Tim H. Stelkens-Kobsch

Towards a more secure ATC voice communications system

Contradictory to communication safety in the aviation field communication security has received relatively little attention to date, although the threats regarding air traffic security have been rapidly increasing in recent years. Within the project GAMMA (Global ATM Security Management) the German Aerospace Center (DLR) is developing a prototype to support air traffic controllers (ATCO) in detecting intrusions into the air ground voice system and therefore allow subsequent mitigating actions to be conducted.

Towards validating a security situation management capability

With SESAR and NextGen readying towards implementing novel operational concepts and technical enablers in ATM/CNS, the question of how to manage security in a dynamic environment across a highly distributed and networked system gains higher attention. The Global ATM Security Management project (GAMMA) addresses the development of such a security situation management capability. Following the September 11 attacks and major large-scale outages of critical infrastructures, the security of air navigation has emerged as a critical capability gap. On-going transformation programs like SESAR and NextGen are moving into the deployment phase with limited to none tangible security solutions. GAMMA addresses this gap by investigating a security situation management capability. The framework of this capability is devised as a distributed network of aviation stakeholders that jointly collaborate in identifying and localizing security incidents while considering the constraints given by the different participants, national responsibilities, and collaboration-related requirements. This paper addresses the preparatory work for the validation of an initial security situation management capability. For that purpose, project partners setup a joint configuration and trial network for the security functions and systems developed in the frame of a real-time human-in-the-loop simulation. The simulation results have been measured against the mapping of the operational concept and validation requirements, in particular in terms of situational awareness on the operator side and networked incident management response. These results will inform the further validation activities of the project.

Enhancing Air Traffic Management Security by Means of Conformance Monitoring and Speech Analysis

This document describes the concept of an air traffic management security system and current validation activities. This system uses speech analysis techniques to verify the speaker authorization and to measure the stress level within the air-ground voice communication between pilots and air traffic controllers on one hand, and on the other hand it monitors the current air traffic situation. The purpose of this system is to close an existing security gap by using this multi-modal approach. First validation results are discussed at the end of this article.

A comprehensive approach for validation of air traffic management security prototypes: A case study

Security in air traffic management is still a rather new challenge and receives increased interest during recent years. This implies that new security concepts and systems are developed. Usually all systems have to go through several validation cycles to reach a higher technical readiness level. As no well-established validation approach is available which considers the special aspects of security this forms an additional barrier when developing air traffic control security systems. This is true because suitable validation approaches have to be developed first. The latter includes the risk of forgetting something, when the development is not initiated in a structured way. Within the air traffic security project GAMMA such an approach has been developed and applied to a set of seven prototypes. Based on the European Operational Concept Validation Methodology and a Security Risk Assessment Methodology, this approach identifies additional security controls, system requirements, validation objectives and key performance indicators. These are the driving elements for the design of the validation setup and procedure The paper demonstrates the feasibility of this new approach using one specific example, the Secure Air Traffic Control Communications prototype. The paper describes the approach and the resulting validation setup and procedures in detail. It briefly describes the obtained results for the developed prototype as one specific use case of the approach.

Provisioning for a distributed ATM security management: The GAMMA approach

Air transportation represents a complex network of stakeholders that include air navigation service providers (ANSPs), airport operation centers, airlines, manufacturers, government and security agencies, and airspace policy authorities, passengers, etc. The security management in this federated and multistakeholder environment faces legal, institutional, and technical challenges. The current state in aviation security is outlined by the ICAO (International Civil Aviation Organization) Annex 17 of the Chicago Convention that was adopted in 1974 and subsequently updated several times [1]. With its most recent update, Annex 17 recognizes the security contribution of ANSPs and identifies cyber security as a further dimension of aviation security.