Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Aspects in Aviation Sector

1,492 views

Published on

Security has been a big issue for civil aviation for decades. Airports and aircrafts are susceptible targets for terrorist attacks. The list of incidents is extensive and gets longer every year despite strict security measures.

Aviation has become the backbone of our global economy bringing people to business, tourists to vacation destinations and products to markets.

Statistically flying remains the safest mode of travelling compared to other modes of transportation. Yet significant threat continues to exist. Terrorists and criminals continue in their quest to explore new ways of disrupting air transportation and the challenge to secure airports and airline assets remain real. This calls for greater awareness of security concerns in the aviation sector.

“Protecting this system demands a high level of vigilance because a single lapse in aviation security can result in hundreds of deaths, destroy equipment worth hundreds of millions of dollars, and have immeasurable negative impacts on the economy and the public’s confidence in air travel.”
—Gerald L. Dillingham, United States General Accounting Office, in testimony before the Subcommittee on Aviation, Committee on Commerce, Science, and Transportation, U.S. Senate, April 6, 2000.

Published in: Education
  • Be the first to comment

Security Aspects in Aviation Sector

  1. 1. Security Aspects in Aviation Sector By: Sanjeev Kumar Sinha (PMI-PBA) LinkedIn Profile: https://in.linkedin.com/in/sanjeev-sinha-pmi-pba-5a7b392
  2. 2.  Security Aspects in Aviation Sector  Areas for Security  Airport Security • Cyber Attack • Sabotage • IED (Improvised Explosive Devices) & PBIED • Border Security • Traffic of unauthorized materials • Other Threats  Airline Security • Cyber attacks • ACARS Hacking • Hijacking • Cargo Security • Sabotage  Organizations • IATA • ICAO • CERT TableofContents
  3. 3. Security in Aviation Sector
  4. 4. Security in Aviation Sector Introduction Security has been a big issue for civil aviation for decades. Airports and aircrafts are susceptible targets for terrorist attacks. The list of incidents is extensive and gets longer every year despite strict security measures. Aviation has become the backbone of our global economy bringing people to business, tourists to vacation destinations and products to markets. Statistically flying remains the safest mode of travelling compared to other modes of transportation. Yet significant threat continues to exist. Terrorists and criminals continue in their quest to explore new ways of disrupting air transportation and the challenge to secure airports and airline assets remain real. This calls for greater awareness of security concerns in the aviation sector. “Protecting this system demands a high level of vigilance because a single lapse in aviation security can result in hundreds of deaths, destroy equipment worth hundreds of millions of dollars, and have immeasurable negative impacts on the economy and the public’s confidence in air travel.” —Gerald L. Dillingham, United States General Accounting Office, in testimony before the Subcommittee on Aviation, Committee on Commerce, Science, and Transportation, U.S. Senate, April 6, 2000. AIRPORT AIRLINE ICAODIAGRAM IATA CERTINTRO
  5. 5. Areas for Security
  6. 6. Areas for Security in Aviation Sector INTRO AIRPORT AIRLINE ICAOIATA CERTDIAGRAM
  7. 7. Airport Security
  8. 8. Airport Security Airport security refers to the techniques and methods used in protecting passengers, staff and aircraft which use the airports from accidental/malicious harm, crime and other threats. Airport security threats could be the following: Cyber Attack Sabotage Traffic of Unauthorized Materials Improvised Explosives Devices (IED) Other Security Threats Border Security Photo courtesy : redjar/ flickr.com INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  9. 9. o Sabotage o Traffic of Unauthorized Materials o Other Security Threats o Improvised Explosives Devices (IED) o Border Security Airport Security (Contd.) CYBER ATTACK INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  10. 10. GPS Spoofing & Jamming Spoofing - It is an attempt to deceive a GPS receiver by broadcasting counterfeit GPS signals, structured to resemble a set of normal GPS signals, or by rebroadcasting genuine signals captured elsewhere or at a different time. Incident example - In 2009, a truck driver managed to accidentally mess with the navigation systems of New Jersey’s Newark airport as he drove past on a neighbouring highway. Incident example - A "proof-of-concept" attack was successfully performed in June, 2013, when the luxury yacht "White Rose" was misdirected with spoofed GPS signals from Monaco to the island of Rhodes by a group of aerospace engineering students from the Cockrell School of Engineering at the University of Texas in Austin. The students were aboard the yacht, allowing their spoofing equipment to gradually overpower the signal strengths of the actual GPS constellation satellites, altering the course of the yacht. Jamming - knocks out the navigation system entirely. Jammers can disrupt civil aviation systems and emergency service communications. Airport Security (Contd.) Cyber Attack INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  11. 11. ATC hacking Hackers could gain access to communication between aircraft and ATC centres and send false information to mislead pilots or overwhelm controllers with fake aircraft signals. Incident noted in International Civil Aviation Organization’s (ICAO) 12th Air Navigation Conference - An extract from the media in July 2012: “At a recent conference Dr. Andrei Costin gave an unnerving demonstration of weaknesses in the air traffic control systems coming into use. He showed that with just $2000 worth of store-bought electronics an ADS-B beacon could be 'spoofed' to show that a non-existent aircraft was coming in to land. This 'Ghost Plane' presentation was possible because air traffic control systems have no way of verifying where messages are coming from” Airport Security (Contd.) Cyber Attack INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  12. 12. Security threat to Airport Operating Systems Airport infrastructure supports many different operations that are critical for the efficiency and effectiveness of the air transport system making cyber security system implementation essential to protect and control those operations. There have been incidents when cyber criminals, hackers have found opportunity to attack airport systems. For example –  Incident noted in ICAO 12th Air Navigation Conference - Three software engineers were accused of disrupting operations at a new terminal at an airport in June 2011. They worked for a sub-contractor and when they didn’t get a pay rise they sabotaged the program code. Check-in services failed 3 days later, and 50 flights were delayed, causing knock-on delays elsewhere;  Another example would be the attack on Istanbul Atatürk and Sabiha Gökçen airports. In July 2013 the passport control systems at the departure terminals in both of these airports were shutdown by a cyber-attack. Passengers were forced to stand in line for hours, and the majority of flights were delayed. Even though the systems were restored, the damage could be felt for many hours after. Airport Security (Contd.) Cyber Attack INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  13. 13. Security threat to Airport Security System Several potential targets for cyber attacks exist within the realm of internal airport operations:  Access control and perimeter intrusion systems  Radar systems  Ground radar  Network-enabled baggage systems  Wireless and wired network systems  Supervisory Control and Data Acquisition (SCADA)-type ICSs Airports typically rely on SCADA-type industrial control systems for utilities, baggage systems, and business processes such as facility management. Due to their limited or lack of internet access, SCADA-type systems may appear to be more secure, but they too are vulnerable to cyber threats. Airport Security (Contd.) Cyber Attack INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  14. 14. Sabotage in Airport Sabotage attempts in airports is a threat that has had its incidents in the past. For instance in June 2007 two men attempted to drive a Jeep Cherokee carrying propane gas and petrol canisters into Glasgow Airport terminal building and detonate them. More recent sabotage attempt that needs a mention here is, in Sept 2014, when a thirty-six-year-old Brian Howard, a contract employee in Naperville, Illinois started a fire in the basement telecommunications room of the Air Traffic Control Center in the Chicago suburb of Aurora and then attempted suicide. He was charged with destruction of aircraft and aircraft facilities. There is a history of airport sabotage attempts. In Sept. 1978 there was a sabotage attempt in new Tokyo International Airport. Radicals attempted to sabotage by severing cable lines. Nearly 30,00 phone and telex links were paralyzed in three cities because of that. Airport Security (Contd.) Sabotage INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  15. 15. Airport Security (Contd.) Finding IED near airports has been in the news. Apart from landing and taking-off aircrafts, human lives in and around airports would also face significant threat in the eventuality of such IEDs detonating. On July 1, 2015, IED found near Camp Robinson and the North Little Rock Airport in Pulaski County, Arkansas, United States, was in the news. IEDs may also be borne by a person - Person Borne IED. PBIEDs are explosives that are concealed on-person, either under or within clothing, shoes, or other types of personal apparel. Terrorist organizations worldwide continue to develop innovative PBIED that would remain undetected during security checks. PBIEDs are of two types:  Metallic PBIEDs are easier to detect because they can trigger both Walk Through Metal Detectors (WTMD) and Hand Held Metal Detectors (HHMD).  Non-Metallic PBIEDs consist entirely of well disguised non-metallic components (Initiator/Primary) and are more difficult to detect using traditional metal detection instrumentation. Improvised Explosives Devices INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  16. 16. Ensuring Compliance It is essential to ensure that goods crossing borders all over the world comply with global supply chain health and security requirements. Purpose Border Security's purpose is to prevent terrorists and terrorist weapons from entering the country, provide security at ports of entry, apprehend illegal immigrants, stem the flow of illegal drugs, and protect country's agricultural and economic interests from harmful pests and diseases. IATA’s Director General and CEO, Tony Tyler - on Border Security “Airlines fly to hundreds of destinations daily. Programming their systems to adapt to different national requirements places a heavy strain on resources, while making compliance and data accuracy more challenging than they should be. Through harmonization, faster compliance is possible and efficient border management, improved security and enhanced passenger facilitation can all be achieved”. Airport Security (Contd.) Border Security INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  17. 17. Trafficking of unauthorized materials can be of various types: Smuggling of illegal drugs such as cocaine, marijuana, heroine and the like. Smugglers indulging in such activities could be a common man, airport workers, security authorities, aircraft staff, and the like. Incidents like airport workers being accused of smuggling drugs (marijuana ) through security at San Francisco International and Oakland International Airports in a very recent new incident (July 16, 2015 – abc7 news) or arrest of a Transportation Security Administration Screener at Los Angeles International Airport in an alleged drug trafficking scheme on April 25, 2012 (CBS News), are serious concerns. Another recent incident was reported when a man with more than 3 kg of cocaine in his stomach was arrested by Dubai Police on March 29, 2015. Arms Trafficking There has been incidents in the past such as Purulia Arms Drop case on 17 December 1995. Unauthorized arms were dropped from an Antonov An-26 aircraft in Purulia district in the state of West Bengal in India. Airport Security (Contd.) Traffic of Unauthorized Materials INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  18. 18. Other serious threats include –  Ballistic Attacks Against Aircraft Landing or Taking off  CBRN (Chemical, Biological, Radiological & Nuclear Agents). Also sometimes referred as WMD (Weapon of Mass Destruction). Even the threat of a small quantity of such an agent used on a target shall have significant impact  Explosives in and around Airports  Man Portable Air Defence Systems  Incendiary Materials, can be carried in many forms and used to damage property  Taking Hostages in Airport Terminal, an act of terror  Theft of Passenger Properties  Illegal Immigration Airport Security (Contd.) Other threats INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
  19. 19. Airline Security
  20. 20. Airline security refers to the techniques and methods used in protecting passengers, staff and aircrafts which use the airports from accidental/malicious harm, Crime and other threats. Airline security threats could be following: Hijacking Cargo Security ACARS Hacking Cyber Attacks Sabotage Airline Security INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
  21. 21. There is a list of Hijacking incidents since 1930s to up to 2015. This is one very common threat to all airlines. All aviation institutions are highly sensitized to this and make continual effort to prevent them. While it is understood that terrorists and extremists will continue to conjure new ways and means to attempt hijacking, a fool proof and practical process or system to prevent them has not emerged. The most recent hijacking incident was reported on 24 Mar’15 when Germanwings Flight 9525 from Barcelona to Düsseldorf was hijacked by the co-pilot. 30 minutes after take-off Andreas Lubitz locked himself in a cockpit when captain went out for a rest. Then the co-pilot started to descend. Captain tried to communicate with Lubitz, but he didn't reply. After 8 minutes of falling the airplane crashed in the Alps near the French village Prads-Haute-Bléone. There were 16 students and one infant on-board. Airline Security (Contd.) Hijacking INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
  22. 22. The Air Cargo System is vulnerable to several security threats including potential plots to place explosives aboard aircraft; illegal shipments of hazardous materials; criminal activities such as smuggling and theft; and potential hijackings and sabotage by persons with access to aircraft Undetected explosive or incendiary devices placed in air cargo are potential threats to aircraft. Airline Security (Contd.) There have been incidents such as -  The 21 Dec’88 crash of PanAm Flight 103, a Jumbo Jet, over Lockerbie, Scotland that was attributed to an explosive device placed in a baggage container in the forward hold of the aircraft  Investigation of the 23 Jun’85 blowing up of Air India Flight 182 off the coast of Ireland revealed evidence of an explosive device that most likely was introduced in checked baggage and placed in the forward cargo hold  The most notable event involving detonation of an explosive device transported as cargo aboard an airliner was the 15 Nov’79 explosion aboard an American Airlines Boeing 727 that made an emergency landing at Dulles Airport following the incident. Investigation revealed that the explosive device was contained in a parcel shipped by US Mail. Cargo Security INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
  23. 23. More recently, on 29 Oct’10 two packages each containing 300 to 400 gms of plastic explosives with a detonating mechanism were found onboard separate cargo planes. The bombs were discovered as a result of intelligence received from Saudi Arabia's security chief. They were bound from Yemen to the United States, and were discovered at en-route stop-overs, one at East Midlands Airport in the UK and the other at Dubai International Airport. IATA CSTF IATA has set up the Cargo Security Task Force (CSTF) to ensure that the experiences and constraints of the airline industry are considered in the development of effective security regulations. The objective of the Cargo Security Task Force (CSTF) is to provide aviation security regulators with access to, and input from, a globally balanced group of cargo industry experts to ensure that the experiences and constraints of the airline industry are considered in the development of effective security regulations. Airline Security (Contd.) Cargo Security INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
  24. 24. Aircraft Communications Addressing & Report System (ACARS) hacking happens when hackers take over air traffic control transmissions and give pilots bogus orders. They could:  Create a bogus flight plan update  Create bogus weather  Create fake messages from plane to ground At the DefCon Security Conference in Las Vegas, Phil Polstra, Associate Professor of Digital Forensics at Bloomsburg University of Pennsylvania said hackers could access ACARS – a messaging system to send messages to and from the aircraft. It can contain information such as weather, flight plan updates, and maintenance issues. So if someone can access ACARS, faulty messages can be willfully created Incident - Proof of Concept - German researcher Hugo Teso revealed an app that manipulates ACARS that can provide access to the Flight Management System (FMS) of the aircraft. One can communicate with ACARS by hacking the airline’s systems or using a special radio. It is then possible to send instructions to the aircraft such as “turn left” or “gain altitude.” It is also possible to mess with the ADS-B or ADS-A tracking systems. These systems provide real- time aircraft tracking information including altitude, speed, heading and the aircraft's registration. They could potentially jam signals, create fake weather reports, or create "phantom aircrafts" that would make pilots believe that other aircrafts are around them when they actually are not. Airline Security (Contd.) ACARS Hacking INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
  25. 25. Sabotage by way of bomb This is not new to airline security. Attempts have been made a number of times and terrorists/bad elements continue to look for ways and means to breach security. A number of incidents can be mentioned here as an example: The Shoe Bomber In December 2001 a British citizen who had received training from Al Qaeda, attempted to blow up American Airlines Flight 63 from Paris to Miami, using explosives hidden in a bulky shoe. Liquids plot In August 2006 British police arrested 25 suspects. Their intention had been to carry the separate liquid chemical components of an improvised explosive compound on to 10 or so US and Canadian flights, using branded soft drinks bottles as containers, and to mix them on board to create bombs. Underpants bomber In December 2009 a Nigerian student, boarded a Northwest Airlines Airbus A330 scheduled departure for Detroit with pads of explosive material sewn into his underpants. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Sabotage AIRLINE
  26. 26. On-board the aircraft Security threat on-board aircraft by cyber criminals is a new concern today. With modern days handheld smart digital devices being allowed on-board aircraft, Wi-Fi being made available to passengers, cyber security has become talk of the moment. In May 2015, Chris Roberts, a prominent hacker, told the FBI that he had managed to make an aircraft “climb” and move “sideways” after infiltrating its in-flight entertainment system. Also in April 2015, a US report warned that planes with in-flight Wi-Fi are vulnerable to hacks by passengers and could also be targeted by "malicious attackers" on the ground. Related to air navigation systems It has been demonstrated that ATC and ACARS can be hacked and messages can be sent to aircraft, instructing the aircraft on its navigation. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  27. 27. Flight Management Systems too have been a target of cyber attack. This and attack on other airline systems have risen recently. An incident as recent as June 21, 2015 when LOT Polish Airlines was forced to cancel 10 flights scheduled to depart from Warsaw's Chopin airport after hackers attacked its ground computer systems. The attack left the company unable to create flight plans for outbound flights, grounding around 1,400 passengers. Remote Hijacking: In another incident as a “Proof of Concept” - German researcher Hugo Teso revealed an app that manipulates the Aircraft ACARS, which can give access to the plane’s flight management system (FMS). One can communicate with ACARS through hacking the airline’s systems or using a special radio, according to Teso. DDoS and botnet attacks: Distributed-denial-of-service attacks have grown in popularity to carry out a range of malware injection activities. Within such attacks, hackers utilize botnets of compromised networks to flood air traffic control and other critical systems with traffic, which results in a crash of the platform. Attackers may also ask for a ransom amount from the authorities to prevent disruption of flight management and control systems. Airline Security (Contd.) Within the organization (Airline System Hacking & Flight Management System Hacking) (Contd..) Flight Management System Hacking INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  28. 28. Through public interfaces | Smart Phones There has been a demonstration by a German security consultant Hugo Teso on how to remotely attack and take full control of an aircraft. Along with other purchased hardware from various sources for demonstration Teso used his Samsung Galaxy and a specially crafted app called PlaneSploit to demonstrate how to hack an airplane’s computer. Another example could be a new theory with Malaysia Airlines flight MH370 vanishing that is suggested by Dr Leivesley who runs her own company training businesses and governments to counter terrorist attacks, that a framework of malicious codes, triggered by a mobile phone, would have been able to override the aircraft’s security software. Mobile Applications: Most of the airline company now provide Mobile application for airline services. This could be an opportunity for hackers for a cyber attack. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  29. 29. Through public interfaces | Websites Another public interface that could be vulnerable to cyber attack are websites of airline companies. In a very recent incident (March 2015) it was reported British Airways' air-miles accounts, the coding site GitHub and the work chat service Slack have all been hit in the latest wave of cyber-attacks. User reported their account had been used by someone else to book a hotel room in Spain, that their list of transactions showed "ex- gratia" deductions that had wiped out their entire credit, etc. Another example out of many incidents could be referenced here is a group that claimed responsibility for hacking the Hobart International Airport website and defacing it with a statement supporting the radical group Islamic State. The incident was reported on 13th April 2015. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  30. 30. Electronic data exchange issues The paper checks and balances that exist within the clerical world are not possible with EDI. While rare, the possibility that data will be intercepted and stolen or altered in transit does exist. Messages also may be deliberately or mistakenly duplicated. This can result in overcharges, wasted resources, and damaged relations between trading partners. For these and other reasons, companies need to take measures to ensure accuracy and security, including security policies that limit the authority to engage in transactions to certain individuals; means of verifying that messages sent were received intact (electronic "seals"); the use of proper encryption methods; digital signatures or bio-metrics (the use of human attributes like fingerprints or voice) to verify the identity of senders and receivers; audits that verify the accuracy of electronic records; efforts to ensure that translation software has been written correctly and not altered; and so on. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  31. 31. GDS/CRS hacking In a very recent incident (August, 2015) Hackers linked to China breached the Sabre network, Sabre confirmed that it has been hacked. There has been incidents in the past where hackers have gained access to the airlines computer reservation systems. In one of the past incidents, O’ BRIEN from Boston, US, without authorization, accessed the computer reservation system at a travel agency by entering through the company's website, and intentionally sending commands cancelling ticketed airline reservations for approximately 60 passengers, thereby causing damage and a loss in excess of $96,000 to the travel agency. The unauthorized intrusion resulted in approximately 60 passengers being stranded at airports during the Christmas holiday season. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack AIRLINE
  32. 32. Hacking via on-board Wi-Fi systems The US Government Accountability Office (GAO) report said that modern aircraft that have the ability to access the internet through on-board Wi-Fi systems face the very real threat of being hacked. “A virus or malware planted in websites visited by passengers could provide an opportunity for a malicious attacker to access the IP-connected on-board information system through their infected machines,” according to the report. Modern aircraft have Wi-Fi passenger networks that use the same network as the avionics systems of the planes, raising the possibility that a hacker could hijack the navigation system or commandeer the plane through the in-plane network. The experts said that if the cabin systems connect to the cockpit avionics systems (e.g. share the same physical wiring harness or router) and use the same networking platform, in this case IP, a user could subvert the firewall and access the cockpit avionics system from the cabin. Airline Security (Contd.) INTRO AIRPORT ICAODIAGRAM IATA CERT Cyber Attack The image below shows the standard setup for wiring and internet connectivity services in modern aircraft. AIRLINE
  33. 33. Organizations IATA | ICAO | CERT
  34. 34. IATA Security Guidelines International Air Transportation Association (IATA) came with various points for the safety and efficient operation of the air transportation industry. They were following:  A holding area has to be established and the passengers and their baggage must be screened before entering the sterile area.  Communication with the passenger must be direct and discrete. The officer on duty must be able to respond quickly to any unlawful action.  Authorized law enforcement officers armed with communication equipment must be made available to patrol within the Airport vicinity.  Ensure areas of restrictions are clearly marked. Install proper access control systems and proper fencing at the perimeters to avoid unauthorized entry. To ensure proper control at the airside only identified vehicles and authorized persons with appropriate passes are allowed at the airside areas. Ensure that high safety standards are maintained at the apron areas.  To ensure at all times identification passes are visibly worn by the person(s) entering the airside and identification is checked at the access control point before entering the airside. INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
  35. 35. IATA Security Guidelines International Air Transportation Association (IATA) cont..  To ensure that physical barriers are installed. Public area is separated from the baggage and cargo areas. Proper facilities such as x-ray and explosive detection are available for screening of passengers, baggage and cargo.  To ensure that the aircraft parking areas are adequately protected and controlled with proper lighting.  Ensure all public viewing areas overlooking the airside are adequately protected with surveillance cameras. IATA has also provided guidelines for Cargo Security and Cyber Security. For Cyber Security IATA has put in place a three pillar strategy to address the cyber security threat. They are:  work to understand  define and assess the threats and risk of cyber - attack, and  advocacy for appropriate regulation and mechanisms for increased cooperation throughout the industry and with and between Government agencies. INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
  36. 36. ICAO Security Guidelines In ICAO's Twelfth Air Navigation Conference - Montréal, Cyber security has been identified as a high-level impediment to the implementation of the Global Air Navigation Plan. It was noted that the current pace and extent of new information technologies is notably increasing the risk from cyber attacks. This is due to a number of factors: a) there is an increased reliance on a small number of technologies, such as Linux, Windows, IPv6 protocols and Ethernet (AFDX), and these technologies are widely used in the IT industry; b) as a result there is widespread understanding of these technologies, and of their weaknesses and vulnerabilities; c) systems are becoming more interconnected and security lapses in one system are likely to affect others; and d) there is greater impact from systems failures due to increased reliance on them. It was also noted that over and above these factors, there is the potential for unforeseen systematic problems due to weaknesses in oversight. This is mainly due to a lack of coherence between the many groups working on cyber security, and a lack of expertise and understanding amongst those who might provide the coherence. Some knowledge of these problems exists within the industry, but knowledge of the big picture is more limited. INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
  37. 37. ICAO Security Guidelines (Contd..) ICAO's security guidelines, available in the ICAO Security Manual for Safeguarding Civil Aviation Against Acts of Unlawful Interference (Doc 8973) may be adopted for the development of specific measures and incorporated, if needed, into the relevant airport and airline security programs, regulated agent regimes and quality control measures. A set of minimum security principles for manufacturers and retailers of LAGs and STEBs (Liquids, Aerosol and Gels & Security Tamper-Evident Bags) is in paragraph 5 of this document. The objective of this document is to advise States on the prevention of and, where necessary, response to acts of unlawful interference, through the application of an aviation security system consisting of four main elements: • Legal framework and security oversight; • Airport design, infrastructure and equipment; • Human resources recruitment, selection, training and certification; and • Procedures and the implementation of security measures. This volume provides guidance with regard to threat and risk assessment, contingency plans, collection and transmission of information during an act of unlawful interference, and the subsequent review, analysis and reporting of any act of unlawful interference. INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
  38. 38. ICAO Security Guidelines (Contd..) The security manual, consisting of five volumes addresses the above-mentioned elements. The remaining four volumes of the security manual address the following aspects of an aviation security system: • Volume I — This volume contains guidance related to legal aspects, international cooperation, and additional security measures such as in-flight security officers, armed personnel, a national civil aviation security programme, quality control, and procedures for handling sensitive information; • Volume II — . It provides guidance material with regard to the national training policy and the national civil aviation security training programme, including recruitment, selection, training and certification of security staff, selection and training of non- security staff and training development. • Volume III — It provides guidance material with regard to the requirements of organization, airport security programme and airport design; • Volume IV — It consists of preventive procedures with regard to access control, aircraft operator security, general aviation and aerial work, passengers and cabin baggage, hold baggage, special categories of passengers, cargo, mail and security procedures for other entities. INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
  39. 39. CERT Computer Emergency Response Teams (CERT) are expert groups that handle computer security incidents CERT focuses on security breach and denial-of-service incidents, providing alerts and incident-handling and avoidance guidelines. CERT also conducts an ongoing public awareness campaign and engages in research aimed at improving security systems. AirCERT Automated Incident Reporting (AirCERT) is a scalable distributed system for sharing security event data among administrative domains. Using AirCERT, organizations can exchange security data ranging from raw alerts generated automatically by network intrusion detection systems (and related sensor technology), to incident reports based on the assessments of human analysts. The goal of AirCERT is to provide a capability to discern trends and patterns of intruder activity spanning multiple administrative domains. The AirCERT components are released either under the GPL or LGPL licenses. CERT (Computer Emergency Response Team) INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
  40. 40. sanju.sinha@gmail.com Thank you Disclaimer: Brand names, logos and trademarks used herein remain the property of their respective owners. This listing of any firm or their logos is not intended to imply any endorsement or direct affiliation with the author.

×