04 October 2023

By Dr. David P. Harvie and Dr. Barbara Ciaramitaro, Embry-Riddle Aeronautical University

Cybersecurity is a major concern in the world as more devices and sensors are connected to networks.  Cyber attackers have targeted companies, financial institutions, governments, and even individuals.  Attacks, such as the Colonial Pipeline Ransomware attack in May 2021 had real-world consequences as gas stations and aviation fuel stations in the eastern United States ran dry.  In December 2019, the Albany New York airport was the target of a ransomware attack.  Garmin suffered a cyber attack in Spring 2020 which affected the availability of its flight planning operations. These are just a few examples of how cyber attacks have directly or indirectly affected aviation.  There is a clear need for cybersecurity experts to defend the aviation ecosystem.

Unique Nature of Aviation Ecosystem

Cybersecurity training and expertise are not new.  Before cybersecurity became a term, there was information security where attackers tried to compromise the confidentiality, integrity, and availability of data.  Defender would then employ tactics and training to thwart the attacks.  However, the traditional cybersecurity training and expertise is for traditional information technology (IT) environments.  The aviation ecosystem consists of both IT and operational technology (OT) environments which are not always addressed.  Also, the aviation ecosystem is a very different environment than just traditional IT.  The aviation ecosystem includes aircraft systems and avionics, in-flight entertainment, electronic flight bags, air traffic control systems, satellite/GPS systems, uncrewed aerial systems (UAS), airport operations, aircraft maintenance and repair operations, and supply chain operations.  The first step in beginning to understand the requirements of aviation cybersecurity is to comprehend the diverse and interconnected nature of this ecosystem where a problem in one sector affects others.  The Colonial Pipeline is a perfect example of this interconnectivity as an attack on the fuel industry resulted in the grounding of aircraft due to lack of aviation fuel.  Cybersecurity leaders in aviation must have a solid grasp of this complex, interconnected environment.

Building Resiliency

It is a matter of when, not if, cyber attackers will target your organization. Understanding the inevitability of cyber attacks, it is important to build cyber resiliency as well as cyber defense.  In order to build resilience, the cyber defender must be able to understand the organization and its operations, properly identify and assess risks, and then employ risk mitigation measures that will enable the organization to continue to operate in spite of cyber assaults.  This resiliency is necessary to be successful in an environment where cyber attacks become more prevalent and easier to conduct.

Foundations of Aviation Cybersecurity Leadership and Technical Management

Embry-Riddle Aeronautical University (ERAU) in conjunction with the International Civil Air Organization (ICAO) have developed a 40-hour course, Foundations of Aviation Cybersecurity Leadership and Technical Management.  This course, which is offered in person or online synchronously, is designed for leaders and managers who are responsible for cybersecurity within their organization.  The course is designed so that leaders that are new to cybersecurity as well as more experienced leaders benefit not just from the course content but the interaction with the other students.  The course begins with understanding the aviation ecosystem, cyber attacks, and what motivates cyber attackers.  The course then progresses to evaluating critical aviation systems, assessing and mitigating cybersecurity risks, and building cyber resilience and a cybersecurity culture. In the technical sections, students are given a solid foundation in understanding system security, data security, and network security.  This technical foundation allows students to be able to assess their organizations and ask the right questions.

Improving Aviation Cybersecurity Globally

Students from across the globe have benefited from this course both in the in-person and synchronous online versions.  Students from Asia, Oceania, the Middle East, Africa, Europe, the Caribbean, and the Americas have learned from both the course and each other.  Professional relationships established during this course have continued beyond the instruction as fellow students and colleagues in this aviation cybersecurity colleagues share information and best practices.  As the course name implies, this course lays a solid foundation that students can and do build upon as they improve their organization’s cybersecurity and cyber resilience.

Learn More