Zero Trust Approaches for Aviation Systems

Login Register Now

U.S. Army’s 2025 ACI Cyber Rodeo – Session-Level Agenda

Opening Session

time icon10/14/2025 08:00 am

Networking, Housekeeping, & Connectivity

Time will be given for attendees to arrive/connect, get settled, and for any issues to be troubleshot. Coffee and light refreshments will be provided.

speaker headshot

Jasmine Savage

time icon10/14/2025 08:30 am

Opening Remarks

UAH and Army leadership will introduce the event and discuss the significance and impact of the cybersecurity work being done at both UAH and Redstone Arsenal.

speaker headshot

Dr. Charles L. Karr
UAH

speaker headshot

Mr. John Van Houten
Army PEO Aviation

time icon10/14/2025 09:00 am

Agenda and Event Overview

ACI Army leadership will provide an overview of this Army ACI Rodeo event.
speaker headshot

Barnett Thomas C (Tom)

time icon10/14/2025 09:15 am

Zero Trust Overview

US Army APEO E&A leadership will give an overview of Zero Trust and its impact to all current and future Army Aviation platforms.
speaker headshot

Barnett Thomas C (Tom)

time icon10/14/2025 10:00 am

Open Avionic Platform Security Architecture

Platform and data protection features in real-time systems are often intrusive and highly customized, creating significant technical and programmatic risks. Current MOSA standards focus on mission-application functional interfaces, leaving cyber integration challenges underemphasized. This presentation highlights key challenges to cyber integration on avionic systems and promotes technical benefits of platform software architecture properties and features for consideration in future industry standards and platform acquisition requirements.
speaker headshot

Will Keegan
Lynx

time icon10/14/2025 10:40 am

Zero Trust Threat Monitoring Technologies

The Army’s industry partner, DESE Research, Inc., will present and demonstrate a suite of security capabilities that can monitor, attest, and recover a compromised LRU within an aviation platform.
speaker headshot

Franklin Trey

time icon10/14/2025 11:30 am

Helios Cyber Secure Processor

The Army’s industry partner, Idaho Scientific, will present and demonstrate the Helios Cyber Secure Processor, a groundbreaking secure processor that utilizes novel techniques to prevent 46% of known cyber attacks without requiring software re-architecture. Helios's hardware-based crypto engine provides positive control, confidentiality, and anti-tamper protection through just-in-time decryption and authentication, making it ideal for FPGA and ASIC implementations in high-security environments.

speaker headshot

Andrew Nelson
Idaho Scientific

time icon10/14/2025 09:45 am

Session Break

time icon10/14/2025 12:00 am

Hosted Lunch & Virtual Exhibit Hall Hours

Device, Applications, and Workloads Session

time icon10/14/2025 01:00 pm

Session Introduction

Session organizers will introduce the session and provide an overview of what will be shown.
time icon10/14/2025 01:05 pm

Is your Aviation System as Safe as its “Memory Safe” Language?

Dr. Hood examines the push for “memory safe” programming languages and highlights their limitations in complex systems like aviation and missile platforms. He also offers guidance on designing custom Zero Trust Architectures (ZTAs) that incorporate memory safety measures, with enforcement policies tailored at the program level.
speaker headshot

Dr. Jonathan Hood
COLSA

time icon10/14/2025 01:40 pm

Secure Compiler Extension for C/C++

Martin Cox is a Senior DevSecOps Scientist with a background in cyber security and security compliance. They will present how prevalent memory errors are in C/C++, how current tooling is insufficient to prevent these errors, and how SCE is currently solving these issues.
speaker headshot

Martin Cox
DESE Research, Inc.

time icon10/14/2025 02:15 pm

Automated Vulnerability Prediction

The Army's industry partner, DESE Research, Inc., will present and demonstrate Automated Vulnerability Prediction (AVP), a Machine Learning-based static analysis tool that aims to automatically detect vulnerabilities in source code. This technology massively expedites code analysis by identifying code smells, reducing manpower requirements and analysis time for large source code directories.
speaker headshot

Cameron White
DESE Research, Inc.

time icon10/14/2025 03:05 pm

Hardware Introspection Methodologies

The Army’s industry partner, DESE Research, Inc., will present applications, developments, and discoveries behind introspection of system memory by hardware logic, and how such an implementation differs in contrast to software/virtual memory introspection methodologies
speaker headshot

Corwin Warner
DESE Research, Inc.

time icon10/14/2025 03:40 pm

Zero Trust Supply Chain for Critical Electronics

Global chip shortages and opaque supply chains have heightened safety and security risks in electronics, as vulnerabilities can be introduced by upstream suppliers beyond immediate oversight. This presentation introduces a novel approach to cybersecurity supply chain management using RF-based characterization to implement Zero Trust principles for electronic components and assemblies to enhance the integrity of electronic systems.
speaker headshot

Sebastian Fischmeister
Palitronica

time icon10/14/2025 04:15 pm

MITRE Resilient Cyber Aerospace Testbed Capabilities Overview

MITRE’s Resilient Cyber Aerospace Testbed (RCAT) Lab provides a collaborative cyber/avionics testbed for platform research shared across government agencies, industry, and academia. Hosting several capabilities including configurable cockpit simulators, subsystem test-benches, and a light sport commercial aircraft for testing, the RCAT lab provides an environment for developing and testing mission resilience capabilities.
speaker headshot

Keith E. Miller
MITRE

time icon10/14/2025 05:00 pm

Zero Trust Transceivers: Zero Trust Reference Architecture for Weapon Systems

MITRE’s Zero Trust Transceivers (ZTX) architecture is a Zero Trust Reference Architecture designed for Operational Technology (OT) systems and in particular Weapon Systems (WS). ZTX improves mission resiliency through adoption Zero Trust principles and provides methodology for enforcing policies that balance mission, safety, and risk. This briefing will cover an overview of ZTX and a live demonstration of MITRE’s latest ZTX prototype components.
speaker headshot

Keith E. Miller
MITRE

time icon10/14/2025 02:50 pm

Session Break

Network and Environment / Data Session

time icon10/15/2025 08:00 am

Networking, Housekeeping, & Connectivity

Time will be given for attendees to arrive/connect, get settled, and for any issues to be troubleshot. Coffee and light refreshments will be provided.
speaker headshot

Jasmine Savage

time icon10/15/2025 08:30 am

Session Introduction

Session organizers will introduce the session and provide an overview of what will be shown.
speaker headshot

Barnett Thomas C (Tom)

time icon10/15/2025 08:40 am

FORCE Environment

The Army’s industry partner, Applied Research Solutions, will provide an introduction to the FORCE platform and discuss how it both implements zero-trust and can support programs in zero-trust evaluation.
speaker headshot

Drew Stephenson
Applied Research Solutions

speaker headshot

LaTasha Johnson
CROWS

time icon10/15/2025 09:15 am

TAPO/SIMO Cybersecurity Posture & Strategic Roadmap

This session provides an update on TAPO/SIMO’s cybersecurity efforts, including recent accomplishments and a strategic path forward. We’ll discuss challenges, proposed solutions, and opportunities for program office collaboration in order to protect critical warfighter capabilities.
speaker headshot

Chris Abbott
(TAPO)

speaker headshot

Alan Fiorello Fiorello
(TAPO)

speaker headshot

Joe Morra
(SIMO)

time icon10/15/2025 10:05 am

SBOM Generation and Attack Surface Reduction

The Army’s industry partner, DESE Research, Inc., will present and demonstrate SBOM Generation and Attack Surface Reduction utilizing the Embedded Attack Surface Reduction (EASR) GOTS tool. EASR provides the capability to analyze and automatically remove file- and function-level dependencies in an embedded system and can generate an enriched SBOM with the analysis data.
speaker headshot

Erik MacIntyre
DESE Research, Inc.

time icon10/15/2025 10:40 am

SSCIP

The Army’s industry partner, DESE Research, Inc., will present and demonstrate the Software Supply Chain Illumination Framework (SSCIP). This Army owned application manages a collection of Software Bill of Materials (SBOMs) by providing vulnerability notification and asset management as well as contributor details for open-source dependencies.
speaker headshot

Bill Baker
DESE Research, Inc.

time icon10/15/2025 11:15 am

Tactical Public Key Infrastructure (TPKI) Implementation into an Army Open Systems Verification Demonstration (OSVD) Event

This presentation highlights the integration of Public Key Infrastructure (PKI) into an Army Aviation system integration lab during PEO Aviation's Open System Verification Demonstration (OSVD) 4 event. It explores how cybersecurity components can be treated similarly to a hardware component in a Modular Open Systems Architecture (MOSA) approach. Key topics include implementation details, test cases, and lessons learned from the event.
speaker headshot

Daniel Colvett
Ph.D., DEVCOM AvMC S3I

speaker headshot

Greg Sweeney
Lockheed Martin

time icon10/15/2025 09:50 am

Session Break

time icon10/14/2025 11:50 am

Hosted Lunch & Virtual Exhibit Hall Hours

]

time icon10/15/2025 02:50 pm

Session Break

Academia and Industry Session

time icon10/15/2025 01:00 pm

Session Introduction

Session organizers will introduce the session and provide an overview of what will be shown.
time icon10/15/2025 01:05 pm

AeroSync Quantum Resiliency

The Armys industry partner, EnQuanta, will present and demonstrate a quantum-resilient cryptography upgrade to the Astronautics AeroSync platform.

speaker headshot

Noel Grover
EnQuanta

time icon10/15/2025 01:40 pm

Astronautics Cybersecurity Analysis Tool

The Armys industry partner, Astronautics, will present and demonstrate a cybersecurity analysis tool designed to support the DO-386 certification process. This tool facilitates modeling and simulation, aids in the development of mitigation strategies for a wide range of cyber vulnerabilities, and serves as a comprehensive system vulnerability analysis solution. It is capable of ingesting Software, Hardware, and Firmware Bills of Materials (SBOMs, HBOMs, and FBOMs) to identify and report known vulnerabilities in commercial off-the-shelf (COTS) software

speaker headshot

Josh Berrian
Astronautics

time icon10/15/2025 02:15 pm

Know Your Network: The Vibrant System

The Armys industry partner, Securboration, will present and demonstrate the Vibrant system. TheVibrant system consists of a flight certified Mil-Spec hardware component that connects to the aircraft on-board data buses (Mil-Std-1553, ARINC-429). All bus data is captured, recorded, and decoded per defined ICDs, for real-time or post-mission analysis. The Vibrant System provides user-defined device health and performance metrics as well as custom visualization and analytics for each platform.

speaker headshot

Tim Kesecker
Securboration

time icon10/15/2025 03:00 pm

Why Traditional Defenses are Not Enough: Exploring Recent, Cutting-Edge Attack Techniques

The University of Alabama in Huntsville will discuss two recent attack techniques, process injection via Return-Oriented Programming (ROP) and automated, universal ASLR bypasses – demonstrating why some common controls (EDR, DEP, ASLR) are insufficient on their own, as attackers often find ways to bypass existing mitigations.
time icon10/15/2025 03:35 pm

First Principles Approach to TRNG Circuits

The University of Alabama in Huntsville will present approaches for entropy generation that are grounded in first principles theory. UAH will also present circuits and theory that support a straightforward understanding of information generated as opposed to a posteri statistical testing.
time icon10/15/2025 04:10 pm

Zero Trust in the Skies: Lessons from Aviation Architectures for DoD Networks

Zero Trust Architecture (ZTA) has become a cornerstone of the Department of Defense’s cybersecurity modernization strategy, with the Networks pillar serving as its foundation. This presentation explores how aviation architectures reflect many ZTA principles. By examining how aircraft networks are structured, why safety system architectures are so resilient, and how flight-critical systems enforce segmentation and redundancy, we reveal striking parallels to Zero Trust concepts such as microsegmentation, least privilege, continuous monitoring, and “assume breach” design. The session will also map aviation lessons across multiple ZTA pillars, providing practical insights for strengthening DoD networks and mission systems

Objective

  1. Increase Interagency, Industry & Academia Research collaboration
  2. Advance aviation industry solutions & mature technology readiness levels to counter cyber risks.
  3. Strengthen aviation cyber capabilities to support operational system trust indicators.
  4. Improve Aviation Cyber Incident Response tools, procedures & best practices.

Contact Information

Please contact
ACI Executive Secretariat at 9-FAA-ACI-Cyber-Rodeo@faa.gov for more information.
Thank you!

FAQFrequently Asked questions


Add Settings
Yes, you’ll need to fill out our registration form to gain access to the event. Please fill in the registration form with some basic information to get started.
The information you provide upon registration will only be used to establish you as a user on the platform and to share the email updates with you.
Yes, the event will be on Teams and you can login from any device / browser or Zoom app.
Yes, this event is completely free to attend.
The event will be on demand for 30 days, however we may make updates and changes to the platform periodically. Make sure to keep checking back in to see our newest features in action!