Cyber security in Air Traffic Management, contribution from Luxembourg
In order to ensure the highest standard of safety and security within Luxembourg’s civil aviation, one of the missions of the Luxembourg Directorate of Civil Aviation (hereinafter “DAC”) is to conduct audits in all the domains under its field of competence.
The Air Traffic Management/Air Navigation Service (ATM/ANS) Department of the DAC exercises its mission of predilection in close collaboration with the Air Navigation Administration (hereinafter “ANA”) which is one of the air navigation service providers of Luxembourg.
The ANA is responsible for the management and operation of several units of Luxembourg Airport, the only commercial airport in the country. Within its competence of air traffic control, the ANA has become aware of its vulnerability in cyberattacks.
To safely support the continued growth of air traffic, the Luxembourg aeronautical sector must inevitably rely on new information and communication technology systems to facilitate the rising movement of aircraft and passengers . Fact is that these yearly increases mechanically amplify the rate of exposure to “cyberattack” type of threats.
To deal with this menace, a new IT network of ANA’s operational services has been installed as part of its ambition to renovate its systems. Pending the entry into service of this new network, risk management appears to be an efficient way to deal with potential cyberattacks. In fact, a basic protection of the IT systems has proved to be no longer sufficient. It must be assumed that such attacks are likely to occur and all parties involved must be able to respond to them as swiftly as possible. Concretely, this translates into being resilient to cyberattacks while ensuring the continued performance of the vital functions of the domain of civil aviation in case of an attack to a system.
As part of its continuous supervisory role, the DAC therefore decided to audit the said IT network and solicited the competent services at European level with EUROCONTROL.
Consequently, the European Air Traffic Management Computer Emergency Response Team (EATM-CERT), which provides services of common interest to the ATM stakeholders of EUROCONTROL Member States, was contracted by the DAC in view of the implementation of the new network.
The EATM-CERT’s mission is to support ATM stakeholders in their quest to protect themselves against cyber threats that could impact the confidentiality, integrity and availability of their operational IT assets and data. The team provides Stakeholders of EUROCONTROL Member States with the following services:
- provides proactive cyber-security services first within EUROCONTROL and on a voluntary basis progressively to EUROCONTROL Stakeholders (ANSPs and Airport Operators);
- collects, generates and distributes ATM relevant cyber intelligence within EUROCONTROL and on a voluntary basis to EUROCONTROL Stakeholders (ANSPs and Airport Operators);
- coordinates pan-European ATM response to ATM relevant cyber-security alerts/incidents on a voluntary basis (including support to EACCC);
- conducts common procurement of cyber services (intel, feeds, leaks, …) for the community (ANSPs, AOs)
- supports National CERTs to fulfil their role as per NIS Directive for ATM related OES (Operators of Essential Services).
- In order to provide these services, the EUROCONTROL team has to collaborate closely with national and international ATM stakeholders, ATM manufacturers, sectorial/national CERT’s and CSIRT’s, the European Aviation Safety Agency (EASA) and the European Center for Cyber Security in Aviation (ECCSA), among others.
Regarding Luxembourg, such collaboration was carried out in 3 parts:
- Before the installation of the new network, EUROCONTROL performed an in-depth study on the synoptic plans of the future installations in close collaboration with Luxembourg’s ANSP. The "Design Review" as well as the "Transition Plan" were studied with great attention and guidelines were suggested not only to better protect the new network but also to make sure it is allocated to the field of ATM exclusively.
- The second part of the collaboration took place during the so-called “pre-production test”, where safety and security objectives / requirements were defined by EUROCONTROL. Safety objectives thus set forth derived from the safety assessment of the services impacted by the new architecture while the Security requirements derived from the security risk assessment of the services impacted by the new architecture. These safety and security objectives / requirements helped EUROCONTROL to better judge how the new network could support ANA in the most adequate way.
- The last part of the collaboration consisted in “on-site inspections” of the ANSP which highlighted very satisfactory results, thus allowing the operational conditioning of the new network within the best possible environment.
Cyber security is a complex domain requiring knowledge in many areas such as, in Luxembourg’s case, security, IT or ATM.
This collaboration has demonstrated that, together, we are able to meet all regulatory requirements while maintaining a high level of safety for all aviation users.