Aviation group calls for coordinated cyber security

Washington DC
Source:
This story is sourced from Pro
See more Pro news »

The American Institute of Aeronautics and Astronautics (AIAA) will release a report in the coming weeks calling for governments, industry players and others to address cyber security threats to the international commercial aviation industry.

On 30 July, the Reston, Virginia-based group released a preview paper of its final cyber security report, scheduled to be released during the group's 11-13 August AIAA Aviation 2013 conference in Los Angeles.

The preview paper says the aviation industry depends on one of the world's most complex and integrated technological systems - one that is increasingly at risk from threats from cyberspace.

James Albaugh, AIAA's president-elect and former top executive at Boeing, tells Flightglobal that the paper is an effort to coordinate worldwide cyber security efforts, noting that different players in the commercial aviation industry - nonprofit groups, governments, suppliers, airports and airlines - have each developed disparate standards and guidelines.

"This is an attempt by AIAA to try to pull together an outline or approach that ... might serve as a reference of all the other work that has been done" says Albaugh. "We are trying to provide a template ... to pull the information together in one place."

Albaugh says threats should be taken seriously because of the "increasingly networked and connected world" of commercial aviation.

The question is, "How do you protect an entire global network?" he says. "It has to be an integrated approach. No one can do it on their own."

Organisations that are developing standards include the National Institute of Standards and Technology, the International Organisation for Standardisation, ISACA (the Information Systems Audit and Control Association) and The Centre for Education and Research in Information Assurance and Security.

The paper will address issues such as the need for the aviation community to foster a cyber security-focused culture, understand risks and communicate and respond to threats.

Albaugh, who was president and chief executive of Boeing's commercial airplanes division until 2012, declines to discuss specific threats to the aviation industry.

He also does not say to what degree commercial aircraft, which increasingly rely on automation and increasingly communicate wirelessly with ground systems, are at risk from cyber attack.

But Albaugh notes that aircraft manufacturers like Boeing and Airbus, and government agencies like the US Federal Aviation Administration, "are taking great precautions" to ensure aircraft are safe from sabotage.

"They have done that pretty well," says Albaugh.

Boeing and Airbus "take great precaution to [protect] flight-critical systems and hardware," he adds.