Air traffic management (ATM) comprises a complex system of systems, traditionally characterized by custom communication protocols and self-contained systems used for exchanging information between entities, which include aircraft, air traffic control, aerodrome control towers, aircraft operators and flow managers.
The digital transformation of ATM is ongoing, and involves the development of new operational concepts leveraged by optimizing the sharing and use of digital data, and increasing the connectivity of disparate systems to deliver enhanced ATM system performance cost-effectively, while maintaining or improving safety levels. This transformation may, however, result in the ATM system being more vulnerable to cyber-attacks than before, due to increases in the attack surface resulting from the system's inherent complexity and heterogeneity, combined with the integration of new systems, networks, and services.
Part I of the workshop examines the current ATM system, and surveys examples of security incidents, providing examples of current vulnerabilities along with options for risk mitigation. The expected evolution of ATM in the short and medium term is then explored, along with potential emerging threats and vulnerabilities.
Part II addresses how to respond to the challenge of securing the ATM system, both now and in the future, to ensure that it is resilient to attack and able to recover to normal levels of services as quickly as possible. Topics such as security risk management, risk assessment, resilience by design, and the need for a holistic approach are explored. The importance of developing a security culture through training and awareness programmes is also addressed.
