A study on the research and development (R&D) needed to ensure ATM cyber security has been completed  by  Helios, with the support of Thales, on behalf of the SESAR Joint Undertaking. The study sets out the elements needed to introduce a holistic approach to cyber-security and to develop  a comprehensive response to cyber threats, which includes a roadmap for increasing the maturity of cybersecurity and cyber-resilience processes within the SJU’s research and innovation (R&I) programme in preparation for SESAR 2020. This is the main conclusion of a recently completed study on cyber-security, which was carried out.

One of the worlds’ most safety conscious industries, ATM has traditionally been a patchwork network of bespoke systems connected by an array of different interfaces. In recent years, however, with the introduction of central flow management and increased automation, the level of interoperability within ATM has increased. Public networks are now used to carry data previously handled by point-to-point connections.

Modernisation initiatives worldwide, including the SESAR programme, focus on a significantly more connected ATM system that makes use of modern technologies and interoperability to deliver operational improvements through a common view of all aeronautical information. System Wide Information Management (SWIM) is the epitome of these developments, which once fully deployed will enable all aviation actors to share and access the data in a consistent way, allowing for more collaborative decision making and an optimised use of all resources.

But increased connectivity can also mean increased cyber-threats, which are not static in their nature and evolve as technology evolves. So while there is no silver bullet to tackle these moving targets, ATM needs to understand and react to the future threats now. With this in mind, the study puts forward a comprehensive framework which calls for coherent regulatory requirements for ATM and critical infrastructure protection, as well as service provisions for legacy systems and new functions.

As part of this larger framework, the study also proposes a roadmap for cyber-security in the SESAR 2020 programme. While the SJU have already developed guidance material and appropriately integrated into its current programme (SESAR 1), further actions are being taken to increase the maturity of these areas for SESAR 2020, advises the study.

“The results of the study will be used to support the SESAR programme’s next developments in general and  in particular on SWIM – and provide the basis for proactive, effective and efficient management of information in relation to any cybersecurity specific threats in the new ATM system,” says Florian Guillermet, Executive Director of the SESAR Joint Undertaking.

Download the Executive summary of the study