Methodology for risk management related to cyber-security of Unmanned Aircraft Systems

Tran, Trung Duc; Thiriet, Jean-Marc; Marchand, Nicolas; Mrabti, Amin El; Luculli, G.

doi:10.1109/etfa.2019.8869200

Cited by 7 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cybersecurity risk management is an ongoing process of risk assessment and risk mitigation [22]- [26] to be planned and implemented in the aviation system to mitigate the negative impacts of cyber risks on aviation safety and other impacts on the economy and efficiency of aviation systems. In this section, we propose a qualitative and quantitative methodology for cybersecurity risk assessment, which is a key component of cybersecurity risk management.…”

Section: Cybersecurity Risk Assessment Methodologymentioning

confidence: 99%

Studying Cybersecurity in Civil Aviation, Including Developing and Applying Aviation Cybersecurity Risk Assessment

Elmarady¹,

Rahouma

2021

IEEE Access

View full text Add to dashboard Cite

In addition to the importance of safety in civil aviation, the significance of cybersecurity in the aviation sector cannot be ignored, and this fact has often been highlighted owing to frequent cyber-attacks that denigrate victim(s) and also lead to political and economic controversies. Cybersecurity has recently received a major boost, with the shift of air navigation facilities from analog ground-based systems to digital space-based systems to accommodate the tremendous growth in air traffic density. Furthermore, most air navigation facilities have open designs that tend to overlook security concerns. In this regard, identifying a systematic methodology for aviation cybersecurity risk assessment is a key element in the identification of potential threats, and assessment of their likelihood and risk levels, whereby risks can be reduced to tolerable levels through appropriate mitigation measures. Existing review articles have not addressed cybersecurity in all the various aviation systems, and have not considered a systematic methodology for aviation cybersecurity risk assessment. This paper therefore presents a systematic qualitative and quantitative cybersecurity risk assessment methodology for legacy and next-generation critical infrastructure in aviation systems, such as air-ground communication, radio navigation aids, aeronautical surveillance, and system-wide information management (SWIM). Our analysis shows that the communication, navigation, and surveillance systems with the highest risk levels are very-high frequency voice communication, satellitebased navigation, and automatic dependent surveillance-broadcast, respectively, while those with the lowest risk levels are controller-pilot data link communication, ground-based radio navigation aids, and secondary surveillance radar, respectively. Furthermore, the risk level of potential cyber-attacks in SWIM is medium.

show abstract

Section: Cybersecurity Risk Assessment Methodologymentioning

confidence: 99%