Cyber security in ATM - Main threats and solutions [SEC-CYBER]

Classroom Course
Check dates below
Course has prerequisites
Course Registration Request
This is an awareness course for all ATM staff who deal with information systems for ATM, including CNS systems and operational data. It starts with an introduction on ATM security principles, regulatory aspects and the security risk assessment methodology. This 1-day introduction is followed by presentations about information security, incident management - including how it is implemented in EATM and an example ANSP - and a few case studies.

The rapid development of Information Systems technology is obviously increasing cyber risks. Threats to ATM systems accessible via data communications networks are becoming prevalent and sophisticated. Vulnerabilities inherent in almost all computer operating systems, many support services and, network and CNS applications can be exploited in a variety of ways. On the other hand, civil aviation organisations rely on the interconnection of electronic communications networks even for critical parts of their operations, including safety-critical functions (e.g. surveillance data exchange, flight plan processing, etc). The protection of information systems from malicious attacks and the means of dealing with the consequences of such attacks are encompassed by cyber security. Security events and security incidents could be the result of accidental or deliberate acts of staff or malicious attacks by an external attacker. They may also arise from weaknesses in hardware, software, configurations or processes.

This course describes the Cyber threats to ATM, the vulnerabilities to be mitigated and the methods for managing incidents.
It is recommended to have attended the SEC-CYBER-MS course (previously SEC-MS course), in order to understand the steps to be conducted during a Security risk assessment.
Important Note
For participants with minimum basic knowledge in ATM cyber security.
From 2019 onwards, the course will take 5 days, with following additional modules:
- ATM Network security
- the aircraft centric approach (by EASA)
At the end of the course the student will be able:

- to describe the scope of ATM cyber security
- to state the different cyber threats in ATM
- to state the vulnerabilities to be mitigated
- to explain how Cyber security incidents can be managed

- all ATM staff who deal with information systems for ATM, including CNS systems and operational data
- ATM staff dealing with security, more specifically cyber security
- Project leaders of cyber-related projects, i.e. CNS and IM
- System managers of ATM systems.
More information
Course timetable
No fee applies for course participants from Member States’ competent authorities and certified organisations. The training cost is sponsored by the EUROCONTROL Work Programme.

The price per course participant from other organisations or individuals is 1600 EUR.
Terms and Conditions
Please see our Price List
Certificate awarded
All candidates will receive a certificate of attendance.
IANS, Luxembourg