Home > News & Events > Consultant News > Tender: Impact Assessment of Cybersecurity Threats

Consultant News

Tender: Impact Assessment of Cybersecurity Threats


Germany, 02 August 2016

 

Currently there is no consolidated knowledge on the potential impact of cyber-attacks to commercial transport aircraft (CAT) for the safety of flight operations and air traffic management (ATM).

The projects aims at developing a comprehensive knowledge base for evaluating the safety impact of a number of potential threats to critical aircraft systems, consolidating the methods and techniques used as well as to enable the EU harmonisation of the associated risk management process.

Objectives and scope

The main objective of the project is to develop a knowledge base for the impact assessment of security threat on the safety of flight operations with a focus on cyber-security threats to a number of critical aircraft systems.

The scope of the project encompasses the preliminary risk assessment at system and aircraft levels for potential cyber-attacks to the following CAT aircraft systems: Flight Management System (FMS), Global Navigation Satellite System (GNSS) receiver, including GBAS and SBAS augmentations.

Such work is to be conducted considering generic functional architectures for aircraft systems and does not encompass the development of detailed system architecture.

Such assessment covers the analysis of potential failure cases, the characterisation of potential impact for flight operations (covering all flight phases) while considering the main (existing) mitigations at the level of flight crews working methods and operational procedures.
The project expected output consists in a series of comprehensive guidelines for aircraft / system development to support the preliminary security risk assessment process along EUROCAE ED-202A Airworthiness Security Process Specification standard.

The key activities of the project are defined below:

  • Evaluate the safety impact generated by the total loss of FMS during different phases of flight.

  • Evaluate the safety impact generated by the corruption of FMS data (flight plans) in different phases of flight (take off, climb, cruise, descent, approach) and different navigation context (navigation sensors, approach types, ATM environment).

  • Evaluate the safety impact generated by the spoofing of GPS, GBAS and SBAS during different phases of flight.

The project encompasses the involvement of a set of CAT Pilots and system engineering experts to review and validate the security threat impact assessment, the identified mitigations though a series of technical workshops and simulation exercises.

Tasks

  • Survey of existing methods for assessing the safety impact of cybersecurity threats on flight operations

  • Preliminary assessment of threats to FMS

  • Preliminary assessment to the GNSS receiver

  • Flight simulation exercises

  • Analysis and conclusions

 

Submission Deadline: 12 September 2016

Also view the ECN Procurement Notice (accessible by ECN Executive Members - Login to View)

Back to Consultant News