AIN is developing a 14-part series of articles, infographics and videos that speak to Tomorrow's Aviation Challenges. Sponsored by Honeywell Aerospace. Learn more. .
As cybersecurity in air traffic management (ATM) becomes more of a priority, companies and regulators are increasing their focus on technological solutions, notably potential applications of artificial intelligence (AI) and blockchain.
Cyber for ATM was a major focus of Cybertech Europe, a cybersecurity conference in Rome in late September. The conference heard from a number of senior figures in international ATM cybersecurity, including Patrick Mana, manager of the European Air Traffic Management Computer Emergency Response Team (EATM-CERT) and cybersecurity cell manager at Eurocontrol.
The cyber threats to aviation take numerous forms, said Mana. First, state-sponsored attacks pose a real and significant threat, he said. Second, aviation and ATM are targets of cyber crime, both directly (with criminals seeking to steal information or money) and indirectly (when the criminals attack systems without realizing they are part of an ATM solution). Third, he pointed to the threat from "hacktivists," actors who use their cyber activities to convey political or other types of messages. There have been examples of hacktivists accessing flight information screens to transmit messages, he said, which may not be connected to aviation.
The scale of the threat means it is no longer truly possible to be completely cyber-secure, Mana said. The real goal should be “cyber-resilience,” focusing both on defending against attacks and quickly reacting should such an attack succeed.
“We are assuming that things will happen,” he said. Taking this viewpoint could help ensure that attacks create less significant interruptions to services for shorter periods of time, he added.
There is a particular requirement in aviation for various stakeholders to collaborate, given the ubiquitous nature of the threat, Mana said. Eurocontrol aims to work closely with authorities like the European Union Aviation Safety Agency (EASA), national agencies and industry. This collaboration will be particularly important in building cyber threat intelligence, Mana said.
Italy’s Leonardo is working to boost cybersecurity in ATM in several ways, said Giuliano d’Auria, from the chief technical office of the company’s electronics division's traffic-control systems business unit. He also emphasized the need for systems that bolster resilience over security, particularly given the evolving nature of the cyber threat. “We should be developing systems which are able to deal with the after-effects of an attack,” he said.
D’Auria stressed the need for “security by configuration” where cybersecurity solutions are “tailored for the ATM environment and specifically for the actual operational environment.” Industry must continually reassess the technologies available for cybersecurity in the ATM domain, he said, pointing in particular to the potential applications of AI and blockchain.
AI is particularly useful in navigating the vast amounts of data now available in ATM, D’Auria said. AI enables operators “to display the right information at the right time to the right person,” he said, while also allowing for early warning and predictive functions. Leonardo is applying this to the ATM domain through several projects, he said, including its Decision Support System, an architecture that uses the company’s security operations centers (SOCs), software tools and other capabilities to help users analyze and predict potential cyber threats.
Blockchain is especially relevant for cybersecurity in ATM, D’Auria said, as the development of secure ledgers of information produces “a new trust paradigm.” For example, he said Leonardo is working on “blockchain-enforced integrated access control” for use in ATM; this would require operators to register their presence, both physically (when entering a controlled environment, for instance) and virtually.
Additionally, Leonardo is developing a blockchain-based system for unmanned traffic management (UTM) that would require operators and drones to register on blockchain, enabling a web of “smart contracts” between registered devices. This could be used to grant a drone permission to enter a certain area of airspace, for example, or to assure operators that their data is being transmitted securely. This technology could also be applied to ATM more broadly, he added.
“Exchange of data is a key feature of ATM, and if we are able to certify this exchange of data, clearly we’re going a long way towards this journey for cybersecurity,” D’Auria said.
ATM is not unique in terms of the cyber challenges it faces, but deals with particularly large degrees of risk, said Amir Rapaport, the founder and organizer of Cybertech. Speaking with AIN, he noted that even a small attack on an airport could lead to thousands of flights being grounded and the loss of potentially millions of dollars. In this regard, aviation is similar to Fintech, he said.
“The uniqueness is the high risk, not specifically the complexity of the threats,” he warned.