Tender: Impact Assessment of Cybersecurity Threats
Germany, 02 August 2016
Currently there is no consolidated knowledge on the potential impact of cyber-attacks to commercial transport aircraft (CAT) for the safety of flight operations and air traffic management (ATM).
The projects aims at developing a comprehensive knowledge base for evaluating the safety impact of a number of potential threats to critical aircraft systems, consolidating the methods and techniques used as well as to enable the EU harmonisation of the associated risk management process.
Objectives and scope
The main objective of the project is to develop a knowledge base for the impact assessment of security threat on the safety of flight operations with a focus on cyber-security threats to a number of critical aircraft systems.
The scope of the project encompasses the preliminary risk assessment at system and aircraft levels for potential cyber-attacks to the following CAT aircraft systems: Flight Management System (FMS), Global Navigation Satellite System (GNSS) receiver, including GBAS and SBAS augmentations.
Such work is to be conducted considering generic functional architectures for aircraft systems and does not encompass the development of detailed system architecture.
Such assessment covers the analysis of potential failure cases, the characterisation of potential impact for flight operations (covering all flight phases) while considering the main (existing) mitigations at the level of flight crews working methods and operational procedures.
The project expected output consists in a series of comprehensive guidelines for aircraft / system development to support the preliminary security risk assessment process along EUROCAE ED-202A Airworthiness Security Process Specification standard.
The key activities of the project are defined below:
Evaluate the safety impact generated by the total loss of FMS during different phases of flight.
Evaluate the safety impact generated by the corruption of FMS data (flight plans) in different phases of flight (take off, climb, cruise, descent, approach) and different navigation context (navigation sensors, approach types, ATM environment).
Evaluate the safety impact generated by the spoofing of GPS, GBAS and SBAS during different phases of flight.
The project encompasses the involvement of a set of CAT Pilots and system engineering experts to review and validate the security threat impact assessment, the identified mitigations though a series of technical workshops and simulation exercises.
Survey of existing methods for assessing the safety impact of cybersecurity threats on flight operations
Preliminary assessment of threats to FMS
Preliminary assessment to the GNSS receiver
Flight simulation exercises
Analysis and conclusions
Submission Deadline: 12 September 2016
Also view the ECN Procurement Notice (accessible by ECN Executive Members - Login to View)