DOI QR코드

DOI QR Code

A Study on the Necessity of Cybersecurity Legislation and Policies in Response to the Use of EFB by Flight Crew

운항승무원 전자비행정보장치(EFB) 사용에 따른 사이버보안 법률 및 정책 필요성 연구

  • 강민호 (한국항공대학교 항공우주법학전공) ;
  • 전상훈 (극동대학교 해킹보안학과) ;
  • 황호원 (한국항공대학교 항공교통물류학부)
  • Received : 2023.11.13
  • Accepted : 2023.12.11
  • Published : 2023.12.31

Abstract

The use of EFB (Electronic Flight Bag) has expanded, providing convenience to flight crews by minimizing paper usage within aircraft and offering the latest information, operability, and convenience related to aircraft operations. EFBs provide flight-sensitive information such as aircraft performance calculations, airport diagrams, routes, and approach procedures. For these information, EFBs connect to the cyber environment through Wi-Fi or self-contained data communication, allowing access to cloud-based systems for information updates, with administrators uploading the latest information for retrieval. However, in contrast to the evolving aviation technology, there is currently no legislation or security policy in place to maintain the security of EFBs, leaving them exposed to potential cyber threats. Therefore, improvements such as revising relevant laws to address potential cyber threats targeting EFBs and establishing and implementing EFB management systems are necessary. This paper aims to present the necessity for amending laws related to EFB security in response to cyber threats and suggests methods for enhancement.

Keywords

References

  1. SK Shieldus, "Occurrence Statistics By Type of Infrigement Accident", Korea Fiscal Information Service, 2022.
  2. ICAO, " Annex 17 to the Convention on International Civil Aviation", Aviation Security, Twelfth Edition - July 2022.
  3. Jung, W. H. "Study on aviation cybersecurity in public law," M.S. Thesis, Chung-Ang University, Seoul, August 2020.8.
  4. Park, S., and Kim, I. J., "Comparative study on legal system on cybersecurity stages on south korea and the unitesd states", Journal of Convergence Security, 44, 2012, pp.33-40.
  5. Jeon, S., "A study on proactive responses to in-flight cyber threats - centered on comprehensive information security management system improvements-", Aviation Management Society of Korea, 21(5), 2023, pp. 66-78.
  6. Cybersecurity Action Plan, ICAO, Second edition January 2022.
  7. Kim, S. M., Ahn, H. B., Yeo, U. J., Hwang, and H. W., "A study on the judicial judgment of flight regulations under the aviation safety act", Journal of the Korean Society for Aviation and Aeronautics, 31(3), 2023, pp. 161-171. https://doi.org/10.12985/ksaa.2023.31.3.161
  8. International Standard, ISO/IEC 27001, "Information Security, Cybersecurity and Privacy Protection - Information Security Management Systems - Requirements", Third edition 2022-10.
  9. International Standard, ISO/IEC 27002, Information Technology - Security Techniques - Code of Practice for Information Security Controls, Second edition 2013-10-01.
  10. International Standard, ISO/IEC 27005, Information Security, CyberseCuRitYand Privacy Protection - Guidance Onmanaging Information Security Risks, Fourth edition 2022-10.
  11. 49 USC 40101 Note, Aviatiob and Transportation Security Act, Public Law 107-71 107th Congress, 19/11/01.
  12. AC 20-173, Installation of Electronic Flight Bag, 09/27/11.
  13. AC 91-78, Use of Class 1 or Class 2 Electronic Flight Bag (EFB), 07/20/07.
  14. AC 120-76B, Guidelines for the Certification, Airworthiness, and Operational Use of Electronic Flight Bags, 6/1/12.
  15. AC 120-76D, Authorization for Use of Electronic Flight Bags, 10/27/17.
  16. AC 119-1, Operational Authorization of Aircraft Network Security Program (ANSP), 9/30/15.
  17. Flight Safety Regulations For Aeroplanes, 2022-572, 2022.10.5., Ministry of Land, Infrastructure and Transport.
  18. Aviation Security Act, No 18354, 2022.1.28, Korea Ministry of Government Legislation.
  19. Aviation Safety Act, No 18870, 2023.1.19, Korea Ministry of Government Legislation.
  20. Information and Communication-Based Protection Act, No 18870, 2022.9.11, Korea Ministry of Government Legislation.
  21. Promotion of Information and Communication Network Utilization and Information Protection Act, No 19154, 202.7.4, Korea Ministry of Government Legislation.
  22. KIAST, "Study on the Improvement of the System in the Flight Standards", Ministry of Land, Infrastructure and Transport, 2020.