Cyber resilience scenario analyses for the air transport system
The use of digital data and the level of interconnection of IT systems are strongly increasing in civil aviation. Consequently, stakeholders of the air transport system like airlines, airports and air traffic control are more and more interlinked and, thus, depend on secure means of data exchange. Within the Bavarian aviation research project “Air Traffic Resilience” (ARIEL), Bauhaus Luftfahrt is developing different cyber-threat scenarios to analyse potential impacts on operational air transport processes.
Four comprehensive scenarios address different segments of the air transport system and serve as a basis for the analysis of specific attack vectors from internal or external aggressors. One scenario, for example, considers an incorrect representation of the airspace during transatlantic flights or near airports. In such a case, the determination of the position of one or more aircraft could be impaired, which would lead to a loss of integrity of the respective airspace. Another scenario addresses a spoofed data link between two air transport stakeholders in an area relevant for safe operation. Here, the entire air transport system could be impacted due to contagion effects.
Based on these potential threat scenarios, the project consortium is able to assess potential threats and risks for the air transport system. In the remaining duration of the project the developed scenarios will be transferred to a demonstrator for the purpose of analysing how air traffic resilience could be improved with respect to potential cyber threats.
- Interconnection of the air transport system: Arrows indicate the interfaces for information exchange and, thus, represent risks for contagion effects in the case of false or missing information.
- Horizontal scenario space illustration: Both key process steps in the lifetime of an aircraft and each of the scenario spaces are depicted. Own illustration, based on EATMA (European Air Traffic Management Architecture)