Browse > Article
http://dx.doi.org/10.22937/IJCSNS.2021.21.9.43

International cyber security strategy as a tool for comprehensive security assurance of civil aviation security: methodological considerations  

Grygorov, Oleksandr (Taras Shevchenko National University of Kyiv)
Basysta, Albina (Institute of International Relations of the Taras Shevchenko National University of Kyiv)
Yedeliev, Roman (Taras Shevchenko National University of Kyiv)
Paziuk, Andrii (Kyiv Taras Shevchenko National University)
Tropin, Zakhar (Taras Shevchenko National University of Kyiv)
Publication Information
International Journal of Computer Science & Network Security / v.21, no.9, 2021 , pp. 332-338 More about this Journal
Abstract
Civil aviation cybersecurity challenges are global in nature and must be addressed using global best practices and the combined efforts of all stakeholders. This requires the development of comprehensive international strategies and detailed plans for their implementation, with appropriate resources. It is important to build such strategies on a common methodology that can be applied to civil aviation and other interrelated critical infrastructure sectors. The goal of the study was to determine the methodological basis for developing an international civil aviation cybersecurity strategy, taking into account existing experience in strategic planning at the level of international specialized organizations. The research was conducted using general scientific and theoretical research methods: observation, description, formalization, analysis, synthesis, generalization, explanation As a result of the study, it was established the specifics of the approach to formulating strategic goals in civil aviation cybersecurity programs in the documents of intergovernmental and international non-governmental organizations in the aviation sphere, generally based on a comprehensive vision of cybersecurity management. A comparative analysis of strategic priorities, objectives, and planned activities for their implementation revealed common characteristics based on a single methodological sense of cybersecurity as a symbiosis of five components: human capacity, processes, technologies, communications, and its regulatory support. It was found that additional branching and detailing of priority areas in the strategic documents of international civil aviation organizations (by the example of Cybersecurity Strategy and Cybersecurity Action Plan) does not always contribute to compliance with a unified methodological framework. It is argued that to develop an international civil aviation cybersecurity strategy, it is advisable to use the methodological basis of the Cyber Security Index.
Keywords
cyber security; cyber defense; cyber preparedness; civil aviation; international strategy; regulatory support; international standards;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Petrova, R.Ye. (2020) Pravovyye aspekty bezopasnosti poletov v usloviyakh kiberugroz: na primere grazhdanskoy aviatsii. Monitoring pravoprimeneniya. No 1 (34). p. 56 - 60. DOI: 10.21681/2226-0692-2020-1-56-60   DOI
2 ITU. Global Cybersecurity Index. Available at: https://www.itu.int/en/ITU-D/Cybersecurity/Pages/globalcybersecurity-index.aspx
3 ICAO (2019) A-40-WP/427 Proposal for ICAO Governance of Cybersecurity and Resilience. Assembly - 40th Session. Available at: https://www.icao.int/Meetings/a40/Documents/WP/wp_427_en.pdf
4 Nashynets-Naumova, A. (2013). Pravovoye regulirovaniye informatsiynoi bezpeki v tsivil'niy aviatsii: mezhdunarodno-pravoviy aspekt. Visnik NTTU KPI. Politologiya. Sotsiologiya. Pravo. Reviews, 3 (19), 155-160. Available at: http://nbuv.gov.ua/UJRN/VKPI_soc_2013_3_28.
5 B. Lim (2014), Aviation Security: Emerging Threats from Cyber Security in Aviation - Challenges and Mitigations, J. Aviation MGMT. 83. Available at: http://www.saa.com.sg/saaWeb2011/export/sites/saa/en/Publication/downloads/EmergingThreats_CyberSecurityinAviation_ChallengesandMitigations.pdf
6 Goncharova, N.A. (2018). Regulirovaniye kiberbezopasnosti grazhdanskoy aviatsii: vnedreniye modernizatsii NEXTGEN v Rossii i USA. Zhurnal ≪Biznes. Obshchestvo. Vlast'≫. July 2018. No 2 (28). P. 175-205. Available at: https://www.hse.ru/data/2018/08/18//.pdf
7 A/RES/54/49. UNGA Resolution Developments in the field of information and telecommunications in the context of international security (1999). Available at: https://undocs.org/A/RES/54/49.
8 Klenka, M. (2021) Aviation cyber security: legal aspects of cyber threats. J Transp Secur. https://doi.org/10.1007/s12198-021-00232-8   DOI
9 EUROCONTROL (2019). Aviation Intelligence Unit. Think Paper #3-August 2019. Cyber Security in aviation. Available at: https://www.eurocontrol.int/sites/default/files/2020-01/eurocontrol-think-paper-3-cybersecurity-aviation.pdf.
10 Nickolaos Koroniotis, Nour Moustafa, Francesco Schiliro, Praveen Gauravaram, Helge Janicke (2020). A Holistic Review of Cybersecurity and Reliability Perspectives in Smart Airports. Access IEEE. vol. 8. pp. 209802-209834. doi: 10.1109/ACCESS.2020.3036728.   DOI
11 Abeyratne, R. (2011) Cyber terrorism and aviation-national and international responses. J Transp Secur 4, 337-349. https://doi.org/10.1007/s12198-011-0074-3   DOI
12 S. J. da Silva and J. M. R. Silva. (2021). Cyber Risks In The Aviation Ecosystem: An Approach Through A Trust Framework. Integrated Communications Navigation and Surveillance Conference (ICNS), 2021, pp. 1-12, doi: 10.1109/ICNS52807.2021.9441596.   DOI
13 Abeyratne, R. (2011) Cyber terrorism and aviation-national and international responses. J Transp Secur 4, 337-349. https://doi.org/10.1007/s12198-011-0074-3   DOI
14 Lekota, Faith; Coetzee, Marijke. (2021). Aviation Sector Computer Security Incident Response Teams: Guidelines and Best Practice. European Conference on Cyber Warfare and Security. Reading, (Jun 2021). DOI:10.34190/EWS.21.028   DOI
15 ICAO (2019). Aviation Cybersecurity Strategy. Available at: https://www.icao.int/cybersecurity/Documents/AVIATION%20CYBERSECURITY%20STRATEGY.EN.pdf.
16 Bernard Lim (2016). Civil Aviation Cybersecurity: Possible Actions by Regulators and Stakeholders. Available at: https://www.ecac-ceac.org/images/news/ecac-news/ECAC-News_56_Aviation_in_Asia-Pacific.pdf
17 Resolution 2309 (2016). Adopted by the UN Security Council at its 7775th meeting, on 22 September 2016. Available at: https://undocs.org/en/S/RES/2309(2016)
18 ICAO (2019). A40-11. Consolidated statement on continuing ICAO policies related to aviation security. Assembly - 40th session. Available at:https://www.icao.int/Meetings/a40/Documents/Resolutions/a40_res_prov_en.pdf
19 ICAO (2019). A40-10. Addressing Cybersecurity in Civil Aviation. Assembly - 40th session. Available at: https://www.icao.int/Meetings/a40/Documents/Resolutions/a40_res_prov_en.pdf
20 ICAO (2016). A39-WP/236. Coordinating Cybersecurity Work. Available at: https://www.icao.int/Meetings/a39/Documents/WP/wp_236_rev1_en.pdf
21 D. Jeyakodi (2015), Cyber Security in Civil Aviation, Aviation & Space J., no. 4, Oct.-Dec. Jeyakodi 2015, 11 - 17.
22 F. Alrefaei, A. Alzahrani, H. Song, M. Zohdy and S. Alrefaei (2021). Cyber Physical Systems, a New Challenge and Security Issue for the Aviation. 2021 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS). pp. 1-5, doi: 10.1109/IEMTRONICS52119.2021.9422483.   DOI
23 J. Pollack and P. Ranganathan (2018). Aviation Navigation Systems Security: ADS-B GPS IFF. Proceedings of the International Conference on Security and Management (SAM). pp. 129-135.
24 Lykou G., Iakovakis G., Gritzalis D. (2019) Aviation Cybersecurity and Cyber-Resilience: Assessing Risk in Air Traffic Management. In: Gritzalis D., Theocharidou M., Stergiopoulos G. (eds) Critical Infrastructure Security and Resilience. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-00024-0_13
25 M. Pierides, et al. (2015), Cybersecurity and the Aviation Sector: Recent Incidents Highlight Unique Risks, Pillsbury Law, Available at: https://www.pillsburylaw.com/images/content/1/1/v2/1196/AlertAug2015GlobalSourcingCybersecurityandTheAviationSector.pdf.
26 ICAO (2016). A39-WP/175. Civil Aviation Cybersecurity: Possible Actions by Regulators and Stakeholders. Assembly - 39th session. Montreal, 27 September-6 October 2016. Available at: https://www.icao.int/Meetings/a39/Documents/WP/wp_175_en.pdf
27 ICAO (2020). Cybersecurity Action Plan (CyAP). Available at https://www.icao.int/cybersecurity/Pages/Cybersecurity-Action-Plan.aspx.
28 R. Abeyratne (2016). Aviation Cyber Security: A Constructive Look at the Work of ICAO. 41 Air & Space Law 25, 26-29. Available at: https://www.kluwerlawonline.com/abstract.php?area=Journals&id=AILA2016003
29 S/PV.8057 (2017). Threats to international peace and security caused by terrorist acts, Aviation security. UN Security Council, 8057th meeting 27 September 2017, New York. Available at: https://undocs.org/en/S/PV.8057
30 ICAO (2016). A39-WP/99. Cyber Resilience in Civil Aviation. Available at: https://www.icao.int/Meetings/a39/Documents/WP/wp_099_en.pdf
31 ICAO (2018). AN-Conf/13-WP/270. System-of-Systems Notion of Cybersecurity in Aviation. Montreal, 9-19 October 2018. Available at: https://www.icao.int/Meetings/anconf13/Documents/WP/wp_270_en.pdf
32 Goncharova, N.A. (2018). Regulirovaniye kiberbezopasnosti grazhdanskoy aviatsii: vnedreniye modernizatsii NEXTGEN v Rossii i USA. Zhurnal ≪Biznes. Obshchestvo. Vlast'≫. July 2018. No2 (28). P. 175-205. Available at: https://www.hse.ru/data/2018/08/18//.pdf
33 ICAO (2016). A 39/19. Addressing Cybersecurity in Civil Aviation. Assembly - 39th session. Montreal, 27September-6 October 2016. p. 99-101. Available at: https://www.icao.int/Meetings/a39/Documents/Resolutions/a39_res_prov_en.pdf