SlideShare una empresa de Scribd logo

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba

Angeloluca Barba
Angeloluca Barba

An introductory view of the cyber security issue in the modern air traffic management environment looking at eventual safety impacts

Tecnología
1 de 22
Descargar para leer sin conexión
Evolutionary ATM & Cyber SecurityAngeloluca Barba
2 SECURITY PANORAMA IS CHANGING INCIDENTS TERRORISM VANDALISM HUMAN ERRORS HACKTIVIST SPIONAGE Threatsarebecomingmoresophisticated.theinvestmenttoachievearealattackcapabilityislimitedandattributionofresponsibilitiesandreactionareverydifficult.Thisrepresentsanenormousattractionfororganizedhostileentities. Whatevertheobjective,todaythecyberoptionisappealing.
3 ATM System Cyber Security Problem Setting WhileevolutionwillimproveperformanceanddependabilityofATM,itwillopenthewaytonewvulnerabilitiesdue,forinstance,to: increasedrelianceondistributedenterprisecomputing automatedflowofinformationacrossagroundandairbornenetwork Cyberattackswillcomefrommanysourcesandwillhavearangeofpossibletargets,includingcivilian, commercialandmilitarysystemstodamagecriticalservices
4 Interfaces with Aviation and Airspace Security Cross Border dimension federated solutions needed Technology Evolution CIV/MIL Interop. & Air Defence Need of a complete solution for detecting, assessing and protecting Multiple Stakeholders ATM System Cyber Security Challenges
5 Regulations Processes TLC Services Information Cyber Security Governance Interfaces with Aviation and Airspace Security Cross Border dimension federated solutions needed Technology Evolution CIV/MIL Interop. & Air Defence Need of a complete solution for detecting, assessing and protecting Multiple Stakeholders Challenge Needs ATM System Cyber SecurityNeeds
6 Human behavior Malicious Errors Complexity factors Distributed Governance FederatedEnvironment& Systems Information Distribution Identities & Authorization Extended coupling among systems TechnologicalDiscontinuities Wireless Nets (e.g. Aeromacs, LDACS) Backbone Security (PENS, A2G Networks, …) PKI & CA harmonization Heterogeneous technological environments management (OS,MW, …) COTS vs. custom Surfacingissues Cross Border & Military Coordination Aircraft Cyber Security Integrated and critical devices Confidentiality of information in a distributed environment AirportLandsideOperations ATM System Cyber SecurityVulnerabilities PARTIAL MAPPING
7 Agent Threats Impact Hacker Compromissionof public-facing host to use it as a gate to gain access Malicious operations camouflage Personal Data Stealing Unfaithful Employee Flight Plan / Passenger Unauthorized Access Privacy issues Unfaithful Supplier Supply chain risks Anomaly in the security of aviation equipment procured from offshore manufacturers Business Competitor Bad or Unauthenticated MeteoData GPS Spoofing Diverting traffic to different flight space Flight Delays or cancellation Foreign State ATM Support Systems DDoSor Takeover Service Disruption, Block of ATM Services, Crisis State Terrorist Violation of Airports vehicle routing systems or landing queues monitoring Malicious operations camouflage Incidents through mis-directions to surface objects Terrorist 4D Trajectory negotiation or SWIM violation Malicious operations camouflage Providing of bad data to cause incidents or outages Terrorist GPS Spoofing ADS-B spoofing, NAV or landing aids disruption, datalinknetworks sabotage Diverting traffic to different flight space. Flight Delays or cancellation Potential similSept. 11th attacks especially for UAS ATM System Cyber SecurityThreats vs. Impacts PARTIAL MAPPING
8 Personal & CommercialData Stealing Privacy issues Mistrust in the security of aviation equipment procured from offshore manufacturers Service Disruption Flight Delays or cancellation Block of ATM Services Crisis State Domino effect: chain reactions as disruptions spread from system to system Diverting traffic Runway Incursions Potential simil Sept. 11th attacks especially for UAS Lossof data / trust Lossof services Lossof lives ILLUSTRATIVE ATM System Cyber SecurityImpacts
9 Wireless network Information Distribution Spoofing Denialof Service Runway incursion ILLUSTRATIVE ATM ServiceBlock ATM System Cyber SecurityA distributed issue Spoofing Remote hijacking
© Selex ES S.p.A2014 All rights reserved The key characteristic of Western World response is collaboration •Joint research centre –vulnerabilities etc •Pan European exercises •Sector and National CSIRTs •Directive for Network and Information Security •Common Industrial policy EU CYBER STRATEGY RESTS ON COLLABORATION © Copyright Selex ES S.p.A2013 All rights reserved •National Cyber security Initiative •Connecting Cyber Operations Centres •Shared Situational Awareness •Federal, State, Local and Private Sector •Supply chain initiative US INITIATIVES: •Education and R&D initiative •FUNDING! The conceptof sector and national nodes and hubs for reporting, correlating data and sharing intelligence is gaining momentum •To optimise information sharing, collaborationand interoperability NATO: LISBON DECLARATION
11 Evolutionary Cyber Security Reactive & Manual – people based following doctrine and doing their best to “put out the fires” B Tools-based – applying tools and technologies piece-meal to assist people in reacting faster Integrated – Loosely integrated with focus on interoperability and standards-based data exchange C D Strategic –integrated with focus on policy management and consistency across the enterprise E Dynamic IA –Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for the enterprise ANTICIPATE: Respond to attacks before they occur REACT: Investigate who did what to whom DEPLOY: Intelligence that deploys early warning systems DETECT: Observe attacks and intrusions DEFEND: Secure physical and logical assets A Physical Networks Force Protection Influence Protection Physical Activity Computer Activity Electromagnetic Spectrum Activity InfluenceActivity Logical Networks Wireless Networks Infrastructure Cyber User/ Organization Asset/ OrganizationProtection Intelligence e.g. Social Networks
12 ILLUSTRATIVE AirportAirsideOperations AerodromeATC En-routeATC ApprochATC A/G DatalinkGround Mngt Aircraft AdvancedAirspaceMngt AdvancedAirspaceMngt Network Information Mngt ExternalSystems AeronauticalInformation Mngt ATM System Cyber Security Management AOC ATM AirportLandsideOperations Domain impactedby Cyber Security A multi-layer architectural vision for federated Cyber Security in the ATM System
13 •Service Continuity & Disaster Recovery •Applications Security •Identity & Access management •Public Key Infrastructure •Perimeter Protection -DMZ, Firewall, NIDS •Endpoint Protection -Anti Malware, HIDS •Loss and Leakage Prevention •Secure Messaging & Data Sharing •Network BehaviourAnalysis •Network Security –Datalink, Backbone •Encryption Systems •Secure Voice •Multi Level Gateways •PRS -GNSS •RF Spectrum Monitoring •IP & Data Forensic ILLUSTRATIVE First layer intervention: injection of Cyber Security in the ATM System
14 Single StakeholderCyber Security Mngmt(Local SOC) Second layer intervention: local ATM stakeholder Cyber Security management SOC CERT SOC Planning •Security Device Configuration & Mgmt •Patch Management Monitoring •Device Monitoring •Vulnerability Assessment •Cyber Intelligence •Performance Monitoring •Policy Compliance •Threat Management Incident management •Incident Identification & Classification •Incident Notification •Incident Response & Containment •Recovery •Forensics ILLUSTRATIVE
15 Processing of security information originating from ALL the stakeholders at national or international level Real-time common cyber situation awareness of the security scenario Identification of potential threats and countermeasures to reduce risk exposure, also outside the cyber domain Incident Response and Reaction Coordination Decision Coordination Support ATM System Cyber Security Management Third layer intervention: federated Cyber Security management in the ATM system Single StakeholderCyber Security Mngmt(Local SOC) SOC CERT CIRC ILLUSTRATIVE
16 GAMMA : Global ATM Security Management
Project End : August 2017 Analysis, Requirementsand Solution SolutionValidation Implementation WP6 Security Prototype WP8 Platform Integration WP4 Security Solution WP5 ValidationNeeds WP2 Threat Assessment WP9 Validation WP7 Validation environment WP10 Exploitation WP3 Security Management Framework Implementation Proposals Validation Platforms Validation ATM Threat Assessment ATM Security Requirements ATM Security Solution ATM Cyber Security ATM CNS Security ATM physical infrastructure Security ATM Crisis Management
GAMMASolution: LowerSecurity Layer Architectural innovations introducedby GAMMA: •Injection of Security at node/asset level •Alert and event identification •Alert and event notification and distribution Some security enhancements introduced by GAMMA: •Information Security System •Information exchange gateway •Secure Satellite Communication system •Integrated modular radio security •Secure GNSS communication •Secure ATC communication •ATN Security Architecture integration
•ProcessingofsecurityinformationoriginatingfromALLthestakeholdersatnationalorinternationallevel •Real-time common situation awareness of the security scenario •Command and Control capabilities for Incident Response, Reaction Coordination and Decision Coordination Support •Attack prediction and Cyber Intelligence capabilities, for identification of potential threats and countermeasures in order to reduce risk exposure, also outside the cyber domain ATM Security Management © Copyright Finmeccanica. All rights reserved. 19 Single StakeholderCyber Security Mngmt(Local SOC) SOC CERT CIRC GAMMASolution: HigherSecurity Layer
20 What would the outcome look like? Achievement and maintenance of security compliance Monitoring and real time analysis of anomalies plus development of intelligence data Response to incidents: containment, eradication and recovery Development and maintenance of situation awareness, dynamic risk analysis and feed back for training and process improvement Hardening of key systems Regular vulnerability assessment Deter Detect Cyber Defense Assure Respond Learn Assess ASSESSMENT, DESIGN AND REVIEW IDENTIFICATION SECURITY MANAGEMENT SMART PROTECTION Self Learning Whitelisting Automated scanning Rule inference DATA & NETWORK HPC CYBER INTELLIGENCE
21 Final Notes : This is not your usual enterprise network Address ATN Security & ATM Service Specific Issues Focus on data correlation & intelligence Threat intelligence analysis & federation (NCIRC, CERT, international collaborations) E2E CNS/SWIM Security Beware Man in the Middle Proactive instead of reactive BehaviouralCyber Security Shifting focus from data encryption to key management(PKI) Business chains reengineering (e.g. procurement) Automated Vulnerability Reviews & Compliance
THANKYOU FOR YOUR ATTENTION Selex ES S.p.A. via Tiburtina km 12.400 –00131 Rome, ItalyTel. +39 064150.1 –www.selex-es.com AngelolucaBarba Head of Cyber Security Marketing angeloluca.barba@selex-es.com Via Laurentina760 -00143 Roma –Italia www. selex-es.com www.gamma-project.eu

Recomendados

Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Empowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesEmpowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesCristian Garcia G.
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 African Cyber Security Summit
 
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableMobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableXura
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomiIvan Carmona
 

Recomendados

Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Empowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesEmpowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesCristian Garcia G.
 
Information Security Business Middle East 2011
Information Security Business Middle East 2011Information Security Business Middle East 2011
Information Security Business Middle East 2011Arjun V
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 African Cyber Security Summit
 
Mobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableMobile Cybercrime - Don’t Leave Your Customers Vulnerable
Mobile Cybercrime - Don’t Leave Your Customers VulnerableXura
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomiIvan Carmona
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
SS7: 2G/3G's weakest link
SS7: 2G/3G's weakest linkSS7: 2G/3G's weakest link
SS7: 2G/3G's weakest linkPositiveTechnologies
 
Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2fadielmoussa
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackRSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackDan Gunter
 
TEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropePositive Hack Days
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationPositiveTechnologies
 
Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security Adhar kashyap
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceIvanti
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
Fortinet k
Fortinet kFortinet k
Fortinet kmrehan2k2
 

Más contenido relacionado

La actualidad más candente

White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2fadielmoussa
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control SystemHemanth M
 
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackRSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackDan Gunter
 
TEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropePositive Hack Days
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationPositiveTechnologies
 
Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security Adhar kashyap
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceIvanti
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 

La actualidad más candente (20)

White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
SS7: 2G/3G's weakest link
SS7: 2G/3G's weakest linkSS7: 2G/3G's weakest link
SS7: 2G/3G's weakest link
 
Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 
Securing Industrial Control System
Securing Industrial Control SystemSecuring Industrial Control System
Securing Industrial Control System
 
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackRSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System Hack
 
TEUNO Summit - Presentaciones
TEUNO Summit - PresentacionesTEUNO Summit - Presentaciones
TEUNO Summit - Presentaciones
 
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in EuropeIndustrial Cybersecurity and Critical Infrastructure Protection in Europe
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
 
Infrastructure security
Infrastructure security Infrastructure security
Infrastructure security
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon K
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEye
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere Workplace
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
 

Similar a Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba

Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's AdvantageRaffael Marty
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformJohn Pollack
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver NarrTI Safe
 
5G mission diary: Houston, we have a problem
5G mission diary: Houston, we have a problem5G mission diary: Houston, we have a problem
5G mission diary: Houston, we have a problemPositiveTechnologies
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...NetworkCollaborators
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015Paul F. Roberts
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Hacking your Connected Car: What you need to know NOW
Hacking your Connected Car: What you need to know NOWHacking your Connected Car: What you need to know NOW
Hacking your Connected Car: What you need to know NOWKapil Kanugo
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Markit
 

Similar a Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba (20)

Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Fortinet k
Fortinet kFortinet k
Fortinet k
 
Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity
 
5G mission diary: Houston, we have a problem
5G mission diary: Houston, we have a problem5G mission diary: Houston, we have a problem
5G mission diary: Houston, we have a problem
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation Sector
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthy
 
Hacking your Connected Car: What you need to know NOW
Hacking your Connected Car: What you need to know NOWHacking your Connected Car: What you need to know NOW
Hacking your Connected Car: What you need to know NOW
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences
 

Último

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Último (20)

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba

  • 1. Evolutionary ATM & Cyber SecurityAngeloluca Barba
  • 2. 2 SECURITY PANORAMA IS CHANGING INCIDENTS TERRORISM VANDALISM HUMAN ERRORS HACKTIVIST SPIONAGE Threatsarebecomingmoresophisticated.theinvestmenttoachievearealattackcapabilityislimitedandattributionofresponsibilitiesandreactionareverydifficult.Thisrepresentsanenormousattractionfororganizedhostileentities. Whatevertheobjective,todaythecyberoptionisappealing.
  • 3. 3 ATM System Cyber Security Problem Setting WhileevolutionwillimproveperformanceanddependabilityofATM,itwillopenthewaytonewvulnerabilitiesdue,forinstance,to: increasedrelianceondistributedenterprisecomputing automatedflowofinformationacrossagroundandairbornenetwork Cyberattackswillcomefrommanysourcesandwillhavearangeofpossibletargets,includingcivilian, commercialandmilitarysystemstodamagecriticalservices
  • 4. 4 Interfaces with Aviation and Airspace Security Cross Border dimension federated solutions needed Technology Evolution CIV/MIL Interop. & Air Defence Need of a complete solution for detecting, assessing and protecting Multiple Stakeholders ATM System Cyber Security Challenges
  • 5. 5 Regulations Processes TLC Services Information Cyber Security Governance Interfaces with Aviation and Airspace Security Cross Border dimension federated solutions needed Technology Evolution CIV/MIL Interop. & Air Defence Need of a complete solution for detecting, assessing and protecting Multiple Stakeholders Challenge Needs ATM System Cyber SecurityNeeds
  • 6. 6 Human behavior Malicious Errors Complexity factors Distributed Governance FederatedEnvironment& Systems Information Distribution Identities & Authorization Extended coupling among systems TechnologicalDiscontinuities Wireless Nets (e.g. Aeromacs, LDACS) Backbone Security (PENS, A2G Networks, …) PKI & CA harmonization Heterogeneous technological environments management (OS,MW, …) COTS vs. custom Surfacingissues Cross Border & Military Coordination Aircraft Cyber Security Integrated and critical devices Confidentiality of information in a distributed environment AirportLandsideOperations ATM System Cyber SecurityVulnerabilities PARTIAL MAPPING
  • 7. 7 Agent Threats Impact Hacker Compromissionof public-facing host to use it as a gate to gain access Malicious operations camouflage Personal Data Stealing Unfaithful Employee Flight Plan / Passenger Unauthorized Access Privacy issues Unfaithful Supplier Supply chain risks Anomaly in the security of aviation equipment procured from offshore manufacturers Business Competitor Bad or Unauthenticated MeteoData GPS Spoofing Diverting traffic to different flight space Flight Delays or cancellation Foreign State ATM Support Systems DDoSor Takeover Service Disruption, Block of ATM Services, Crisis State Terrorist Violation of Airports vehicle routing systems or landing queues monitoring Malicious operations camouflage Incidents through mis-directions to surface objects Terrorist 4D Trajectory negotiation or SWIM violation Malicious operations camouflage Providing of bad data to cause incidents or outages Terrorist GPS Spoofing ADS-B spoofing, NAV or landing aids disruption, datalinknetworks sabotage Diverting traffic to different flight space. Flight Delays or cancellation Potential similSept. 11th attacks especially for UAS ATM System Cyber SecurityThreats vs. Impacts PARTIAL MAPPING
  • 8. 8 Personal & CommercialData Stealing Privacy issues Mistrust in the security of aviation equipment procured from offshore manufacturers Service Disruption Flight Delays or cancellation Block of ATM Services Crisis State Domino effect: chain reactions as disruptions spread from system to system Diverting traffic Runway Incursions Potential simil Sept. 11th attacks especially for UAS Lossof data / trust Lossof services Lossof lives ILLUSTRATIVE ATM System Cyber SecurityImpacts
  • 9. 9 Wireless network Information Distribution Spoofing Denialof Service Runway incursion ILLUSTRATIVE ATM ServiceBlock ATM System Cyber SecurityA distributed issue Spoofing Remote hijacking
  • 10. © Selex ES S.p.A2014 All rights reserved The key characteristic of Western World response is collaboration •Joint research centre –vulnerabilities etc •Pan European exercises •Sector and National CSIRTs •Directive for Network and Information Security •Common Industrial policy EU CYBER STRATEGY RESTS ON COLLABORATION © Copyright Selex ES S.p.A2013 All rights reserved •National Cyber security Initiative •Connecting Cyber Operations Centres •Shared Situational Awareness •Federal, State, Local and Private Sector •Supply chain initiative US INITIATIVES: •Education and R&D initiative •FUNDING! The conceptof sector and national nodes and hubs for reporting, correlating data and sharing intelligence is gaining momentum •To optimise information sharing, collaborationand interoperability NATO: LISBON DECLARATION
  • 11. 11 Evolutionary Cyber Security Reactive & Manual – people based following doctrine and doing their best to “put out the fires” B Tools-based – applying tools and technologies piece-meal to assist people in reacting faster Integrated – Loosely integrated with focus on interoperability and standards-based data exchange C D Strategic –integrated with focus on policy management and consistency across the enterprise E Dynamic IA –Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for the enterprise ANTICIPATE: Respond to attacks before they occur REACT: Investigate who did what to whom DEPLOY: Intelligence that deploys early warning systems DETECT: Observe attacks and intrusions DEFEND: Secure physical and logical assets A Physical Networks Force Protection Influence Protection Physical Activity Computer Activity Electromagnetic Spectrum Activity InfluenceActivity Logical Networks Wireless Networks Infrastructure Cyber User/ Organization Asset/ OrganizationProtection Intelligence e.g. Social Networks
  • 12. 12 ILLUSTRATIVE AirportAirsideOperations AerodromeATC En-routeATC ApprochATC A/G DatalinkGround Mngt Aircraft AdvancedAirspaceMngt AdvancedAirspaceMngt Network Information Mngt ExternalSystems AeronauticalInformation Mngt ATM System Cyber Security Management AOC ATM AirportLandsideOperations Domain impactedby Cyber Security A multi-layer architectural vision for federated Cyber Security in the ATM System
  • 13. 13 •Service Continuity & Disaster Recovery •Applications Security •Identity & Access management •Public Key Infrastructure •Perimeter Protection -DMZ, Firewall, NIDS •Endpoint Protection -Anti Malware, HIDS •Loss and Leakage Prevention •Secure Messaging & Data Sharing •Network BehaviourAnalysis •Network Security –Datalink, Backbone •Encryption Systems •Secure Voice •Multi Level Gateways •PRS -GNSS •RF Spectrum Monitoring •IP & Data Forensic ILLUSTRATIVE First layer intervention: injection of Cyber Security in the ATM System
  • 14. 14 Single StakeholderCyber Security Mngmt(Local SOC) Second layer intervention: local ATM stakeholder Cyber Security management SOC CERT SOC Planning •Security Device Configuration & Mgmt •Patch Management Monitoring •Device Monitoring •Vulnerability Assessment •Cyber Intelligence •Performance Monitoring •Policy Compliance •Threat Management Incident management •Incident Identification & Classification •Incident Notification •Incident Response & Containment •Recovery •Forensics ILLUSTRATIVE
  • 15. 15 Processing of security information originating from ALL the stakeholders at national or international level Real-time common cyber situation awareness of the security scenario Identification of potential threats and countermeasures to reduce risk exposure, also outside the cyber domain Incident Response and Reaction Coordination Decision Coordination Support ATM System Cyber Security Management Third layer intervention: federated Cyber Security management in the ATM system Single StakeholderCyber Security Mngmt(Local SOC) SOC CERT CIRC ILLUSTRATIVE
  • 16. 16 GAMMA : Global ATM Security Management
  • 17. Project End : August 2017 Analysis, Requirementsand Solution SolutionValidation Implementation WP6 Security Prototype WP8 Platform Integration WP4 Security Solution WP5 ValidationNeeds WP2 Threat Assessment WP9 Validation WP7 Validation environment WP10 Exploitation WP3 Security Management Framework Implementation Proposals Validation Platforms Validation ATM Threat Assessment ATM Security Requirements ATM Security Solution ATM Cyber Security ATM CNS Security ATM physical infrastructure Security ATM Crisis Management
  • 18. GAMMASolution: LowerSecurity Layer Architectural innovations introducedby GAMMA: •Injection of Security at node/asset level •Alert and event identification •Alert and event notification and distribution Some security enhancements introduced by GAMMA: •Information Security System •Information exchange gateway •Secure Satellite Communication system •Integrated modular radio security •Secure GNSS communication •Secure ATC communication •ATN Security Architecture integration
  • 19. •ProcessingofsecurityinformationoriginatingfromALLthestakeholdersatnationalorinternationallevel •Real-time common situation awareness of the security scenario •Command and Control capabilities for Incident Response, Reaction Coordination and Decision Coordination Support •Attack prediction and Cyber Intelligence capabilities, for identification of potential threats and countermeasures in order to reduce risk exposure, also outside the cyber domain ATM Security Management © Copyright Finmeccanica. All rights reserved. 19 Single StakeholderCyber Security Mngmt(Local SOC) SOC CERT CIRC GAMMASolution: HigherSecurity Layer
  • 20. 20 What would the outcome look like? Achievement and maintenance of security compliance Monitoring and real time analysis of anomalies plus development of intelligence data Response to incidents: containment, eradication and recovery Development and maintenance of situation awareness, dynamic risk analysis and feed back for training and process improvement Hardening of key systems Regular vulnerability assessment Deter Detect Cyber Defense Assure Respond Learn Assess ASSESSMENT, DESIGN AND REVIEW IDENTIFICATION SECURITY MANAGEMENT SMART PROTECTION Self Learning Whitelisting Automated scanning Rule inference DATA & NETWORK HPC CYBER INTELLIGENCE
  • 21. 21 Final Notes : This is not your usual enterprise network Address ATN Security & ATM Service Specific Issues Focus on data correlation & intelligence Threat intelligence analysis & federation (NCIRC, CERT, international collaborations) E2E CNS/SWIM Security Beware Man in the Middle Proactive instead of reactive BehaviouralCyber Security Shifting focus from data encryption to key management(PKI) Business chains reengineering (e.g. procurement) Automated Vulnerability Reviews & Compliance
  • 22. THANKYOU FOR YOUR ATTENTION Selex ES S.p.A. via Tiburtina km 12.400 –00131 Rome, ItalyTel. +39 064150.1 –www.selex-es.com AngelolucaBarba Head of Cyber Security Marketing angeloluca.barba@selex-es.com Via Laurentina760 -00143 Roma –Italia www. selex-es.com www.gamma-project.eu