4. The approach to carrying out the 'equivalent backup' measures in the civil aviation industry

I. Background

Recent civil aviation network security incidents have occurred frequently, issues such as theCivil aviation airports, especially large and medium-sized airports, must take immediate steps to establish equivalent operation backup systems., civil aviation units have carried out research and deployment work on the relevant measures of 'equivalent backup' in accordance with the relevant requirements of the civil aviation administration.

Through the analysis of previous civil aviation network security incidents, it was found that:Network line problems, malicious software, human errors, application bugs, and hacker attacks are the main reasons for civil aviation network security incidents., information security and the continuity of information system services are two essential requirements of network security. The relevant measures of 'equivalent backup' should be studied and deployed from the perspective of network security.

Second, the current situation of civil aviation information system backup measures

The civil aviation industry has always attached great importance to the reliability of information systems,One of the core systems of civil aviation - the departure system adopts the architecture of headquarters + local deployment., which fully demonstrates the importance of system backup work. The main backup measures currently adopted by civil aviation mainly include:

Network link backup: The Internet link (dedicated line) adopts two or more different operators

Network device backup: The core network adopts the method of dual-machine hot backup or load balancing.

Host backup: Adopt the method of dual-machine hot backup or load balancing.

Application backup: Adopt the method of hot backup software.

Data backup: Adopt the method of backup storage devices (disk array).

Power backup: Adopt dual power supply and equip with dual UPS.

With the extensive application of cloud platforms in civil aviation airports, many airports have established private clouds, even public clouds. Most of the backup measures for cloud platforms have adopted the self-backup mechanism of the cloud platform itself. When the main system fails, it is automatically shifted to the backup cloud platform through 'drift' technology, and the backup cloud platform and the main cloud platform are not deployed on the same physical host.

Three, the existing problems of civil aviation backup measures

1. Some civil aviation units have not implemented the most basic backup measures, such as the power backup measures and network link measures do not meet the requirements.

2. The effectiveness of the existing backup measures has not been strictly evaluated, and it cannot be guaranteed that the real effect of the backup is achieved.

3. The existing backup measures only start from reliability, without considering the situation that the backup measures cannot be defended against when attacked by network attacks or malicious code attacks. (The consistency of the master and backup is consistent, and there is no difference for hackers or viruses).

4. The backup measures and backup recovery technical capabilities of the cloud platform are insufficient.

5. The backup measures have not been regularly exercised for emergencies, and the staff's proficiency in backup recovery measures is insufficient.

6. The 'equivalent backup' measures have not been strictly considered from the perspective of business continuity.

4. The approach to carrying out the 'equivalent backup' measures in the civil aviation industry

Through the analysis of the current situation of civil aviation units, the following suggestions are made for the work of 'equivalent backup' carried out by the civil aviation industry:

1. Further clarify the requirements for the indicators of business continuity guarantee in the civil aviation industry.

2. Sort out the business systems of the unit, and clarify the scope and requirements for the core business systems.

3. Evaluate the existing backup measures of the unit, assess the effectiveness of the existing backup measures and whether they meet the safeguard requirements.

4. Based on the current situation of the unit, formulate a plan for 'equivalent backup', fully considering the cost issue, actively utilizing existing basic conditions to achieve 'equivalent backup'.

5. Strengthen emergency disaster recovery management and personnel capability enhancement, regularly carry out emergency drills and system primary-secondary switching work.

V. Technical Approach

According to the Civil Aviation Administration's regulations on 'backup systems for airport operations,It must be based on equivalence.Even if the efficiency is reduced, it is only a slight reduction in efficiency. The requirement for 'equivalent backup' is to take effect in an extremely short time, according to this requirement,Backups need to be performed in terms of power supply, network transmission, network architecture, hosts, applications, and data.

In terms of power supply: the data center should adopt dual-power supply, use dual-power UPS, and network equipment and hosts should use dual power sources (at present, most units have not fully realized this).

In terms of internet links: links from two or more operators should be adopted, and different physical paths should be used in cabling.

In terms of network equipment: dual-active backup or load balancing technology should be adopted to ensure the reliability of the network link (especially the configuration issue of dual-active backup strategy for network equipment). At the same time, jump lines and other measures should be reserved between key network nodes to ensure direct connections between important systems or equipment under necessary conditions, ensuring the continuity of business.

In terms of host systems: dual-active backup or load balancing technology should be adopted, and it is recommended to use load balancing technology because it can not only achieve backup of multiple hosts but also dynamically adjust host resources.

In terms of data: it is recommended to adopt dual-active backup technology and use backup disk arrays for data backup.

The above backup plan is mainly a local backup plan. For some airport groups or large and medium-sized airports, it is also possible to adopt a remote backup method.

Remote backup mainly includes synchronous backup and asynchronous backup, which mainly realize the backup of the system remotely. Currently, mirror technology is mainly used. Synchronous backup is expensive, but the recovery time is short; asynchronous backup can perform backups according to the set time, and during system recovery, there may be cases where some data or states are incomplete.

For cloud platform backups, on the one hand, it is necessary to establish a backup cloud platform, and on the other hand, strengthen the setting and management of the backup mechanism of the cloud platform itself to ensure the effectiveness of backup measures (which have high operation costs and technical difficulties). For systems deployed on public clouds, evaluate the cloud platform that provides services to determine whether it has system backup functions, system migration capabilities, and other safeguard measures.

At the same time, it is recommended that the backup system should adopt a heterogeneous approach with the main system to avoid the failure of backup measures due to the same equipment failures, vulnerabilities, and bugs.

In short, regardless of which backup measure is taken,It is necessary to implement management systems strictly.Strengthen personnel training to enhance emergency response capabilities; strengthen emergency drill work to better play the role of backup and ensure the safe operation of civil aviation business systems.