View
0
Download
0
Category
Preview:
Citation preview
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile 1
Direction Générale de
l’Aviation Civile
The European Strategy
for Cybersecurity in
Aviation
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
My first Ideas on an ESCP Strategic
Approach
2
Contingency &
Emergency Response
Planning
Development
Cycle
Cybersecurity by
Design
States
Operators
Manufacturers
European Bodies
ICAOResponsibilities
Awareness
Cyberculture
Articulating with
NIS
Horizontal Rule-
making
Combining
Cyber& Safety
Trust framework
Information
Sharing
Reporting
Competence
Building
Change
Management
Best Practices
Investigation,
Analysis,
Feedback
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
A possible ESCP Roadmap
3
Horizontal Rule-Making
CAA Awareness Campaign
Articulating with NIS
Defining Responsibilities
EU Civil Aviation Trust Framework
Combining Cyber & Safety
Cyberculture Competence Building
Information Sharing
Reporting
Change Management
Development Cycle
Cybersecurity by Design
Contingency and Emergency Response Plan
Beg 2018
Mid 2018
Beg 2019
Mid 2019
Beg 2020
Mid 2020
Investigation, Analysis,
Feedback
Certification
Processes
??
Elements for Strategy Framework
• RMT.0720: Develop a cybersecurity regulatory framework covering the different
domains
• RMT.0648: Introduce cybersecurity provisions in certain Certification Specifications
• Info Sharing: Establishment of a European Centre for Cyber Security in Aviation
(ECCSA)
• Research/Studies: Develop a vulnerability DB collecting, maintaining, and
disseminating information about discovered vulnerabilities targeting major transport
information systems. 21st Feb 2018 4
The strategy will include, among others, actions in the following areas: Information sharing Research and studies Event investigation and response Knowledge and competence building International cooperation and harmonization Regulatory activities and development of Industry Standards
The ESCP Strategy Structure
5
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile 6
Future Systems: Key Role of Information
Management
Block 1Block 0 Block 2 Block 3
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile 7
We need a real Global Strategy for
Cyber !!
To be integrated in all activities
Data Communication
Detailed path to convergence
Information Management
Need for an overall Global Strategy
Governance issues
Regional or Sub-regional Services
Modularization of Enabler Roadmaps
Detail the path for convergence
7
ATN
B1
ATN
B2++
IP
FAN
S
ATN
B2
OS
IVDL 2
LDA
CS
?
Physical Layers
Network
Message Set
Applications
Cyb
er P
rote
ctio
n
Freq
uen
cy S
pec
tru
m
Cyber shall be part of the
Data Link Strategy
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
Buy, Train, Operate: 5 Y
Timeliness and Multiple Actors
8
Performance of the aviation system depends from the capacity of actors to act in cohesion
4 December 2018 8
State A/O
ANSPAPT
Performance
Cost
Aircraft Manufacturing: 15 Y+ 30Y life time
Rule Making process: 2 Y
Buy, Train, Operate: 3 Y
Buy, Train, Operate: 3 Y
A real need for a coordinated Approach
Actions from all for a global or common benefit
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
The Global Regulatory Context
9
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
Working together is needed!
10
• ICAO
• EASA European Strategic Coordination Platform
• DG Move, ECAC
• ENISA
• Industry Standards
• National Security Agencies
Global Standardization Roadmap and
a Global and interoperable Approach!!!
4 December 2018 10
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
What is for me in the ESCP Strategy?
11
Strategic Implementation
ESCP Strategy
COMPREHENSION
MY SITUATION
?
Actions and
Evolutionary Steps
IDENTIFICATION National
Plan
!!
Return of Experience
Cyber
Performance
www.stac.aviation-civile.gouv.fr
Direction générale de l’Aviation civile - Service technique de l’Aviation civile
Thank you for your attention
Recommended