Autor: CCAA

Lack of data leaves ATM in the dark on cybersecurity vulnerability

“Is cybersecurity actually an issue for ATM?” Brenner asked. “The truth is that we in the ATM world don’t really know because there is no common platform to exchange information on cyberattacks

A lack of relevant data is hindering efforts to determine and address the level of the air traffic management system’s vulnerability to cyberattacks, Eurocontrol DG Frank Brenner said at the IATA Ops Conference in Copenhagen this week.

“Is cybersecurity actually an issue for ATM?” Brenner asked. “The truth is that we in the ATM world don’t really know because there is no common platform to exchange information on cyberattacks. What we know so far from attacks that are known, where the victims have shared information, is that the volume of attacks is probably limited. But we need to dig further and the lack of data is not helping us in our analysis.”

Brenner said the apparent limited impact on the ATM system at the moment could be “a lot to do with the way our ATM system is currently structured.” He pointed out that legacy ATM systems are individual systems installed in each ATC center and are quite isolated.

“But that will not be the case in the future,” he said. “We will all be sharing data under ICAO’s System Wide Information Management (SWIM) initiative, which is digitalized and data driven. So the hardware will no longer be sitting isolated in each center and we will rely on data introduced by other ATM systems and providers transported across continent-wide networks and that of course makes us vulnerable. So we need to think about ATM’s vulnerability to cyber threats in the future.”

ATM modernization

Brenner said the huge ATM modernization program—such as FAA’s NextGen, the Single European Sky (SES) and Japan’s Collaboration Action for Renovation of Air Transport Systems (CARAT)—currently implemented around the globe presents both a challenge and an opportunity.

Source: ATWOnline.com