Bezpieczeństwo cybernetyczne w lotnictwie cywilnym

• Authors: Cieślak Eugeniusz

Title variants

Cybersecurity in Civil Aviation

• Languages of publication: PL EN

Abstracts

PL

Zagrożenia cybernetyczne w lotnictwie cywilnym obejmują szerokie spektrum zdarzeń – od intencjonalnego ingerowania w systemy informatyczne do niezamierzonych błędów ludzkich bądź usterek technicznych mających miejsce w naziemnych systemach nawigacyjnych, portach lotniczych oraz samych statkach powietrznych. Rosnące usieciowienie i cyfryzacja powodują, że skutki tych zagrożeń są odczuwalne we wszystkich sektorach lotnictwa cywilnego, generując kaskadowo negatywne konsekwencje. Doświadczenia związane z zagrożeniami cybernetycznymi stały się po 2012 r. przesłanką do podejmowania systemowych działań szerokiego środowiska interesariuszy lotnictwa cywilnego na rzecz poprawy bezpieczeństwa cybernetycznego w tym rodzaju lotnictwa. Wraz ze wzrostem skali i wyrafinowania zagrożeń cybernetycznych rośnie liczba działań na rzecz zapewnienia bezpieczeństwa cybernetycznego lotnictwa cywilnego.

EN

Cyber threats in civil aviation involve a broad range of incidents – from the intentional interference with the IT systems to the unintentional human errors or technical failures of the ground-based navigation systems, airports and aircraft. Due to the increase in networking and digitisation, the effects of these threats are felt in all sectors of civil aviation, rapidly generating negative consequences. Since 2012, the experience related to cyber threats has become the premise for undertaking the system actions by the extended environment of civil aviation stakeholders aiming to improve the cybersecurity in this kind of aviation. With the growing scale and sophistication of cyber threats, the number of actions aiming at ensuring cyber security of civil aviation is growing as well.

Keywords

PL

bezpieczeństwo; cyberbezpieczeństwo; zagrożenia cybernetyczne; lotnictwo cywilne; ochrona lotnictwa

EN

security; cybersecurity; cyber threats; civil aviation; aviation security

• Publisher: Instytut Nauk Społecznych i Bezpieczeństwa Uniwersytetu Przyrodniczo-Humanistycznego w Siedlcach / Oficyna Wydawnicza RYTM
• Journal: SECRETUM. Służby specjalne, bezpieczeństwo, informacja
• Year: 2016
• Issue: 2(5)
• Pages: 71 - 82

Contributors

author

Cieślak Eugeniusz

References

• The American Institute of Aeronautics and Astronautics. (2013). The Connectivity Challenge: Protecting Critical Assets in a Networked World. A Framework for Aviation Cybersecurity (An AIAA Decision Paper).
• Ammembala, N. (2011). 3 Bangalore techies crippled Delhi Airport in June. Pobrane z: http://www.hindustantimes.com/india-news/3-bangalore-techies-crippleddelhi-airport-in-june/article1-771868.aspx.
• Bourne, J. (2014). How Amsterdam Airport Schiphol migrated its workforce to BYOD. Pobrane z: http://www.appstechnews.com/news/2014/dec/05/how-amsterdam-airport-schiphol-migrated-its-workforce-byod/.
• Civil Air Navigation Services Organization. (2014a). CANSO Cyber Security and Risk Assessment Guide. CANSO Europe Region Office: Brussels.
• Civil Air Navigation Services Organization. (2014b). CANSO Position Paper on Cyber Security. CANSO Europe Region Office: Brussels.
• Constantin, L. (2014). An Iranian cyberattack dubbed Operation Cleaver compromised more than 50 organizations worldwide, researchers said. Pobrane z: http://www.computerworld.com/article/2854084/iranian-hackers-compromised-airlines-airports-critical-infrastructure-firms.html.
• Costin, A. (2012). Ghost is in the Air(Traffic) – BlackHat 2012 – Airplane replay, fake airplane spoofing/impersonation. Pobrane z: https://www.youtube.com/watch?v=5ZAjtxmxTkg.
• Costin, A., Francillon, A. (2012). Ghost in the Air (Traffic): On insecurity of ADS–B protocol and practical attacks on ADS–B devices. Pobrane z: https://media.blackhat.com/bh-us-12/Briefings/Costin/ BH_US_12_Costin_Ghosts_ In_Air_WP.pdf.
• Cyberdefence24. (2016). Sprawcy cyberataku na LOT niewykryci. Umorzenie śledztwa. Pobrane z: http://www.cyberdefence24.pl/291778,sprawcy-cyberataku-nalot-niewykryci-umorzenie-sledztwa.
• Gopalakrishnan, K., Govindarasu, M., Jacobson, D.W., Phares, B.M. (2013). Cyber Security for Airports. International Journal for Traffic and Transport Engineering, (3), 365–376.
• International Civil Aviation Organization. (2006). Annex 17: Security. Safeguarding
• International Civil Aviation Against Acts of Unlawful Interference. Montreal: Canada.
• International Civil Aviation Organization. (2011). Doc. 8973 (Restricted). Aviation Security Manual.
• International Civil Aviation Organization. (2012). Cyber Security for Civil Aviation, AN–Conf/12–WP/122, 9/10/12, Working Paper. Pobrane z: http://www.icao.int/Meetings/anconf12/WorkingPapers/ ANConfWP122.1.1. ENonly.pdf.
• International Federation of Air Line Pilots’ Associations. (2013). Cyber threats: who controls your aircraft? IFALPA Position 14POS03. Pobrane z: http://www.ifalpa.org/store/14POS03%20-%20Cyber%20threats.pdf.
• Johnson, D.P. (2013). Civil Aviation and Cyber Security. Pobrane z: http://sites.nationalacademies.org/cs/groups/depssite/documents/webpage/deps_084768.pdf.
• Lim, B. (2014). Emerging Threats from Cyber Security in Aviation – Challenges and Mitigations. Journal of Aviation Management, 83–91.
• Meredith, L. (2010). Malware implicated in fatal Spainair airplane crash. Computer monitoring system was infected with Trojan horse, authorities say. Pobrane z: http://www.nbcnews.com/id/38790670/ ns/technology_and_science-security/#.VRpO5OG_u7Q.
• Messmer, E. (2013). London Gatwick Airport takes out 200 servers, moves to cloud, BYOD. Pobrane z: http://www.networkworld.com/article/2166054/byod/londongatwick-airport-takes-out-200-servers--moves-to-cloud--byod.html.
• Paganini, P. (2013). Istanbul Ataturk International Airport targeted by a cyber attack. Pobrane z: http://securityaffairs.co/wordpress/16721/hacking/istanbulataturk- international-airport-targeted-by-cyber-attack.html.
• Pasztor, A. (2015). U.S. Panel Aims to Shield Planes from Cyberattack. Pobrane z: https://www.wsj.com/articles/u-s-panel-aims-to-shield-planes-from-cyberattack-1435537440.
• Rossel, M. (2015). Are you onboard?. Pobrane z: http://www.airport-world.com/features/ safety-security/4827-are-you-onboard.html.
• SESAR Joint Undertaking. (2014). Study launched to address cyber-security in SESAR. Pobrane z: http://www.sesarju.eu/newsroom/all-news/study-launchedaddress-cyber-security-sesar.
• Storm, D. (2013). GPS jammer to stop tracking messed up airport navigation, driver fired, fined $32,000. Pobrane z: http://www.computerworld.com/article/2474412/data-privacy/gps-jammer-to-stop-tracking-messed- up-airportnavigation--driver-fired--fined--32-000.html.
• Strohmeier, W., Lenders, V., Martinovic, I. (2014). On the Security of the Automatic Dependent Surveillance-Broadcast Protocol. IEEE Communications Surveys & Tutorials, 17(2), 1066–1087.
• Turner, A. (2015). Moving Targets. Pobrane z: http://www.airtrafficmanagement.net/2015/03/moving-targets/.
• United States Government Accountability Office. (2015). Information Security. FAA Needs to Address Weaknesses in Air Traffic Control Systems (GAO–15–221). Washington D.C.: U.S. Government Printing Office.