ENSURING EUROPEAN CIVIL AVIATION CYBERSECURITY

Authors: Sergiy Gnatyuk, Maksim Iavich, Giorgi Iashvili, Andriy Fesenko
Affiliation: National Aviation University, Caucasus University, Taras Shevchenko Kyiv National University

Category:

Keywords: cybersecurity, critical information infrastructure, European civil aviation, complex information security system, critical aviation information system
ABSTRACT. The criticality level of civil aviation (CA) information infrastructure is considerably amplified by high degree of connectivity and interaction between ground and aircraft systems. Malicious interference into mentioned systems puts at threats passengers, crew and ground staff security. Unauthorized access to so-called critical aviation information system (CAIS) is very crucial and it may have serious and tragic consequences. The control aviation security documents declare following requirements to ensure CAIS security against cyberthreats (potential cause of an unwanted incident, which may result in harm to a system, individual or organization – ISO / IEC 27032). Doc 30 declares that measures addressing cyberthreats to CA have been included in the National Civil Aviation Security Programme, the National Quality Control Programme and the National Civil Aviation Security Training Programme. Similar requirements are declared in Annex 17 to Chicago Convention on International Civil Aviation, Doc 8973 as well as in Doc 9985. However, there are still a lot of unsolved problems related to CAIS identifying, its criticality assessment and development of methods to provide its cybersecurity. From this viewpoint in the paper integrated complex approach to provide CA cybersecurity was proposed.

References:

ISO/IEC 27032, Information technology – Security techniques – Guidelines for cybersecurity, 2012, 50 p.
ECAC Policy Statement in the Field of Civil Aviation Security, 13th edition, 2010, 138 p.
Doc 8973, Aviation Security Manual, 10th edition, ICAO, 2017, 808 p.
S. Gnatyuk, Critical Aviation Information Systems Cybersecurity, Meeting Security Challenges Through Data Analytics and Decision Support, NATO Science for Peace and Security Series, D: Information and Communication Security. - IOS Press Ebooks, Vol.47, №3, рр. 308-316, 2016.