SkyRadar Blog | Radar Training Systems Online Radars - SkyRadar

The ICAO's Aviation Cybersecurity Strategy & ATSEP Qualification

Written by Dawn M. Turner | Mar 17, 2021

Cyber threats continue to grow exponentially around the globe. By 2022, Cisco estimates that 1 trillion networked sensors will be embedded in devices globally, and that number is expected to swell to 45 trillion within 20 years. It is no wonder that there is a grave concern as these threats are no longer limited to targeting computers, corporate networks, or smartphones.

As technology has evolved, cybercriminals have set their sights on anything and everything with a heartbeat or electronic pulse, including air transportation, railways, automobiles, power grids, with little regard for human consequences.

In response to the possibilities of incalculable malice, the International Civil Aviation Organization (ICAO) introduced its Aviation Cybersecurity Strategy in October 2019.

Vision for a Global Aviation Cybersecurity Strategy

The civil aviation sector relies on information and communications systems and the integrity and confidentiality of data. Cyber threats continue to evolve, focusing on disrupting operations, malicious intents, and stealing information for political or financial gains. Based on the nature of cybersecurity and the scope that cyber-attacks can affect, it is crucial for ICAO and its members to create a common vision and define a global strategy for aviation cybersecurity.

This can be accomplished by:

  • Member States accepting their obligation to consider cybersecurity to ensure the safety, security, and continuity of civil aviation.
  • Coordinating aviation cybersecurity among State authorities for global management of cybersecurity risks effectively and efficiently.
  • A commitment by all civil aviation stakeholders to develop cyber resilience to protect against cyber-attacks that jeopardize the security, safety, and continuity of the air transport system.

ICAO's Aviation Cybersecurity Strategy’s goals will be achieved in accordance with a framework built on seven pillars.

Pillar #1 - International Cooperation

Cooperation is needed at both the national and international levels to develop, maintain, and improve cybersecurity to protect the civil aviation sector from all cyber threats. Therefore, aviation cybersecurity must be harmonized at global, regional, and national levels to promote global coherence. ICAO is the correct global forum to engage States in addressing cybersecurity.

Pillar #2 – Governance

ICAO Member States are encouraged to support the ICAO Aviation Cybersecurity Strategy and develop clear governance and accountability for their cybersecurity. Each is encouraged to integrate cybersecurity into their national security and safety programs. In turn, ICAO should work toward a common baseline for cybersecurity Standards and Recommended Practices (SARPs).

Pillar #3 – Effective Legislation and Regulations

The principal goal of legislation and regulation on cybersecurity for civil aviation is to protect civil aviation and travelers from harm due to cyberattacks. Member States are responsible for formulating applying appropriate legislations and regulations according to ICAO provisions before implementing their national cybersecurity policies for civil aviation.

Pillar #4 – Cybersecurity Policy

The Member States must include cybersecurity in their aviation security and safety oversight systems as a part of their framework for comprehensive risk management. As well as incorporating systems and processes for monitoring relevant cybersecurity data, cybersecurity policies may include such elements as:

  • Cybersecurity culture
  • Data integrity
  • Promotion of security by design
  • Appropriate access control
  • Supply chain security for software and hardware
  • Proactive vulnerability management
  • Improved agility with security updates without compromise to safety

Pillar #5 – Information Sharing

Because the civil aviation sector is a globally interdependent system using many common systems, a cyberattack can quickly spread and have a global impact. Information sharing allows for the prevention, early detection, and mitigation of cybersecurity events before they spread and threaten aviation safety or security. Having a culture of information sharing works to significantly reduce systemic cyber risk across the entire aviation sector to improve safety and security.

Pillar #6 – Incident Management and Emergency Planning

There is a need for appropriate and scalable plans to provide continuity of air transport during cyber incidents. The Aviation Cybersecurity Strategy recommends that the Member States and the aviation sector continue to use their existing contingency plans and amend them to include provisions for cybersecurity. It is highly encouraged that cybersecurity exercises are conducted to stress test current cyber resilience to identify areas where improvements are needed.

Pillar #7 – Capacity Building, Training, and Cybersecurity Culture

The core of cybersecurity is the human element. The civil aviation sector must take tangible steps to increase the number of personnel that are both qualified and knowledgeable in cybersecurity and aviation. This can be accomplished by increasing the need for cybersecurity as well as education, recruitment, and training. Innovative ways to merge and crosslink information technology and cyber career paths with aviation careers are critical to developing the skills needed for cybersecurity in the civil aviation sector.

SkyRadar provides Cyber-Security Training Infrastructures for ATSEP & AVSEC Qualification

Since 2018, SkyRadar has been providing cyber-security training infrastructures in the fields of aviation security and ATSEP.

The ATSEP training infrastructure is built around a typical modern ATM setting, including:

  • Surveillance Data Handling System connected to an ADS-B Antenna and a training radar
  • Flight Data Server with external Flight Data API
  • Surveillance data displays

The solution is modular and can vary between a small set-up and a complete operational ATM system with consoles, voice communication system and simulated inputs.

The security features include

  • Firewall(s)
  • SSL/TLS and a Public Key Infrastructure PKI
  • Certification Authority (CA)
  • Digital Signatures / Certificates
  • Software Integrity Control
  • Vulnerability Tests
  • (Smart Cards)

The ATSEP will learn to

  • understand the architecture,
  • discover and localize attacks or successful intrusion
  • fix a depreciated or compromised system within the shortest possible downtime, following ANSP processes.

Talk to us for more information.

References