How can ATM become cyber safe

Shayne Campbell, CANSO Safety Programme Manager, explores the importance of improving cyber security in air traffic management (ATM).

The trend in ATM is towards increased sharing of information and the creation of a common situational awareness for a wide spectrum of aviation stakeholders. While this enhances the efficiency of operations and raises productivity, it also increases the potential for cyber-attack. Together CANSO members are working to address this, and create common principles and approaches to keep ATM cyber safe.

As the ATM industry continues to enhance data sharing capabilities, the potential vulnerabilities are an important consideration. Current and next-generation systems, like NextGen and SESAR, demand more information sharing through increased use of commercially available information technology, shared network and computing infrastructures, and network-centric architectures and operations. While this has a myriad of benefits, we also need to take steps to ensure the system is secure and risks are managed.

While technology is a great enabler, increased use of information technology means greater exposure to cyber-attack, which could in turn disrupt flows of information, compromise data integrity, or in some cases mean the loss of sensitive information. In ATM, such security compromises can disrupt service provision, undermine safety, and cause reputational damage as well other types of impact, such as financial and regulatory compliance.

Securing future systems

The performance of the future ATM system relies on a high level of security across the whole aviation industry. We can do this by not only ensuring ATM infrastructure is itself resilient to attack, but also that the system will provide information that can be used by other organisations to act and protect air transport and the aviation system as a whole.

To support this, CANSO has launched the CANSO Standard of Excellence (SoE) in Cybersecurity, which helps ANSPs assess, develop and improve their cybersecurity in order to provide safe and resilient air navigation services.

The standard has been developed jointly with ANSP and industry experts and highlights the critical elements of effective cybersecurity. It also enables ANSPs to measure their cybersecurity maturity, as well as their suppliers and facilitates a harmonised approach across ATM and the wide aviation industry.

Having this level of understanding and information is vital in securing our systems and remaining a robust aviation partner, and I encourage the industry to make use of this valuable best practice. As the industry recovers and more traffic takes to the skies we need to ensure we are doing this efficiently and safely; optimising technology but securing our systems. Ultimately, the safety community must always stay one step ahead, and by working together and sharing knowledge and expertise such as this, we will build a strong and safe industry both now and in the future.

The CANSO Standard of Excellence (SoE) in Cybersecurity is available in the CANSO publications library. To find out more about CANSO’s safety initiatives, get in touch via safety@canso.org.