As the costs of fuel and maintenance increase and regulations on weight and environmental impact tighten, there is an increasing push to transition on-board aircraft networks to wireless, reducing weight, fuel, maintenance time, and pollution. We outline a candidate short-range hybrid wired/wireless network for aircraft on-board communications using the common ZigBee protocol and privacy-preserving search implemented as a secure publish/subscribe system using specially coded meta-data. Formally specifying safety and security properties and modeling the network in NUXMV enables verification and fault analysis via model checking and lays the groundwork for future certification avenues. We report on our experiments building and testing our candidate hybrid network and report on overhead and availability for encrypted and fault-tolerant communications, and propose a system that allows system designers to directly trade fault-tolerance for bandwidth, or vice-versa, in an encrypted privacy-preserving framework.