Several Ethernet-based network protocols are used in avionic networks, this includes ordinary Ethernet according to IEEE 802.3, ARINC 664 communication and time-triggered communication according to the SAE AS6802A standard. Each of these three network protocols has its use case, as they have different strengths and weaknesses. It is therefore likely that these three traffic classes also have different security strengths and weaknesses. The aim of this work was to determine and compare the security strengths and weaknesses of these protocols. Based on these findings, technical measures were developed to improve their security. In this paper, STRIDE was used as a threat modeling method to identify security threats and weaknesses. Data flow diagrams were created for each of the three network protocols to model the system. A total of 45 threats have been identified, these can be broken down into 33 threats affecting standard IEEE 802.3 Ethernet networks, 26 threats for ARINC 664 networks and 37 threats for time-triggered AS6802A networks. 27 of the identified security threats and weaknesses can be mitigated by the eleven security measures that have been proposed in this paper.
