Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Model-Based Approach for Aviation Cyber Security Risk Assessment

Published byGeorgina Morrison Modified over 6 years ago

Similar presentations

Presentation on theme: "A Model-Based Approach for Aviation Cyber Security Risk Assessment"— Presentation transcript:

1 A Model-Based Approach for Aviation Cyber Security Risk Assessment
AUTOMOTIVE INFOKOM MOBILITÄT, ENERGIE & UMWELT LUFTFAHRT RAUMFAHRT VERTEIDIGUNG & SICHERHEIT 11th International Conference on Availability, Reliability and Security (ARES 2016) – Workshop SecATM A Model-Based Approach for Aviation Cyber Security Risk Assessment Tobias Kiesling, Josef Niederl, Matias Krempel Jürgen Ziegler Deutsche Flugsicherung GmbH IABG mbH The title of the presentation is of the paper „A Model-Based Approach for Aviation Cyber Security Risk Assessment“ The paper was developed by the four authors (as listed) My name is Jürgen Ziegler, I am a Technical Manager for Information Fusion. The focus of my contribution was the development of the used methodology.

2 Acknowledgement The results as presented are developed within the Air Traffic Resilience Project (Jan 2015 – July 2017) supported by the Free State of Bavaria Cyber Resilience

3 Introduction and Motivation
Overview Introduction and Motivation Model Based Approach for Aviation Cyber Threat Risk Assessment Evaluation and Application Conclusions and Future Work I will start my presentation with a short introduction and motivation. Then I will present the kernel content of the paper Cyber Resilience

4 ATM Systems – Digitalization Trends and resulting challenges
Increased automation and IT pervasion Increasing attack surfaces and potentially decreasing robustness Harmonization of components Increasing potential for re-use of attack tools and exploits Increasing system interdependencies Propagation of risk between systems Isolated security measures ineffective Source: Bauhaus Luftfahrt Holistic and interdisciplinary understanding of threat and risk as basis for operational cyber resilience Cyber Resilience

5 Objective of the Approach
Holistic Understanding of Threat and Risk Situation Model Based Approach Computer-Assisted Analysis / Reasoning Re-Use of Well Accepted Methods and Standards Cyber Resilience

6 Model Based Approach for Aviation Cyber Threat Risk Assessment
Overview Introduction and Motivation Model Based Approach for Aviation Cyber Threat Risk Assessment Evaluation and Application Conclusions and Future Work Cyber Resilience

7 Model-Based Approach - Based on well-accepted foundation
Model of Attack Model of Target of Attack Risk Model Based on STIX Based on EATMA Connected to EATMA Elements Cyber-Lage

8 Generic Risk Model (simplified)
Cyber Resilience

9 Computer Based Analysis / Reasoning
Cyber Resilience

10 Re-Use of Well Accepted Standard - STIX
Re-Use of Elements for Cyber Threat Description Basis for Information Exchange Cyber Resilience

11 Re-Use of Well-Accepted Method (Enterprise Architecture) => EATMA
Re-Use of Subset of EATMA elements and relations Focus on System, Service, Operational and Capability Views Concretization of conceptual systems necessary Cyber Resilience

12 Concretization of Target of Attack => „KUNSTWELT“

13 The methodology as presented is implemented in a software demonstrator
Cyber Resilience

14 Evaluation and Application
Overview Introduction and Motivation Model Based Approach for Aviation Cyber Threat Risk Assessment Evaluation and Application Conclusions and Future Work Cyber Resilience

15 Evaluation and Application
Two evaluation and application scenarios: Risk assessment and analysis for resilient process design Scenario “Degradation of ATM Capacity” Attack against strategic data flows Exemplified with threat vectors against flight data flow Dynamic situational picture - Detection and assessment of current threats Attack against aircraft onboard systems Implementation of exemplary threat indicator detection software Data exchange using STIX formats Cyber Resilience

16 One Threat Example – Change of RAD restrictions
Change to FL 230 Not above FL 330 All aircraft operators file flight plan in FL 230 Possible traffic overflow in lower sectors Could lead to distribution of slot allocation messages for succeeding flights Disagreement with aircraft operator flight plan RAD = Route Avaliabilty Document FL = Flight Level Cyber Resilience

17 Conclusions and Future Work
Overview Introduction and Motivation Model Based Approach for Aviation Cyber Threat Risk Assessment Evaluation and Application Conclusions and Future Work Cyber Resilience

18 Demonstrator is currently being implemented.
Conclusions Model-based approach Enable holistic understanding of cyber-threat related risk in aviation Apply computer assisted reasoning Integrate Know-how of interdisciplinary experts Re-use of approved structures, elements and data Creation of big risk models with reasonable effort Sustainable due to the use of standard (STIX) and established model (EATMA) Modern and solid approach for computer-based reasoning Demonstrator is currently being implemented. Cyber Resilience

19 Recommendations for Future Work
Methods and Tools Enhance the maturity level of the demonstrator software Apply the methods to real life use cases and data Establish tools for continuous model maintenance Automated read-in of attack models Automated read-in of Enterprise Architecture models Portfolio of models and data Develop portfolio of scenarios and models Integrate results of individual risk assessments Establish ATM-wide data exchange processes about threats including technical details based on STIX Establish processes Processes for interdisciplinary cooperation to bring together the necessary domain expertise Integration in security management processes and structures Cyber Resilience

20 Questions? Oversimplifications, progressively corrected in subsequent development are the most potent or indeed the only means toward conceptual mastery of nature. Ludwig von Bertalanffy Cyber Resilience

21 Your Contacts Tobias Kiesling, Josef Niederl, Jürgen Ziegler IABG mbH Ottobrunn, Germany kiesling, niederl, Matias Krempel Deutsche Flugsicherung DFS Langen, Germany Cyber Resilience

22 Backup…

23 The Case: Sharing of Flight Data

24 Linking Architectures - Example
Long term planning Cooperative Capacity Planning ATFCM Short term planning Demand and Capacity Balancing Flight execution Network Operations Plan Management Post flight phase Post OPS Analysis

25 Flight Plan Data Process NM (CFMU)
AIRAC (28 days) AIRAC (28 days) RAD Route Avaliabilty Document Airspace Structur + ATFCM Part 1 Part 2 EAD European Air Data Base ECAC Area AIP´s ziv+mil AMDT SUP NOTAMS PIB AIC Daily released Conditional Route Availiability Messsage DATA+CRAM Data for Flight Planning ATC Unit 1 A/C Operator IFPS Files FPL, AFTN / TCPIP SITA, 120h-3h before EOBT Sends FPL, DLA, CNL, CHG Messages Acc. FPL ATS Data Exchange Presentation (ADEXP) Sends ACK, MAN, REJ, FLS Message RPL list files to the RPL Unit Via / sita Correct IFPS / RPL Format RQP, APL RPL Data Storage Transfere of RPL 20h before EOBT Check for mandatory items Quelle: Cook, „EATM“ = NM AIRAC = Aeronautical Information and Control

Download ppt "A Model-Based Approach for Aviation Cyber Security Risk Assessment"

Similar presentations

ICAO Seminar on Aeronautical spectrum management (Cairo, 7 – 17 June 2006) SAFIRE Spectrum and Frequency Information Resource (presented by Eurocontrol)

ICAO Seminar on Aeronautical spectrum management (Cairo, 7 – 17 June 2006) SAFIRE Spectrum and Frequency Information Resource (presented by Eurocontrol)
Preliminary Hazard Analysis of EUROCONTROL Concept of Operations 2011 using the FAST method European Organisation for the Safety of Air Navigation presented.

Preliminary Hazard Analysis of EUROCONTROL Concept of Operations 2011 using the FAST method European Organisation for the Safety of Air Navigation presented.
Moving Towards an Integrated ASM/ATFCM/ATS Approach

Moving Towards an Integrated ASM/ATFCM/ATS Approach
- European CDM - To benefit from the animation settings contained within this presentation we suggest you view using the slide show option. To start the.

- European CDM - To benefit from the animation settings contained within this presentation we suggest you view using the slide show option. To start the.
PETAL A major step Towards Cooperative Air Traffic Services Patrice BEHIER Manager of the Air/ground Co operative ATS Programme Directorate Infrastructure,

PETAL A major step Towards Cooperative Air Traffic Services Patrice BEHIER Manager of the Air/ground Co operative ATS Programme Directorate Infrastructure,
Mission Trajectory Step 1 From planning to deployment.

Mission Trajectory Step 1 From planning to deployment.
The European Organisation for the Safety of Air Navigation The need for Data sharing Generic Civil-Military Cooperation.

The European Organisation for the Safety of Air Navigation The need for Data sharing Generic Civil-Military Cooperation.
Service Development for Newbies and Experts

Service Development for Newbies and Experts
Episode 3 Operational Concept Detailing Episode 3 - CAATS II Final Dissemination Event Ros Eveleigh & Eliana Haugg EUROCONTROL & DFS Episode 3 Brussels,

Episode 3 Operational Concept Detailing Episode 3 - CAATS II Final Dissemination Event Ros Eveleigh & Eliana Haugg EUROCONTROL & DFS Episode 3 Brussels,
Peter Matern Head of ADM Unit 30/01/2014

Peter Matern Head of ADM Unit 30/01/2014
Air-Ground Data Link - DFS Strategy

Air-Ground Data Link - DFS Strategy
GAMMA Overview. Key Data Grant Agreement n° 312382 Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget: 14.837.981.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
IACT 901 Module 9 Establishing Technology Strategy - Scope & Purpose.

IACT 901 Module 9 Establishing Technology Strategy - Scope & Purpose.
International Civil Aviation Organization AIM - implementation Saulo Da Silva Workshop on preparations for ANConf/12 − ASBU methodology (Bangkok, 14-18/Nadi,

International Civil Aviation Organization AIM - implementation Saulo Da Silva Workshop on preparations for ANConf/12 − ASBU methodology (Bangkok, 14-18/Nadi,
Objective FCM03 ESSIP Plan 2014 Octavian CIOARA DPS/PEPR 19.09.2014.

Objective FCM03 ESSIP Plan 2014 Octavian CIOARA DPS/PEPR
Integrating information towards Digital ATM Mini Global Demonstration Presented By: Thien Ngo Date:August 28, 2013.

Integrating information towards Digital ATM Mini Global Demonstration Presented By: Thien Ngo Date:August 28, 2013.
1SWIM-SUIT Public Launch – 23 April 2007 System Wide Information Management in OATA Bert Nijhof OATA Technical Manager EUROCONTROL DAS/SAS/OCA.

1SWIM-SUIT Public Launch – 23 April 2007 System Wide Information Management in OATA Bert Nijhof OATA Technical Manager EUROCONTROL DAS/SAS/OCA.
Why Flight Plan and ATFCM adherence?

Why Flight Plan and ATFCM adherence?
European AIS Database SIGMA & SDO Data Completeness

European AIS Database SIGMA & SDO Data Completeness

Similar presentations

Ads by Google