This is a boom time for the aviation industry. The ten year average for passenger growth hovers around 5.5 percent globally, aviation accidents and incidents are down to their lowest levels, profits are up due to historically low oil prices, and the increasing use of technology is transforming efficiency and passenger experience.1
As an “always on” generation of travelers demands to be “always connected,” an increasingly interconnected aviation industry is employing ever more digital technologies to deliver efficiencies: across aircraft (including Unmanned Aircraft Systems [UAS]), Air Traffic Management (ATM), airports, and their supply chains.
Aviation is a cornerstone of national and international commerce, trade, and tourism, which means even an isolated incident could spark a crisis of confidence in the entire sector. The potential impacts on stock market value, stability, and national gross domestic product makes securing and protecting the connected aviation world a critical element of national security.
This study indicates that the aviation industry will likely experience cybersecurity challenges similar to other industries that have embraced the “digital revolution.” As the industry moves forward, will it be able to maintain stakeholder trust by accurately perceiving the risks and opportunities as well as understanding adversary threats?
Previously, aviation systems were relatively secure due to the bespoke nature of their design, isolation from other systems, and little in the way of communication protocols. But aircraft and ATM are no longer isolated, and ground services and supply chains are becoming fully integrated into an interconnected digital world.
In addition, cyber adversaries and their capabilities evolve and adapt quickly. This may be particularly challenging for an industry where many of the systems have long design and development periods. As technology radically transforms design, production, operation, and maintenance of aircraft, models of safety and security must adapt. While new and emerging capabilities, like additive manufacturing and UAS, are transforming the aviation sector, their novelty may obscure the cybersecurity risks these technologies introduce.
Connectivity of aircraft systems, through traditional information technologies and aviation-specific protocols, has now extended the attack surface to the aircraft itself. Aircraft are now complex data networks, yet the ability to monitor them arguably lags behind comparable ground-based networks—as does the ability to avoid and respond to potential cybersecurity incidents. ATM is also undergoing a sweeping modernization program that shifts away from legacy radars and beacons to a heavy reliance on Global Positioning Systems (GPS) and digital communications. Advanced technologies such as GPS and ADS-B can greatly improve accuracy and reliability under normal conditions, yet remain susceptible to degradation by environmental hazards or manipulation by hostile actors.
Airports are a key focal point of adversary interest. As a federated management system with numerous interdependent service providers, deficiencies in airport cybersecurity may allow bypass, subversion, and eventual breaches of physical security. Additionally, as capabilities such as remote tower services gain popularity, balancing commercial interest with sound risk management will be even more difficult. Attacks against public-facing systems at airports may pose little safety risk, but can harm public confidence and trust.
As the domains of aviation and cybersecurity increasingly overlap, the common goals of safety, resilience, and trust can be achieved sooner by working together. Preserving aviation’s strengths relies on clear definition of governance and accountability and recognition of shared responsibility across the supply chain. The aviation industry has a longstanding and robust safety management system with a safety culture embedded in its core. As the cybersecurity industry looks to deliver cyber safety, it should draw upon these strengths and leverage the processes already in place.
The aviation industry has thrived under mature, global policy and regulation frameworks with clarity and coherency. The challenges of cybersecurity are testing this as nations, organizations, and businesses attempt to develop best practice. There will be a key role for the International Civil Aviation Organization (ICAO) in bringing both leadership and vision to the challenge.
With multiple perspectives and stakeholders, it is essential for the increasingly interconnected aviation industry to have a clear, coherent vision.
1 “Another Strong Year for Air Travel Demand in 2016,” IATA, press release, February 2, 2017,
With multiple perspectives and stakeholders, having a coherency and clarity of vision will be essential as the aviation industry becomes further interconnected. This report suggests the following vision:
To achieve this vision, a number of themes repeatedly arose during the report which were seen as foundational to addressing the aviation cybersecurity challenge. These themes have been developed into what may be considered the foundational elements of the vision and are explored below.
Systems Thinking, Governance, and Accountability
In a complex, interdependent, system of systems, finding and securing the weak links are not only an essential requirement but also a critical test of governance and accountability. The ICAO has a leadership role in working with national regulators to decide how the aviation industry should manage cyber risks and to clarify and simplify the legislative burden for stakeholders.
Resilient Systems
“Advanced adversaries will still breach the IT infrastructure.” 2 This assumption of future breach, failure, or attacks on data integrity brings greater focus to deliver resiliency as well as security. It will require both resilient systems engineering practices and a resilient personnel culture to safely work through such adversary activity.
Resilient Trust
The importance of stakeholder trust is at the forefront of the aviation cybersecurity challenge. If adversaries can erode trust, they are able to control passenger and stakeholder experience, perspective, and confidence. The longer it takes for an operator to counter perceptions and regain trust, the less credibility the operator will have in the eyes of the stakeholder.
Secured Human Decision-Making
Human error or technical failure is inevitable, but all aviation systems are designed to help a human operator recognize and deal with an accident or incident before it impacts safety. Therefore, there must be a focus on protecting the integrity of the data that operators are presented with so they are able to make safe and timely decisions.
Shared Perspective and Culture
The importance of collaboration cannot be underestimated. But beyond sharing knowledge and different perspectives, there is great potential for cultural exchange between the aviation and cybersecurity industries. Developing a shared culture in which both groups synergize and view the challenges and potential solutions will increase awareness of risk and robust resilience.
Improving aviation cybersecurity is a journey and not an end-state; therefore, the early steps are important, especially when addressing a challenge of considerable scale and complexity.
This section lays out considered and specific recommended next steps for all stakeholders
Reinforce Leadership and Standardization (Globally, Nationally, Regionally, etc.)
The rapid incorporation and development of connected technologies within the aviation industry is only outpaced by the development of adversary capability. As the most senior aviation body addressing the challenge of aviation cybersecurity, the ICAO should provide recommendations to address the challenges and offer clear requirements for the governance and accountability of cyber safety and cyber risk across the global aviation landscape.
Define a Common Understanding of Aviation Cyber Safety and Security
Maintaining the security of complex, safety-critical systems (with multiple suppliers) is a challenge. Any confusion about who is accountable for safety responsibilities and security responsibilities is likely to obfuscate the true safety risk. Governance and accountability of cyber safety and cybersecurity must be well understood, defined, robust, and fully incorporated into existing SMS in a way that strengthens, not weakens, what is already in place.
Reevaluate, Develop, and Use Robust Threat Models
The aviation industry has the unenviable security challenge of long hardware life combined with a long software patch cycle and a rapidly evolving threat landscape. Aviation cyber threat models must better encompass and predict adversary capability, motivation, and evolution throughout the entire lifecycle of the product or system. This activity will require collaboration across multiple stakeholders, be they government, aviation industry, or independent researchers.
Develop and Communicate Coherent Messaging on Cybersecurity Risks
There is not a coherent aviation industry position on cybersecurity risk, which may make it difficult to recover from the shift in stakeholder perception and loss of trust in the event of a successful attack. The aviation industry must have clear, realistic, and coherent messaging about cybersecurity risks and the efforts to mitigate them. This will require bringing together stakeholders and generating a shared responsibility for solving problems.
Find Ways to Develop Trust with Non-Technical Audiences
Physical security and safety measures are often visible and tangible, making it easier for non-technical stakeholders to understand and develop trust in them. The technical complexity of cybersecurity means that developing, communicating, and protecting trust will be more difficult. The aviation industry must find ways to build trust founded on the reality of cyber resilience and backed up with demonstrable measures. The more that such trust can be demonstrated and communicated, the less impact cyber incidents or claims may have.
Improve Agility in Security Updates
Installing hardware and software security updates within aviation safety critical systems is a lengthy process. The aviation industry must develop and implement best practices for greater agility and efficiency in security updates to prevent any impact on service and safety. This should incorporate methodologies to both accelerate patch cycles (including secure rollouts) and develop in-place mitigations to cover the vulnerability gap. Additional consideration should be given to how modification of certification policies and system design can assist the process.
Design Systems and Processes to Capture Cybersecurity-Relevant Data
There is currently very little visibility, metrics, or logging of many interconnected aviation systems, making it a challenge to observe and assess Indicators of Compromise (IoC), let alone to remediate or secure. Poor visibility of critical data or little collaboration on findings will make it extremely difficult to understand the scale of the cybersecurity challenge for the aviation industry. The aviation industry needs to develop data capture abilities to detect IoC in hardware and systems and must permit rigorous, independent investigations of incidents and accidents.
Train for Safety Across Multiple Disciplines
Aviation personnel are currently not trained to spot, assess, or appropriately react to disruptive cyber adversary actions. Likewise, cybersecurity personnel may not be trained to understand the nuances of aviation operations. The aviation industry must develop appropriate methodologies and training across multiple disciplines to equip all personnel with the skills to recognize adversary activity and maintain safe operations.
Incorporate Cyber Perspectives into Accident and Incident Investigations
Aviation accidents and incidents are thoroughly and objectively investigated, often by national bodies. These investigations focus on recreating events in order to discern a root cause, so that the rest of the industry can avoid the same occurrence. The aviation industry must incorporate cybersecurity aspects into such investigations and propose best practices focusing not only on organizational structures, authorities, and technologies, but also on what may be required in aviation system design to permit timely and forensically sound investigation.
There is much the cybersecurity industry can learn from aviation. Managing safety in the face of complex risk has been culturally ingrained into aviation for many years. Achieving this has taken rigorous objectivity and both individual and shared responsibility and accountability.
As organizations seek to exploit the opportunities of a connected aviation industry, they must retain the ability to be objective about both the benefits and risks. Innovative connected technologies, if sympathetically and resiliently integrated, can assist in efficiency and safety; but this must not be at the cost of unknown or unacceptable risk.
Though the aviation cybersecurity challenge is firmly rooted in connected technologies, the solutions to this challenge may lie elsewhere. It will take consideration and incorporation of multiple stakeholder perceptions to reduce the risk posed by adversaries. In a rapidly evolving environment, the industry must exercise leadership and utilize teamwork to boldly look to the horizon with clear purpose and maintain stakeholder unity.
The number of aviation cybersecurity initiatives implemented by passionate leaders is growing in parallel with a strong research community committed to understanding and improving the state of aviation cybersecurity. The conditions are ripe to find alignment, direction, and progress under strong international leadership to ensure a safe and prosperous aviation industry with resilient trust and systems.