Here's how the aviation sector is stopping cyberattacks from getting off the ground

• With technological advancement in the aviation sector has come an increase in cyberthreats.

• International cooperation is essential to building cyber-resilience in aviation.

• The ICAO is working to build globally harmonized approach to counter cyberthreats.

The past years have witnessed a giant leap in terms of technological advancements and their application into businesses, including developments in machine-learning techniques, telecommunications (5G), the internet of things and more.

The aviation sector, as with all other industries, endeavoured to benefit from those advancements to support its development, including the integration of new airspace users, the development of advanced aircraft systems and applications, automation and integration in data applications and decision-making systems in airports and airlines, and the interconnection between previously isolated systems through data-sharing across the aviation value chain.

Those developments in the air transport sector enhanced efficiency and capacity, allowing the sector to sustain the fast growth rates it has witnessed over the past two decades. It also resulted in positive spillovers on safety, security and the environmental footprint of international civil aviation. However, the above developments brought with them cyberthreats. These threats have grown exponentially during the past decade as the cyber domain became an attractive field for malicious actors to make financial gains, cause harm, and/or instill chaos in the global economic system.

Accordingly, ensuring the cybersecurity and resilience of the civil aviation sector became a high priority, and indeed a prerequisite for the sustainability of this sector and its ability to grow in a safe and secure manner.

The International Civil Aviation Organization (ICAO) has been long aware of the cybersecurity challenges facing the international civil aviation sector, and has been, and still is, the natural forum for the global international air-transport community to discuss and address those threats in a consistent, harmonized and cross-cutting manner across the different air-transport domains. As international cooperation is key to address cybersecurity and resilience in civil aviation, ICAO engages with relevant international fora to support global discussion of the topic. The collaboration between ICAO and the World Economic Forum is one example of successful public-private collaboration among stakeholders to exchange views and share experience and best practices in support of a cyber-resilient international civil aviation system.

ICAO’s work on cybersecurity and resilience began with the publication of the Global ATM Operational Concept in 2005. As the civil aviation sector’s reliance on information and communication systems increased over time, ICAO initiatives and discussions over cybersecurity evolved to cover the whole air transport sector, such as addressing cyberthreats in ICAO Standards and Recommended Practices (SARPs), Procedures for Air Navigation Services (PANS), and guidance material.

Those discussions further led to the adoption of two ICAO assembly resolutions: Resolution A39-19 in 2016, superseded in 2019 by Resolution A40-10 – Addressing Cybersecurity in Civil Aviation, which urges states to adopt and implement the Beijing Convention and Protocol of 2010 as means for dealing with cyberattacks against civil aviation, and calls upon states and stakeholders to take actions to counter cyberthreats to civil aviation.

The 40th Assembly also adopted the Aviation Cybersecurity Strategy; a translation of ICAO’s cybersecurity vision for the global civil aviation sector to be resilient to cyberattacks, safe and trusted globally, while continuing to innovate and grow.

The strategy is a framework built on seven pillars, which include the following main principles:

The first edition of the Cybersecurity Action Plan was published in November 2020. It is a living document that aims at supporting states and stakeholders in implementing the Cybersecurity Strategy. The Action Plan identified 29 Priority Actions, which are further broken down into 54 time-bound Measures and Tasks, providing the foundation for ICAO, states and stakeholders to cooperate and work together to better address cybersecurity and resilience in civil aviation.

ICAO recognizes the importance of capacity-building and the top-down approach required to address cybersecurity and resilience in civil aviation. As such, a training portfolio is under development, starting with two courses that are currently being finalized: Foundations of Aviation Cybersecurity Leadership and Technical Management; and Managing Security in ATM.

ICAO initiated in 2019 a project that aims at ensuring that the air navigation system is secure and resilient to cyberattacks, and that the storage, processing and exchange of data and information meets the requirements of confidentiality, integrity and availability. The ongoing work includes the development of a concept of operations and governance options for an International Aviation Trust Framework, the development of a certificate policy for digital identity management, and the development of guidance material, requirements and procedures for technical and organizational trust. On the network side, the work continues to define performance-based requirements for processing, exchange and storage of information in network applications, including the development of technical requirements needed to cover current and future aviation needs, as well as work on the necessary protocols to allow logical isolation of aviation communication data from the public internet.

In conclusion, ICAO continues to address cybersecurity and resilience in civil aviation as a matter of high priority, and is committed to support the sector in developing the guidance and tools needed to manage these emerging threats in order to ensure its safe, secure and sustainable development.