As cyber attacks become more frequent at all levels, the commercial aviation industry is gearing up to respond accordingly. Commercial Aviation and Cyber Security: A Critical Intersection is a timely contribution to those responsible for keeping aircraft and infrastructure safe. It covers areas of vital interest such as aircraft communications, next-gen air transportation systems, the impact of the Internet of Things (IoT), regulations, the efforts being developed by the Federal Aviation Administration (FAA), and other regulatory bodies. The book also collects important information on the best practices already adopted by other industries such as utilities, defense and the National Highway Traffic Safety Administration in the US. It equally addresses risk management, response plans to cyber attacks, managing supply chains and their cyber- security flaws, personnel training, and the sharing of information among industry players. Commercial Aviation and Cyber Security: A Critical Intersection looks at possible future scenarios and how to respond to ever-growing cyber threats, how standards development will help combat this issue, listing the recommendations proposed by international agencies.

In the next decade, commercial aviation will see Next Generation ATM (NextGEN), Single European Skies ATM Research (SESAR), and others utilizing Internet- based air-to-ground communication links for advanced “air traffic control” (ATC) communications. Commercial Aviation Cyber Security: Current State and Essential Reading highlights some of the major issues the industry must confront if the vision of a new, advanced air traffic management is to come to fruition. This will require standardization work to identify key components with built-in cyber security that will guide prototype testing, functionality, and prioritizing implementation efforts to solve the roadblocks to global interoperability. The ten technical papers selected for Commercial Aviation Cyber Security: Current State and Essential Reading span the last decade’s work in commercial aviation cyber security, and aircraft cyber technologies. Cyber security cannot be “bolted on” as an after-thought as commercial aviation begins to move to the automated management of national airspaces.

The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy. More than ever before, commercial aviation relies on information and communications technology. Some examples of this include the use of e-tickets by passengers, electronic flight bags by pilots, wireless web access in flight, not to mention the thousands of sensors throughout the aircraft constantly gathering and sharing data with the crew on the ground. The same way technology opens the doors for speed, efficiency and convenience, it also offers the unintended opportunity for malicious cyber attacks, with threat agents becoming bolder and choosing any possible apertures to breach security. Supply chains are now being seriously targeted as a pathway to the vital core of organizations around the world. Written in a direct and informative way, The Aerospace Supply Chain and Cyber Security - Challenges Ahead discusses the importance of deeply mapping one's supply chain to identify risky suppliers or potential disruptions, developing supplier monitoring programs to identify critical suppliers, and identifying alternative sources for IT/ICT products or components, to name a few of the necessary actions to be taken by the industry. The Aerospace Supply Chain and Cyber Security - Challenges Ahead also discusses the standardization of communications platforms and its pitfalls, the invisible costs associated with cyber attacks, how to identify vulnerabilities of the supply chain, and what future scenarios are likely to play out in this arena. For those interested in the many aspects of cyber security, The Aerospace Supply Chain and Cyber Security - Challenges Ahead is a must-read.

Conferences Proceedings of 20th European Conference on Cyber Warfare and Security

A large international airport is a microcosm of the entire aviation sector, hosting hundreds of different types of aviation and non-aviation stakeholders: aircraft, passengers, airlines, travel agencies, air traffic management and control, retails shops, runway systems, building management, ground transportation, and much more. Their associated information technology and cyber physical systems—along with an exponentially resultant number of interconnections—present a massive cybersecurity challenge. Unlike the physical security challenge, which was treated in earnest throughout the last decades, cyber-attacks on airports keep coming, but most airport lack essential means to confront such cyber-attacks. These missing means are not technical tools, but rather holistic regulatory directives, technical and process standards, guides, and best practices for airports cybersecurity—even airport cybersecurity concepts and basic definitions are missing in certain cases. Unsettled Topics Concerning Airport Cybersecurity Standards and Regulation offers a deeper analysis of these issues and their causes, focusing on the unique characteristics of airports in general, specific cybersecurity challenges, missing definitions, and conceptual infrastructure for the standardization and regulation of airports cybersecurity. This last item includes the gaps and challenges in the existing guides, best-practices, standards, and regulation pertaining to airport cybersecurity. Finally, practical solution-seeking processes are proposed, as well as some specific potential frameworks and solutions. Click here to access The Mobility Frontier: Cybersecurity on the Air & Ground Click here to access the full SAE EDGETM Research Report portfolio. https://doi.org/10.4271/EPR2021020

Examines the governance challenges of cybersecurity through twelve, real-world case studies Through twelve detailed case studies, this superb collection provides an overview of the ways in which government officials and corporate leaders across the globe are responding to the challenges of cybersecurity. Drawing perspectives from industry, government, and academia, the book incisively analyzes the actual issues, and provides a guide to the continually evolving cybersecurity ecosystem. It charts the role that corporations, policymakers, and technologists are playing in defining the contours of our digital world. Rewired: Cybersecurity Governance places great emphasis on the interconnection of law, policy, and technology in cyberspace. It examines some of the competing organizational efforts and institutions that are attempting to secure cyberspace and considers the broader implications of the in-place and unfolding efforts—tracing how different notions of cybersecurity are deployed and built into stable routines and practices. Ultimately, the book explores the core tensions that sit at the center of cybersecurity efforts, highlighting the ways in which debates about cybersecurity are often inevitably about much more. Introduces the legal and policy dimensions of cybersecurity Collects contributions from an international collection of scholars and practitioners Provides a detailed "map" of the emerging cybersecurity ecosystem, covering the role that corporations, policymakers, and technologists play Uses accessible case studies to provide a non-technical description of key terms and technologies Rewired: Cybersecurity Governance is an excellent guide for all policymakers, corporate leaders, academics, students, and IT professionals responding to and engaging with ongoing cybersecurity challenges.

The certification process of the Boeing 787, starting in 2005, marked a watershed for airworthiness regulation. The “Dreamliner,” the first true “flying data center,” could no longer be certified for airworthiness ignoring “sabotage,” like the classic safety regulation for commercial passenger aircraft. Its extensive application of data networks, including enhanced external digital communication, forced the Federal Aviation Administration (FAA), for the first time, to set “Special Conditions” for cybersecurity. In the 15 years that ensued, airworthiness regulation followed suit, and all key rule-, regulation-, and standard-making organizations weighed in to establish a new airworthiness cybersecurity superset of legislation, regulation, and standardization. The resulting International Civil Aviation Organization (ICAO) resolutions, US and European Union (EU) legislations, FAA and European Aviation Safety Agency (EASA) regulations, and the DO-326/ED-202 set of standards are already the de-facto, and soon becoming the official, standards for legislation, regulation, and best practices, with the FAA already mandating it to a constantly growing extent for a few years now—and EASA adopting the set in its entirety in July 2020. This emerging superset of documents is now carefully studied by all relevant actors—including industry, regulators, and academia—as the aviation ecosystem moves forward with DO-326/ED-202 set training, gap analysis, and even with certification itself. This report suggests a deeper analysis of these sets of regulatory documents and their effects on the aviation sector as they gradually become the law of the land, starting with their expected effects on the aviation ecosystem, the issues they pose to supply chains, and the challenges they present to the airworthiness certification process itself. Then, this report examines the major DO-326/ED-202 set gaps, inherent dilemmas, and methodological uncertainties. For each such unsettled domain, six aspects are reviewed. Finally, practical solution-seeking processes are proposed, and some specific potential frameworks and solutions are pointed out whenever applicable. It is the intention of this report that these insights and observations would assist regulators, applicants, and standard makers through, at least, the 2020s with accommodating this new regulation and start adjusting it to emerging realities. NOTE: SAE EDGE™ Research Reports are intended to identify and illuminate key issues in emerging, but still unsettled, technologies of interest to the mobility industry. The goal of SAE EDGE™ Research Reports is to stimulate discussion and work in the hope of promoting and speeding resolution of identified issues. SAE EDGE™ Research Reports are not intended to resolve the challenges they identify or close any topic to further scrutiny. Click here to access The Mobility Frontier: Cybersecurity on the Air & Ground Click here to access the full SAE EDGETM Research Report portfolio. https://doi.org/10.4271/EPR2020013

Key features include: safety data analysis - all tables and discussion relating to commercial aviation accident statistics current through 1999; analysis of major accidents and safety trends evolved since writing of last edition revised and expanded; advances in air traffic system becoming operational - current review and discussion applied; current and future developments in aircraft technologies included; interface between maintenance/engineering and flight operations presented; NTSB safety initiatives evolved since second edition in response to major aircraft accidents; a new chapter takes on recent most significant changes in direction and emphasis ever to affect aviation security; and international scope.

Recommended online resources p. 476.481