Fly By Wire Air is a one-stop shop for the aviation enthusiast. You will find aviation apparel, RC hobby planes, items for the historic aviation buff and even products and services for amateur pilots. We hope you will enjoy visiting our site. When you think of flying – Fly By Wire.

Tag Archives: Global Aviation

CYBERSPACE VS AIRSPACE

ICYB#1

 

While the problems facing the aviation industry are complex and widespread,  the problem of cyber security is now among the most pressing issues confronting aviation.  During this blog, we’ll discuss current issues regarding cyber security, as well as the means of combating current and future threats.

Confronted with the responsibility for transporting millions of passengers between global destinations on a daily basis, the aviation industry is required to maintain one of the most complex and integrated information and communications technology (ITC)  systems on the planet.  However, this electronic network is vulnerable to software glitches, hardware and network failures, as well as the ever-probing cyber-attackers.  Though a number of other industries are subject to cyber attack, the effects of a cyber attack upon aviation can have life-threatening and potentially dire consequences.  The safety of aircraft and their passengers, the operational security and fiscal well being of the airlines and related industries, in addition to the reputation of the aviation industry as a whole.  These threats range from isolated individuals simply looking to create mayhem and confusion to dedicated hackers and cyber-criminals intent on sabotage and the theft of information or intellectual property.

A number of specific threats have arose within the last ten years to include avionics systems, software glitches, control system errors and electronic flight bag failure.  The avionics threat involves thousands of attacks globally on a monthly basis.  Perhaps the most distinctive targets are the connective communication systems between aircraft and the ground.  Such avionics transmit flight data, as well as monitor and manage vessels and relay data to and from ground-based networks.  Other possible vulnerable elements are reservation systems, cargo handling and shipping, hazardous materials transportation and flight traffic management.  According to a recent study, software, design processes and related manufacturing data may soon become vulnerable.  Software glitches are another source of data vulnerability.  An incident involving an Airbus A319 taking off from Belfast in June 2015, in which corrections made by the pilot for distance and speed calculations allowing for a change in the weather were not reported back correctly by the flight bag software, resulting in data plotted for a longer runway, which left insufficient runway to abort a take-off.  Fortunately, the flight captain was able to take-off with only 656 feet to spare.  Control system errors involve irregular patterns in air traffic data programs.  For example, in April 2018 European air passengers experienced massive traffic disruptions after the Easter holiday due to the failure of the Enhanced Tactical Flow Management System, which affected approximately 15,000 flights over the continent.  Another source of cyber penetrations are electronic flight bag failures.  Electronic flight bags act as an alternative to the reams of paper flight documents carried on board by the airline flight staff.  The flight bags are tablet devices with touchscreens offering the advantages of saving fuel for the airlines due to less bulk carried aboard the plane in addition to environmental benefits.  However, these devices use wireless connectivity and mobile apps to communicate flight plans to an entire air fleet.  The only problem-any software operating the device is subject to hacking.

Though digital transformation is enabling global aviation to deliver better service to its customers, it is concurrently raising its threat exposure.  Aviation stakeholders should come together for the good of the industry, traveling population and the global economy as a whole.  Cyber security measures should not be merely a race against threat actors, but rather a proactive means of covering risks for the air transport industry.  A number of measures may be utilized by global aviation to defend against both current and future cyber attacks.  Strong and all inclusive cyber security policies should be established and enforced within the organization, taking into consideration all relevant industry standards and requirements for legal and regulatory compliance.  Procedures and policies should be put in place for the predictive monitoring of IT systems and related data chains to insure the protection of operational and customer information.  Penetration and operational testing should be conducted on all critical systems at intervals, using external contractors maintaining high standards of integrity.  Procedural and contractual steps should be taken to minimize insider risks, as well as those from supply chains, third party vendors and partner agencies.  Procedures should be formulated to expedite notifying customers, stakeholders and regulatory agencies, in the event of a security incident or data breach.  The firm should also provide training to meet cyber security best practices, in addition to proper security procedures for the protection of internal documents and intellectual property.  This training should be conducted on a regular basis, promoting a culture of proactive cyber security within the organization.  Legal and compliance teams should also coordinate their activities with local regulatory and legislative authorities.  Finally, the organization should invest in comprehensive cyber security insurance for protection against current and future liabilities.

 

CYB#2

 

 

 

SAFETY FIRST

SEC#1

 

Tragic as the events of September 11, 2001, were, they forced a needed examination of global aviation security.  In this blog, we’ll look at both current problems and approaches to enhance the security of global air travel.

Since the 1970s, trade, technology, and economic growth have merged to form a state of globalization, in which the welfare of people, firms, and nations have become ever more interconnected.  Concurrently, civil aviation has evolved from a heavily regulated system of government-sponsored air services and airports to an increasingly competitive global structure, in which private organizations compete with their publicly held counterparts.  Global air traffic has increased exponentially over the last forty-five years, in spite of economic recessions, military conflicts, health epidemics and acts of terror.  Due to the nature of its operations, civil aviation has always been a target for violent acts.  The first violent incidents involving civil airliners were hijack attempts, which began in the 1960s.  By the late 1970s, these were on the decline due to international treaties and plain-clothed security personnel on board the aircraft.  During the 1980s bomb attacks designed to draw attention were on the rise, decreasing in later decades.  By the 1990s, aviation security had evolved into a complex system combining intelligence agencies and airport security personnel coupled with electronic devices from which to detect, bombs, weapons and prohibited items.

The terror attacks of September 11, 2001 were the most graphic example of the ever-evolving threat of terror attacks against aviation.  The attacks demonstrated how civil aircraft could be used as weapons to kill large numbers of civilians and destroy assets on the ground.  Since that time governments have created a number of new organizations to direct airport security systems, as well as massive investments in both technology and personnel.  Though both airlines and airports have faced challenges resulting from heightened security efforts, the traveling public has been willing to bear them to promote a secure travel environment.

Today, there are several factors affecting the security of global aviation.  Technology is rapidly enabling the ability of terror groups and other bad players to inflict large-scale damage.  While the capability for such efforts has been confined to a few major nations, such technology is now available to a number of non-state organizations.  The merging of cyber and physical capabilities are creating new security issues.  One only need to see a virtual reality game to understand how closely simulations can approximate real-world situations.  Many systems in civil aviation such as traffic management systems, passport control system, departure control systems, hazardous materials transport and reservation systems are all vulnerable to outside hacking.  Computerized aircraft flight systems pose an equally serious threat.  GPS navigation systems, fuel control systems, flight control and maintenance only serve to increase the points of cyber vulnerability.  As aviation becomes more computerized, human proficiency becomes less effective.  Though automated systems are becoming more flexible to handle a variety of situations, minimizing human involvement.  However, when humans have less opportunity to practice and develop skills, they become less capable of acting in a timely and appropriate manner when emergencies arise.  Perhaps the most vulnerable points in many automated systems are those in which humans interact with automated programs.

However, a number of solutions are available to enhance global flight security.  There is currently too much emphasis on molding new problems into existing regulations.  As is often the case, by the time new policies are formulated, a new threat has arisen.  Global aviation firms should adopt a philosophy of thinking like the terrorist, rather than relying upon yesterday’s doctrine to meet future attacks.  In the realm of cybersecurity, firms must enhance their understanding of threats by testing their systems by in-house or outside consultants, tailoring their systems to meet the threats.  Firms should cooperate on both cyber and physical security threats, as cooperation makes everyone stronger.  Any would be hacker will always probe for the weakest link.  Real and potential vulnerabilities should be shared between companies.  Finally, airlines need to rethink border security, in the digital sense.  While the number of remote attacks has increased in recent years, air safety is improved by a thorough knowledge of passengers – an area in which more capable programs are needed.

Civil aviation is a key element of the global economy and any event, whether accidental or intentional, has a direct bearing on the media.  With new technology promoting the rapid transfer of information, it will continue to be a likely target for those who want to cause maximum disruption.

 

SEC#2