The rapid development of Information Systems technology is obviously increasing cyber risks. Threats to ATM systems accessible via data communications networks are becoming prevalent and sophisticated. Vulnerabilities inherent in almost all computer operating systems, many support services and, network and CNS applications can be exploited in a variety of ways. On the other hand, civil aviation organisations rely on the interconnection of electronic communications networks even for critical parts of their operations, including safety-critical functions (e.g. surveillance data exchange, flight plan processing, etc). The protection of information systems from malicious attacks and the means of dealing with the consequences of such attacks are encompassed by cyber security. Security events and security incidents could be the result of accidental or deliberate acts of staff or malicious attacks by an external attacker. They may also arise from weaknesses in hardware, software, configurations or processes.
This course describes the Cyber threats to ATM, the vulnerabilities to be mitigated and the methods for managing incidents.
It is recommended to have attended the SEC-MS course (previously GEN-SEC course), in order to understand the steps to be conducted during a Security risk assessment.
At the end of the course the student will be able:
- to explain the different cyber threats in ATM
- to describe the vulnerabilities to be mitigated
- to explain how Cyber security incidents can be managed
- ATM staff dealing with security, more specifically cyber security
- Project leaders of cyber-related projects, i.e. CNS and IM
- System managers of ATM systems.
All candidates will receive a certificate of attendance.