Security has been a big issue for civil aviation for decades. Airports and aircrafts are susceptible targets for terrorist attacks. The list of incidents is extensive and gets longer every year despite strict security measures.
Aviation has become the backbone of our global economy bringing people to business, tourists to vacation destinations and products to markets.
Statistically flying remains the safest mode of travelling compared to other modes of transportation. Yet significant threat continues to exist. Terrorists and criminals continue in their quest to explore new ways of disrupting air transportation and the challenge to secure airports and airline assets remain real. This calls for greater awareness of security concerns in the aviation sector.
“Protecting this system demands a high level of vigilance because a single lapse in aviation security can result in hundreds of deaths, destroy equipment worth hundreds of millions of dollars, and have immeasurable negative impacts on the economy and the public’s confidence in air travel.”
—Gerald L. Dillingham, United States General Accounting Office, in testimony before the Subcommittee on Aviation, Committee on Commerce, Science, and Transportation, U.S. Senate, April 6, 2000.
4. Security in Aviation Sector
Introduction
Security has been a big issue for civil aviation for decades. Airports and aircrafts are susceptible targets for terrorist attacks.
The list of incidents is extensive and gets longer every year despite strict security measures.
Aviation has become the backbone of our global economy bringing people to business, tourists to vacation destinations and
products to markets.
Statistically flying remains the safest mode of travelling compared to other modes of transportation. Yet significant threat
continues to exist. Terrorists and criminals continue in their quest to explore new ways of disrupting air transportation and
the challenge to secure airports and airline assets remain real. This calls for greater awareness of security concerns in the
aviation sector.
“Protecting this system demands a high level of vigilance because a single lapse in aviation security can result in hundreds of
deaths, destroy equipment worth hundreds of millions of dollars, and have immeasurable negative impacts on the economy
and the public’s confidence in air travel.”
—Gerald L. Dillingham, United States General Accounting Office, in testimony before the Subcommittee on Aviation,
Committee on Commerce, Science, and Transportation, U.S. Senate, April 6, 2000.
AIRPORT AIRLINE ICAODIAGRAM IATA CERTINTRO
8. Airport Security
Airport security refers to the techniques and methods
used in protecting passengers, staff and aircraft which
use the airports from accidental/malicious harm, crime
and other threats.
Airport security threats could be the following:
Cyber Attack
Sabotage
Traffic of Unauthorized Materials
Improvised Explosives Devices (IED)
Other Security Threats
Border Security
Photo courtesy : redjar/ flickr.com
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
9. o Sabotage
o Traffic of Unauthorized Materials
o Other Security Threats
o Improvised Explosives Devices (IED)
o Border Security
Airport Security (Contd.)
CYBER
ATTACK
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
10. GPS Spoofing & Jamming
Spoofing - It is an attempt to deceive a GPS receiver by broadcasting
counterfeit GPS signals, structured to resemble a set of normal GPS
signals, or by rebroadcasting genuine signals captured elsewhere or at a
different time.
Incident example - In 2009, a truck driver managed to accidentally mess
with the navigation systems of New Jersey’s Newark airport as he drove
past on a neighbouring highway.
Incident example - A "proof-of-concept" attack was successfully
performed in June, 2013, when the luxury yacht "White Rose" was
misdirected with spoofed GPS signals from Monaco to the island of
Rhodes by a group of aerospace engineering students from the Cockrell
School of Engineering at the University of Texas in Austin. The students
were aboard the yacht, allowing their spoofing equipment to gradually
overpower the signal strengths of the actual GPS constellation satellites,
altering the course of the yacht.
Jamming - knocks out the navigation system entirely. Jammers can
disrupt civil aviation systems and emergency service communications.
Airport Security (Contd.)
Cyber Attack
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
11. ATC hacking
Hackers could gain access to communication between aircraft and ATC centres and send false information
to mislead pilots or overwhelm controllers with fake aircraft signals.
Incident noted in International Civil Aviation Organization’s (ICAO) 12th Air Navigation Conference - An
extract from the media in July 2012: “At a recent conference Dr. Andrei Costin gave an unnerving
demonstration of weaknesses in the air traffic control systems coming into use. He showed that with just
$2000 worth of store-bought electronics an ADS-B beacon could be 'spoofed' to show that a non-existent
aircraft was coming in to land. This 'Ghost Plane' presentation was possible because air traffic control
systems have no way of verifying where messages are coming from”
Airport Security (Contd.)
Cyber Attack
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
12. Security threat to Airport Operating Systems
Airport infrastructure supports many different operations that are critical
for the efficiency and effectiveness of the air transport system making
cyber security system implementation essential to protect and control
those operations. There have been incidents when cyber criminals,
hackers have found opportunity to attack airport systems. For example –
Incident noted in ICAO 12th Air Navigation Conference - Three software
engineers were accused of disrupting operations at a new terminal at an
airport in June 2011. They worked for a sub-contractor and when they didn’t
get a pay rise they sabotaged the program code. Check-in services failed 3
days later, and 50 flights were delayed, causing knock-on delays elsewhere;
Another example would be the attack on Istanbul Atatürk and Sabiha
Gökçen airports. In July 2013 the passport control systems at the departure
terminals in both of these airports were shutdown by a cyber-attack.
Passengers were forced to stand in line for hours, and the majority of flights
were delayed. Even though the systems were restored, the damage could be
felt for many hours after.
Airport Security (Contd.)
Cyber Attack
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
13. Security threat to Airport Security System
Several potential targets for cyber attacks exist within the realm
of internal airport operations:
Access control and perimeter intrusion systems
Radar systems
Ground radar
Network-enabled baggage systems
Wireless and wired network systems
Supervisory Control and Data Acquisition (SCADA)-type ICSs
Airports typically rely on SCADA-type industrial control systems
for utilities, baggage systems, and business processes such as
facility management. Due to their limited or lack of internet
access, SCADA-type systems may appear to be more secure, but
they too are vulnerable to cyber threats.
Airport Security (Contd.)
Cyber Attack
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
14. Sabotage in Airport
Sabotage attempts in airports is a threat that has had its incidents in the past.
For instance in June 2007 two men attempted to drive a Jeep Cherokee carrying
propane gas and petrol canisters into Glasgow Airport terminal building and
detonate them.
More recent sabotage attempt that needs a mention here is, in Sept 2014, when
a thirty-six-year-old Brian Howard, a contract employee in Naperville, Illinois
started a fire in the basement telecommunications room of the Air Traffic
Control Center in the Chicago suburb of Aurora and then attempted suicide. He
was charged with destruction of aircraft and aircraft facilities.
There is a history of airport sabotage attempts. In Sept. 1978 there was a
sabotage attempt in new Tokyo International Airport. Radicals attempted to
sabotage by severing cable lines. Nearly 30,00 phone and telex links were
paralyzed in three cities because of that.
Airport Security (Contd.)
Sabotage
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
15. Airport Security (Contd.)
Finding IED near airports has been in the news. Apart from landing and taking-off
aircrafts, human lives in and around airports would also face significant threat in
the eventuality of such IEDs detonating.
On July 1, 2015, IED found near Camp Robinson and the North Little Rock Airport
in Pulaski County, Arkansas, United States, was in the news.
IEDs may also be borne by a person - Person Borne IED.
PBIEDs are explosives that are concealed on-person, either under or within
clothing, shoes, or other types of personal apparel.
Terrorist organizations worldwide continue to develop innovative PBIED that
would remain undetected during security checks.
PBIEDs are of two types:
Metallic PBIEDs are easier to detect because they can trigger both Walk
Through Metal Detectors (WTMD) and Hand Held Metal Detectors (HHMD).
Non-Metallic PBIEDs consist entirely of well disguised non-metallic
components (Initiator/Primary) and are more difficult to detect using traditional
metal detection instrumentation.
Improvised Explosives Devices
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
16. Ensuring Compliance
It is essential to ensure that goods crossing borders all over the
world comply with global supply chain health and security
requirements.
Purpose
Border Security's purpose is to prevent terrorists and terrorist
weapons from entering the country, provide security at ports
of entry, apprehend illegal immigrants, stem the flow of illegal
drugs, and protect country's agricultural and economic
interests from harmful pests and diseases.
IATA’s Director General and CEO, Tony Tyler - on Border Security
“Airlines fly to hundreds of destinations daily. Programming their systems to adapt to different national requirements places a
heavy strain on resources, while making compliance and data accuracy more challenging than they should be. Through
harmonization, faster compliance is possible and efficient border management, improved security and enhanced passenger
facilitation can all be achieved”.
Airport Security (Contd.)
Border Security
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
17. Trafficking of unauthorized materials can be of various types:
Smuggling of illegal drugs such as cocaine, marijuana, heroine and the like.
Smugglers indulging in such activities could be a common man, airport
workers, security authorities, aircraft staff, and the like.
Incidents like airport workers being accused of smuggling drugs (marijuana )
through security at San Francisco International and Oakland International
Airports in a very recent new incident (July 16, 2015 – abc7 news) or arrest of
a Transportation Security Administration Screener at Los Angeles International
Airport in an alleged drug trafficking scheme on April 25, 2012 (CBS News),
are serious concerns.
Another recent incident was reported when a man with more than 3 kg of
cocaine in his stomach was arrested by Dubai Police on March 29, 2015.
Arms Trafficking
There has been incidents in the past such as Purulia Arms Drop case on 17
December 1995. Unauthorized arms were dropped from an Antonov An-26
aircraft in Purulia district in the state of West Bengal in India.
Airport Security (Contd.)
Traffic of Unauthorized Materials
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
18. Other serious threats include –
Ballistic Attacks Against Aircraft Landing or Taking off
CBRN (Chemical, Biological, Radiological & Nuclear Agents).
Also sometimes referred as WMD (Weapon of Mass
Destruction). Even the threat of a small quantity of such an
agent used on a target shall have significant impact
Explosives in and around Airports
Man Portable Air Defence Systems
Incendiary Materials, can be carried in many forms and used to
damage property
Taking Hostages in Airport Terminal, an act of terror
Theft of Passenger Properties
Illegal Immigration
Airport Security (Contd.)
Other threats
INTRO AIRLINE ICAODIAGRAM IATA CERTAIRPORT
20. Airline security refers to the techniques and methods
used in protecting passengers, staff and aircrafts which
use the airports from accidental/malicious harm, Crime
and other threats.
Airline security threats could be following:
Hijacking
Cargo Security
ACARS Hacking
Cyber Attacks
Sabotage
Airline Security
INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
21. There is a list of Hijacking incidents since 1930s to up to 2015. This is one
very common threat to all airlines. All aviation institutions are highly
sensitized to this and make continual effort to prevent them.
While it is understood that terrorists and extremists will continue to
conjure new ways and means to attempt hijacking, a fool proof and
practical process or system to prevent them has not emerged.
The most recent hijacking incident was reported on 24 Mar’15 when
Germanwings Flight 9525 from Barcelona to Düsseldorf was hijacked by
the co-pilot. 30 minutes after take-off Andreas Lubitz locked himself in a
cockpit when captain went out for a rest. Then the co-pilot started to
descend. Captain tried to communicate with Lubitz, but he didn't reply.
After 8 minutes of falling the airplane crashed in the Alps near the
French village Prads-Haute-Bléone. There were 16 students and one
infant on-board.
Airline Security (Contd.)
Hijacking
INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
22. The Air Cargo System is vulnerable to several security threats
including potential plots to place explosives aboard aircraft; illegal
shipments of hazardous materials; criminal activities such as
smuggling and theft; and potential hijackings and sabotage by
persons with access to aircraft
Undetected explosive or incendiary devices placed in air cargo are
potential threats to aircraft.
Airline Security (Contd.)
There have been incidents such as -
The 21 Dec’88 crash of PanAm Flight 103, a Jumbo Jet, over Lockerbie, Scotland that was attributed to an explosive
device placed in a baggage container in the forward hold of the aircraft
Investigation of the 23 Jun’85 blowing up of Air India Flight 182 off the coast of Ireland revealed evidence of an
explosive device that most likely was introduced in checked baggage and placed in the forward cargo hold
The most notable event involving detonation of an explosive device transported as cargo aboard an airliner was the
15 Nov’79 explosion aboard an American Airlines Boeing 727 that made an emergency landing at Dulles Airport
following the incident. Investigation revealed that the explosive device was contained in a parcel shipped by US Mail.
Cargo Security
INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
23. More recently, on 29 Oct’10 two packages each containing 300
to 400 gms of plastic explosives with a detonating mechanism
were found onboard separate cargo planes. The bombs were
discovered as a result of intelligence received from Saudi
Arabia's security chief. They were bound from Yemen to the
United States, and were discovered at en-route stop-overs, one
at East Midlands Airport in the UK and the other at Dubai
International Airport.
IATA CSTF
IATA has set up the Cargo Security Task Force (CSTF) to ensure
that the experiences and constraints of the airline industry are
considered in the development of effective security
regulations.
The objective of the Cargo Security Task Force (CSTF) is to
provide aviation security regulators with access to, and input
from, a globally balanced group of cargo industry experts to
ensure that the experiences and constraints of the airline
industry are considered in the development of effective
security regulations.
Airline Security (Contd.)
Cargo Security
INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
24. Aircraft Communications Addressing & Report System (ACARS) hacking happens when
hackers take over air traffic control transmissions and give pilots bogus orders. They could:
Create a bogus flight plan update
Create bogus weather
Create fake messages from plane to ground
At the DefCon Security Conference in Las Vegas, Phil Polstra, Associate Professor of Digital
Forensics at Bloomsburg University of Pennsylvania said hackers could access ACARS – a
messaging system to send messages to and from the aircraft. It can contain information such
as weather, flight plan updates, and maintenance issues. So if someone can access ACARS,
faulty messages can be willfully created
Incident - Proof of Concept - German researcher Hugo Teso revealed an app that manipulates
ACARS that can provide access to the Flight Management System (FMS) of the aircraft. One
can communicate with ACARS by hacking the airline’s systems or using a special radio. It is
then possible to send instructions to the aircraft such as “turn left” or “gain altitude.” It is
also possible to mess with the ADS-B or ADS-A tracking systems. These systems provide real-
time aircraft tracking information including altitude, speed, heading and the aircraft's
registration. They could potentially jam signals, create fake weather reports, or create
"phantom aircrafts" that would make pilots believe that other aircrafts are around them
when they actually are not.
Airline Security (Contd.)
ACARS Hacking
INTRO AIRPORT ICAODIAGRAM IATA CERTAIRLINE
25. Sabotage by way of bomb
This is not new to airline security. Attempts have been made a number of
times and terrorists/bad elements continue to look for ways and means to
breach security.
A number of incidents can be mentioned here as an example:
The Shoe Bomber
In December 2001 a British citizen who had received training from Al Qaeda,
attempted to blow up American Airlines Flight 63 from Paris to Miami, using
explosives hidden in a bulky shoe.
Liquids plot
In August 2006 British police arrested 25 suspects. Their intention had been
to carry the separate liquid chemical components of an improvised explosive
compound on to 10 or so US and Canadian flights, using branded soft drinks
bottles as containers, and to mix them on board to create bombs.
Underpants bomber
In December 2009 a Nigerian student, boarded a Northwest Airlines Airbus
A330 scheduled departure for Detroit with pads of explosive material sewn
into his underpants.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Sabotage
AIRLINE
26. On-board the aircraft
Security threat on-board aircraft by cyber criminals is a new concern today.
With modern days handheld smart digital devices being allowed on-board
aircraft, Wi-Fi being made available to passengers, cyber security has
become talk of the moment.
In May 2015, Chris Roberts, a prominent hacker, told the FBI that he had
managed to make an aircraft “climb” and move “sideways” after infiltrating
its in-flight entertainment system.
Also in April 2015, a US report warned that planes with in-flight Wi-Fi are
vulnerable to hacks by passengers and could also be targeted by "malicious
attackers" on the ground.
Related to air navigation systems
It has been demonstrated that ATC and ACARS can be hacked and messages
can be sent to aircraft, instructing the aircraft on its navigation.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
27. Flight Management Systems too have been a target of cyber attack. This and attack on
other airline systems have risen recently. An incident as recent as June 21, 2015 when
LOT Polish Airlines was forced to cancel 10 flights scheduled to depart from Warsaw's
Chopin airport after hackers attacked its ground computer systems. The attack left the
company unable to create flight plans for outbound flights, grounding around 1,400
passengers.
Remote Hijacking: In another incident as a “Proof of Concept” - German researcher
Hugo Teso revealed an app that manipulates the Aircraft ACARS, which can give access
to the plane’s flight management system (FMS). One can communicate with ACARS
through hacking the airline’s systems or using a special radio, according to Teso.
DDoS and botnet attacks: Distributed-denial-of-service attacks have grown in
popularity to carry out a range of malware injection activities. Within such attacks,
hackers utilize botnets of compromised networks to flood air traffic control and other
critical systems with traffic, which results in a crash of the platform. Attackers may also
ask for a ransom amount from the authorities to prevent disruption of flight
management and control systems.
Airline Security (Contd.)
Within the organization (Airline System Hacking & Flight Management System Hacking)
(Contd..)
Flight Management System Hacking
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
28. Through public interfaces | Smart Phones
There has been a demonstration by a German security consultant Hugo Teso
on how to remotely attack and take full control of an aircraft. Along with
other purchased hardware from various sources for demonstration Teso used
his Samsung Galaxy and a specially crafted app called PlaneSploit to
demonstrate how to hack an airplane’s computer.
Another example could be a new theory with Malaysia Airlines flight MH370
vanishing that is suggested by Dr Leivesley who runs her own company
training businesses and governments to counter terrorist attacks, that a
framework of malicious codes, triggered by a mobile phone, would have
been able to override the aircraft’s security software.
Mobile Applications: Most of the airline company now provide Mobile
application for airline services. This could be an opportunity for hackers for a
cyber attack.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
29. Through public interfaces | Websites
Another public interface that could be vulnerable to cyber attack are
websites of airline companies.
In a very recent incident (March 2015) it was reported British
Airways' air-miles accounts, the coding site GitHub and the work chat
service Slack have all been hit in the latest wave of cyber-attacks.
User reported their account had been used by someone else to book
a hotel room in Spain, that their list of transactions showed "ex-
gratia" deductions that had wiped out their entire credit, etc.
Another example out of many incidents could be referenced here is a
group that claimed responsibility for hacking the Hobart
International Airport website and defacing it with a statement
supporting the radical group Islamic State. The incident was reported
on 13th April 2015.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
30. Electronic data exchange issues
The paper checks and balances that exist within the clerical world are not
possible with EDI. While rare, the possibility that data will be intercepted
and stolen or altered in transit does exist. Messages also may be
deliberately or mistakenly duplicated. This can result in overcharges,
wasted resources, and damaged relations between trading partners. For
these and other reasons, companies need to take measures to ensure
accuracy and security, including security policies that limit the authority to
engage in transactions to certain individuals; means of verifying that
messages sent were received intact (electronic "seals"); the use of proper
encryption methods; digital signatures or bio-metrics (the use of human
attributes like fingerprints or voice) to verify the identity of senders and
receivers; audits that verify the accuracy of electronic records; efforts to
ensure that translation software has been written correctly and not
altered; and so on.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
31. GDS/CRS hacking
In a very recent incident (August, 2015) Hackers linked to China
breached the Sabre network, Sabre confirmed that it has been hacked.
There has been incidents in the past where hackers have gained access
to the airlines computer reservation systems.
In one of the past incidents, O’ BRIEN from Boston, US, without
authorization, accessed the computer reservation system at a travel
agency by entering through the company's website, and intentionally
sending commands cancelling ticketed airline reservations for
approximately 60 passengers, thereby causing damage and a loss in
excess of $96,000 to the travel agency. The unauthorized intrusion
resulted in approximately 60 passengers being stranded at airports
during the Christmas holiday season.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
AIRLINE
32. Hacking via on-board Wi-Fi systems
The US Government Accountability Office (GAO) report said that modern
aircraft that have the ability to access the internet through on-board Wi-Fi
systems face the very real threat of being hacked.
“A virus or malware planted in websites visited by passengers could provide
an opportunity for a malicious attacker to access the IP-connected on-board
information system through their infected machines,” according to the
report.
Modern aircraft have Wi-Fi passenger networks that use the same network
as the avionics systems of the planes, raising the possibility that a hacker
could hijack the navigation system or commandeer the plane through the
in-plane network.
The experts said that if the cabin systems connect to the cockpit avionics
systems (e.g. share the same physical wiring harness or router) and use the
same networking platform, in this case IP, a user could subvert the firewall
and access the cockpit avionics system from the cabin.
Airline Security (Contd.)
INTRO AIRPORT ICAODIAGRAM IATA CERT
Cyber Attack
The image below shows the standard setup for
wiring and internet connectivity services in
modern aircraft.
AIRLINE
34. IATA Security Guidelines
International Air Transportation Association (IATA) came with various points for the
safety and efficient operation of the air transportation industry. They were following:
A holding area has to be established and the passengers and their baggage must
be screened before entering the sterile area.
Communication with the passenger must be direct and discrete. The officer on
duty must be able to respond quickly to any unlawful action.
Authorized law enforcement officers armed with communication equipment must
be made available to patrol within the Airport vicinity.
Ensure areas of restrictions are clearly marked. Install proper access control
systems and proper fencing at the perimeters to avoid unauthorized entry. To
ensure proper control at the airside only identified vehicles and authorized
persons with appropriate passes are allowed at the airside areas. Ensure that high
safety standards are maintained at the apron areas.
To ensure at all times identification passes are visibly worn by the person(s)
entering the airside and identification is checked at the access control point
before entering the airside.
INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
35. IATA Security Guidelines
International Air Transportation Association (IATA) cont..
To ensure that physical barriers are installed. Public area is separated from the
baggage and cargo areas. Proper facilities such as x-ray and explosive detection
are available for screening of passengers, baggage and cargo.
To ensure that the aircraft parking areas are adequately protected and controlled
with proper lighting.
Ensure all public viewing areas overlooking the airside are adequately protected
with surveillance cameras.
IATA has also provided guidelines for Cargo Security and Cyber Security.
For Cyber Security IATA has put in place a three pillar strategy to address the cyber
security threat. They are:
work to understand
define and assess the threats and risk of cyber - attack, and
advocacy for appropriate regulation and mechanisms for increased cooperation
throughout the industry and with and between Government agencies.
INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
36. ICAO Security Guidelines
In ICAO's Twelfth Air Navigation Conference - Montréal, Cyber security has been identified as
a high-level impediment to the implementation of the Global Air Navigation Plan.
It was noted that the current pace and extent of new information technologies is notably
increasing the risk from cyber attacks. This is due to a number of factors:
a) there is an increased reliance on a small number of technologies, such as Linux,
Windows, IPv6 protocols and Ethernet (AFDX), and these technologies are widely used
in the IT industry;
b) as a result there is widespread understanding of these technologies, and of their
weaknesses and vulnerabilities;
c) systems are becoming more interconnected and security lapses in one system are likely
to affect others; and
d) there is greater impact from systems failures due to increased reliance on them.
It was also noted that over and above these factors, there is the potential for unforeseen
systematic problems due to weaknesses in oversight. This is mainly due to a lack of
coherence between the many groups working on cyber security, and a lack of expertise and
understanding amongst those who might provide the coherence. Some knowledge of these
problems exists within the industry, but knowledge of the big picture is more limited.
INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
37. ICAO Security Guidelines (Contd..)
ICAO's security guidelines, available in the ICAO Security Manual for Safeguarding Civil
Aviation Against Acts of Unlawful Interference (Doc 8973) may be adopted for the
development of specific measures and incorporated, if needed, into the relevant airport
and airline security programs, regulated agent regimes and quality control measures. A set
of minimum security principles for manufacturers and retailers of LAGs and STEBs (Liquids,
Aerosol and Gels & Security Tamper-Evident Bags) is in paragraph 5 of this document.
The objective of this document is to advise States on the prevention of and, where
necessary, response to acts of unlawful interference, through the application of an aviation
security system consisting of four main elements:
• Legal framework and security oversight;
• Airport design, infrastructure and equipment;
• Human resources recruitment, selection, training and certification; and
• Procedures and the implementation of security measures.
This volume provides guidance with regard to threat and risk assessment, contingency
plans, collection and transmission of information during an act of unlawful interference,
and the subsequent review, analysis and reporting of any act of unlawful interference.
INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
38. ICAO Security Guidelines (Contd..)
The security manual, consisting of five volumes addresses the above-mentioned
elements. The remaining four volumes of the security manual address the following
aspects of an aviation security system:
• Volume I — This volume contains guidance related to legal aspects, international
cooperation, and additional security measures such as in-flight security officers, armed
personnel, a national civil aviation security programme, quality control, and procedures
for handling sensitive information;
• Volume II — . It provides guidance material with regard to the national training policy
and the national civil aviation security training programme, including recruitment,
selection, training and certification of security staff, selection and training of non-
security staff and training development.
• Volume III — It provides guidance material with regard to the requirements of
organization, airport security programme and airport design;
• Volume IV — It consists of preventive procedures with regard to access control, aircraft
operator security, general aviation and aerial work, passengers and cabin baggage, hold
baggage, special categories of passengers, cargo, mail and security procedures for other
entities.
INTRO AIRPORT AIRLINEDIAGRAM IATA CERTICAO
39. CERT
Computer Emergency Response Teams (CERT) are expert groups that handle
computer security incidents
CERT focuses on security breach and denial-of-service incidents, providing alerts and
incident-handling and avoidance guidelines. CERT also conducts an ongoing public
awareness campaign and engages in research aimed at improving security systems.
AirCERT
Automated Incident Reporting (AirCERT) is a scalable
distributed system for sharing security event data
among administrative domains. Using AirCERT,
organizations can exchange security data ranging from
raw alerts generated automatically by network intrusion
detection systems (and related sensor technology), to
incident reports based on the assessments of human analysts.
The goal of AirCERT is to provide a capability to discern trends and patterns of
intruder activity spanning multiple administrative domains.
The AirCERT components are released either under the GPL or LGPL licenses.
CERT (Computer Emergency Response Team)
INTRO AIRPORT AIRLINE ICAODIAGRAM IATA CERT
40. sanju.sinha@gmail.com
Thank you
Disclaimer: Brand names, logos and trademarks used herein remain the property of their respective owners. This listing of any firm or their logos is not intended to imply any
endorsement or direct affiliation with the author.