications IT-Architecture
Politics, Leadership, Behaviour
Samstag, 24. Januar 2009 Seite 9
Andy Schweiger - CC mobile Technologies
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 10
Andy Schweiger - CC mobile Technologies
�Services that Lufthansa Systems provided
Lufthansa Systems IT Services
IT Design & Integration
DLH Server
IT Service Mgt.
OLA´s – SLA´s Operational Procedures Quality Assurance Monitoring & Reporting
A/C Network Specs
Routing Functions Security Audit
Competence Center mobileTechnologies
Samstag, 24. Januar 2009 Seite 11 Andy Schweiger - CC mobile Technologies
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 12
Andy Schweiger - CC mobile Technologies
�Scope of all ALAN Integration Blocks
ALAN
Airport Wireless LAN x CWLU
AINS
TWLU
To Avionics
Cabin Crew Laptops
CINS
CWLU CWLU
Passengers Laptops
HS Satcom
OEM Options
SIU
ANSU
Cabin Crew Laptops
FAP
EGU
Cockpit Crew Laptops
Switch Router Firewall
CNSU
CBB
CTLR Unit
eTES
CES ESR eCFS PAT
n eAVU Data XCVR Router
eAVU Switch
eAVU Switch
eAVU Switch
...
Antenna Subsystem
Samstag, 24. Januar 2009 Seite 13
Andy Schweiger - CC mobile Technologies
�ALAN Scope - Definitions
I CBB ALAN component: This component consists of the CBB Antenna Subsystem (AS), Receive & Transmit Subsystem (RTS) and Control Subsystem (CS). The CBB ALAN component provides the interface to the CBB broadband SATCOM network, which is used for real-time Internet access, data loading/offloading, remote ALAN monitoring, and rebroadcast TV. AINS component :This component consists of the Aircraft Network Server Unit (ANSU), the Server Interface Unit (SIU), and the Terminal Wireless LAN Unit (TWLU). The AINS component manages the TWLU and CWLUs (via the EGU), provides the API for the SIU avionics data, and hosts the AFIS system monitoring and maintenance applications. CINS component :This component consists of the Cabin Network Server Unit (CNSU), the Ethernet Gateway Unit (EGU), and the Cabin Wireless LAN Units (CWLUs). The EGU provides the central ALAN security and firewall, the CNSU hosts DLH specific applications that are available to the passengers and crew. eTES ALAN component: This component is comprised of the IFE network switches (Cable Ethernet Switch (CES) at the headend and eAVU switches at the seats), the Cabin File Server (CFS), Primary Attendant Panel (PAT), and a printer. The eTES ALAN component allows the laptops, connected via RJ45 to the eTES network, and the seat boxes to use browsers to retrieve and view Intranet and Internet web content, and access Corporate/Internet e-mail accounts. OEM Options component: Initially this component consists of a Flight Attendant Panel (FAP), however, a High Speed SATCOM system can be added in the future.
Samstag, 24. Januar 2009 Seite 14 Andy Schweiger - CC mobile Technologies
I
I
I
I
�Portal Content Delivery and Allocation of Updates
WWW
Samstag, 24. Januar 2009 Seite 15
Andy Schweiger - CC mobile Technologies
�Onboard Portal Logic - Overview
http requests Content Storage aircraft FlyNet Portal Services HTML
End User Devices
Content Partner A
Page Generator
Content Partner B
Application Engine Web Server
Content Partner C
Content Partner D
OS Source Portal Host ground
Samstag, 24. Januar 2009 Seite 16 Andy Schweiger - CC mobile Technologies
Content Database
Content Partner E
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 17
Andy Schweiger - CC mobile Technologies
�Long Ways – remote Routes to go!
SatCom Updates
airborne
Operating Center CBB
Gatelink Updates
on ground
Samstag, 24. Januar 2009 Seite 18 Andy Schweiger - CC mobile Technologies
Airport Network
Editor Center Portal
�IT Service Procedures we took care off
Deployment on a/c Fleet │ Update │ Backup │ Transactions │ Configuration │ Maintenance │ Fault Recovery │ Security │ Adminstration │ Airworthiness Audit │ Reporting │ Remote Tasking
Satellitenantenne
on ground NOC
Samstag, 24. Januar 2009 Seite 19
Andy Schweiger - CC mobile Technologies
�Overall Integration Scopes for FlyNet Roll Out
CBB System/ Service Integration CBB Lead RC Support DLH Support
Aircraft Integration
Digital Network Integration CBB
SatCom Integration CBB
Cabin Network Integration RC Lead CBB Support
Network Management & NCC's CBB
Ground SatCom CBB
CBB Server / Control CBB
Data Centers & Network Services CBB
Satellite Coverage CBB
AFIS RC
Terrestrial Infrastructure CBB
Airborne SatCom CBB
eTES RC
Samstag, 24. Januar 2009 Seite 20
Andy Schweiger - CC mobile Technologies
�Operational Support Structure – Scenario
steps to be done Responsibilitie execution units
requirements
SLA
OLA
• exchange the defect hardware • load configuration • load correct version of updates • perform operation
• LHT • LHT • LHT • LHT • LSY • LSY • LSY
functions
a/c maintenance
troubleshooting
Samstag, 24. Januar 2009 Seite 21
Andy Schweiger - CC mobile Technologies
�Applied Innovation Life-Cycle for avionic IT
וDesign & concept וEngineering וPrototype Implementation
וAutomization וModularization וImplementation Packages וRoutine Optimization וFunction Improvement וCertification Path
Documented & aaproved concepts
Knowledge Sharing & Development Test Environment & Lab Capacity
Line Maintenance Compliance Aircraft modules (747-400, A340-600, etc.) Software Load & X-Change Procedures
Operational Excellence Quality Assurance Maintainability & Legalization
Samstag, 24. Januar 2009 Seite 22
Andy Schweiger - CC mobile Technologies
�Overview – Service Relationships
Broadband Access Vendors A/C Hardware Vendors
Connexion by Boeing
Rockwell Collins
Standards & Service Partners*
ITIL ARINC
Suplliers of CBB
Diverse Suppliers
Lufthansa as customer
A/C network onboard incl. SLA´s & OLA´s High speed web access Trustworthy and reliable services for end user Billing and clearing Engineering know how & development of solutions Other available services with (e.g. IFE)
Boeing/CBB digital networks Lufthansa Technik Lufthansa Systems *(Delivery of SLA´s and OLA´s)
Samstag, 24. Januar 2009 Seite 23
Andy Schweiger - CC mobile Technologies
�Agenda
Introduction
FlyNet – Service, Goals, Project Scope
The Role of Lufthansa Systems IT Design and System Integration IT Service Management IT Security Audit
Samstag, 24. Januar 2009 Seite 24
Andy Schweiger - CC mobile Technologies
�Security Impact through open Standard Connectivity onboard
3rd Party Data Providers
INTERNET
Data Server Firewall Firewall Data Server Firewall Data Server Firewall Data Server Firewall Multiple VPNs Firewall
Airborne Network Provider
Aircraft Network
Data Server VPN VPN Server Data
WAN
Firewall
Data Data Server Data Server Server
Airline Data Providers
Firewall LAN Firewall
Data Server Data Server Mainframe Server Data Server
Data Laptop Data Laptop
Samstag, 24. Januar 2009 Seite 25
Andy Schweiger - CC mobile Technologies
�Basic Assumptions for Security Audit
I Passenger Threat Model I Flight Crew Connectivity (hom much control of the system will be allowed – who is allowed to do what and within what specific flight modes) I Remote Access Hazards to the Aircraft I Maintenance Staff Hazards I Client Device Attacks I Server Attacks (Bastion Host, DOS, Session Hijacking, etc.)
Result?
LSY design proves stable security!
Samstag, 24. Januar 2009 Seite 26
Andy Schweiger - CC mobile Technologies
�Thank You!
Your time Your Interest ;-)
Andy Schweiger Manager +49-69-69682957 +49-172-4225475 andy.schweiger@lhsystems.com
Competence Center mobile Technologies Lufthansa Systems Infratec GmbH FAC Turm A.6 60546 Frankfurt
Samstag, 24. Januar 2009 Seite 27 Andy Schweiger - CC mobile Technologies
�The bright Future: Seamless Mobile Access
SkyMobility
AutoMobility
RailMobility
Samstag, 24. Januar 2009 Seite 28
Andy Schweiger - CC mobile Technologies
�