The criticality level of civil aviation (CA) information infrastructure is considerably amplified by high degree of connectivity and interaction between ground and aircraft systems. Malicious interference into mentioned systems puts at threats passengers, crew and ground staff security. Unauthorized access to so-called critical aviation information system (CAIS) is very crucial and it may have serious and tragic consequences. The control aviation security documents declare following requirements to ensure CAIS security against cyberthreats (potential cause of an unwanted incident, which may result in harm to a system, individual or organization – ISO / IEC 27032). Doc 30 declares that measures addressing cyberthreats to CA have been included in the National Civil Aviation Security Programme, the National Quality Control Programme and the National Civil Aviation Security Training Programme. Similar requirements are declared in Annex 17 to Chicago Convention on International Civil Aviation, Doc 8973 as well as in Doc 9985. However, there are still a lot of unsolved problems related to CAIS identifying, its criticality assessment and development of methods to provide its cybersecurity. From this viewpoint in the paper integrated complex approach to provide CA cybersecurity was proposed.
展开▼
