Main EASA activities

EASA has developed a Cybersecurity Roadmap which was endorsed by the Management Board in November 2015. Since then, EASA is working on its implementation and a number of initiatives has been launched to better address cybersecurity risks in aviation improving resilience and fostering built-in security.  

Beside its institutional rulemaking activity, EASA is working at improving the international collaboration on the subject as well as at promoting the sharing of information amongst aviation stakeholders.

Our Top Priorities

The achievement of a cyber resilient aviation system and the incorporation of cybersecurity into the current safety notion require a coordinated effort of the aviation system stakeholders.

To this extent EASA participates and chair a European Strategic Coordination Platform including representatives of key industry stakeholders, Member States and EU Institutions. The collaboration is contributing at harmonising aviation stakeholder’s objectives and has made possible the development of the first common strategy for cybersecurity in aviation, in accordance with aspirations and principles stated in the agreed Charter. The involved stakeholders are also in the process of defining a common roadmap in order to implement this strategy. 

To promote voluntary information sharing and expert collaboration, EASA is supporting the creation of a European Centre for Cybersecurity in Aviation (ECCSA) and providing the initial operational capabilities in collaboration with CERT-EU.

Timeline

Picture

24-07-2019

Eligible organisations invited to join cybersecurity group ECCSA

The European Centre for Cybersecurity in Aviation (ECCSA) is opening its doors to eligible organisations that would like to become members of the knowledge centre and information sharing network, which was established two years ago to counter the threats to aviation posed by cyberattacks.


Industry-wide cooperation on cybersecurity matters is particularly important in the aviation sector as most aviation

Read More
Picture

23-01-2019

1st Transport Cybersecurity Conference held in Lisbon

Lisbon, 23 January 2019 -The European Union Agency for Network and Information Security (ENISA) welcomed in Lisbon the first Conference on Transport Cybersecurity, with the support of the European Commission (DG MOVE), the European Union Aviation Safety Agency (EASA), the European Maritime Safety Agency (EMSA) and the EU Agency for Railways (ERA). 


Over 150 public and private representatives from all transport modes in Europe took part in the event. They discussed the EU legal framework for cybersecurity, its relevance for the transport sector, and explored

Read More
Picture

14-11-2018

ESCP High Level Meeting on Cybersecurity in Civil Aviation

The “ESCP High Level Meeting on Cybersecurity in Civil Aviation 2018” in Toulouse (France) on 14th and 15th November 2018 will bring together States, industry, partners and other key players to raise awareness of the threats, as well as discuss and develop practical and sustainable policies, approaches and measures to protect against them and mitigate their impact.


More information


Picture

05-06-2018

1st OPTICS2 Workshop - Aviation Cybersecurity

Cyber-attacks are relatively low cost and low risk for the perpetrator, but can be a very high cost for the targeted organisation and society. This workshop brought together a range of experts from industry and regulation to consider both existing and potential future cyber risks and identify a top 10 list of both urgent and mid-term research that is required to maintain a safe and secure air transport system, today and in the future.


More information


Picture

08-11-2017

High Level Conference Cybersecurity in Civil Aviation

Tuesday 8th of November: High level meeting


Wednesday 9th of November: Technical workshop


Cyber-threats to the civil aviation system are considered a major concern. Cyber-attacks against civil aviation operations could potentially be catastrophic with significant casualties, disruption to civil aviation services, and/or damage to critical infrastructure. Equally endangered are airlines, airports and air traffic management. The conference will

Read More
Picture

31-05-2017

Workshop on Cybersecurity in Aviation, Brussels

EASA and EUROCAE jointly organised a workshop to discuss current activities and future regulatory and standardisation needs with key stakeholders from industry, airspace users, Member States, European Institutions, academia.


Picture

10-02-2017

Signature of MoC between EASA and CERT-EU for ECCSA

EASA signed a Memorandum of Cooperation with the Computer Emergency Response Team (CERT-EU) of the EU Institutions in order to support the implementation of a European Centre for Cybersecurity in Aviation (ECCSA). 


Picture

12-12-2016

Launch of “Impact Assessment of Cybersecurity Threats” project

Cybersecurity threats are of prime importance in the aviation context, given the increasing number of exploitable vulnerabilities and the improvement of attacker capabilities.


More in details, the impact of security threats on commercial transport aircraft (CAT) and air traffic management (ATM) procedures is lacking. This information is of upmost importance for practical applicability of security certification. The primary targets of the project are to identify and prioritise threats to critical aircraft systems as well as to build a comprehensive knowledge base of the safety impact

Read More
Picture

08-11-2016

High Level Meeting "Cybersecurity in Civil Aviation", Bucharest

08-09/11/2016


EASA is tasked to facilitate a Strategic European Coordination Platform including representatives of key industry stakeholders, Member States and EU Institutions.


More information


Picture

13-07-2016

Workshop on the roles and the activities of a European Centre for Cybersecurity in Aviation, Cologne

13-14/07/2016


On 13 and 14 July 2016, EASA organised a workshop with the industry on cybersecurity events management, coordination, and information exchange. Four cybersecurity crisis scenarios were played, based on real events, although not demonstrated as being cyber but easily transposable to cyber. The scenario were aiming at aircraft systems, ATM and airlines event response coordination.


The main purpose was to identify what would be the services and functions of a European Centre for Cybersecurity in Aviation (ECCSA) during the different events, its added value,

Read More
Picture

26-05-2016

1st Meeting of Member States representatives of Cybersecurity in Aviation, Brussels

EASA presented some further details on the cybersecurity in aviation roadmap and emphasised the intention to create close collaborative relationships with Member States (Cybersecurity in Aviation Community).


Picture

17-05-2016

Launch of Rulemaking Task RMT.0648 “Aircraft cybersecurity”

EASA initiated a review of safety rules in order to develop a regulatory concept that will enable to identify cyber risks having an impact on safety. The main objective of this task is to mitigate the safety effects stemming from cybersecurity risks due to acts of unlawful interference with the aircraft on-board electronic networks and systems.


More information 


Picture

28-05-2015

2nd High-level Conference on the EU Cybersecurity Strategy, Brussels

Because of the general trend in cybersecurity threat EASA organised a conference on aviation cybersecurity, which has included key EU policy makers and representatives from Member States and the industry. Due to the urgent need to identify the actions to be undertaken for the design of a secure aviation cyberspace EASA was tasked to develop a roadmap by the end of the 2015 in close cooperation with EU Member States and Industry, identifying appropriate protection measures and management strategies for the aviation system as a whole. 


Contact

Any inquiries or questions regarding cybersecurity in aviation should be addressed by completing this form

Contact us