Implementation of a European Centre for Cyber Security in Aviation(ECCSA)

On Air, Issue 14: Cybersecurity in Aviation

After the ‘Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace’, JOIN(2013) 1 from7 February 2013, EASA And CERT-EU signed in February this year a memorandum of mutual cooperation (MoC) for the implementation of a European Centre for Cyber Security in Aviation (ECCSA).

The EASA ‘Cybersecurity roadmap’ presented in 2015 has been considered as basis for implementing a cybersecurity framework for aviation – taking into account the principles laid in the new European ATM Master Plan and in the EU Aviation Strategy- acting as support to the European Commission, EASA Member States, EASA and industry work.

The memorandum includes the areas of responsibility of both parties. On the one hand, CERT-EU agrees to provide the appropriate and secure IT infrastructure services as well as the cybersecurity tools and threat management services needed for the development of cyber-secure components in aviation. On the other hand, EASA will provide the analyst resources and technical expertise for the coordination of the ECCSA. Both agree to execute the Technical Roadmap within the given milestones for this purpose and maintain close collaboration between their analysts’ teams.

What will ECCSA do?

ECCSA will primarily serve as an information sharing and management platform, a key enabler for implementing a resilient aviation cyberspace. ECCSA will provide secure means for aviation stakeholders to exchange domain relevant cybersecurity information, such as vulnerabilities, i.e. weakness that can be used for malicious purposes, as well as events and incidents that might be worth sharing with the aviation community. The ECCSA’s operational team of analysts will provide additional inputs to the information shared by the participants, with the aim to facilitate the creation and the management of an aviation cybersecurity threats knowledge and risk picture.

Furthermore, ECCSA intends to assist its members in the successful prevention and response to cyber security incidents. For this purpose, the centre will also concentrate on cybersecurity initiatives to promote awareness and will organise to provide in the future further services in the range of reactive, proactive and preventive measures to its stakeholders in accordance with their needs.

Which is the role of EASA in ECCSA?

EASA is currently supporting the foundation of ECCSA by making available both the IT infrastructure and the necessary operational team for the provision of cybersecurity services, but the Agency will guarantee the ECCSA independence by participating to the centre governance at the same level of other stakeholders. The provision of EASA’s expertise and resources to roll out and maintain ECCSA should make its core services widely accessible and at no cost for the participants.    

EU Information sharing landscape

EU Information sharing landscape

Who will be its members?

The participation to ECCSA will be voluntary and so it will be the information sharing. The organisations that will join ECCSA as member will become part of its Constituency and a number of them will be involved in the governance in order to ensure that the cyber security centre will be independently managed by its members. With regards to eligibility, in principle all stakeholders (i.e. small, medium to big manufactures, airlines, research organisations, etc.) relevant for the safety and security of European Civil Aviation may apply for ECCSA membership, assured to meet applicable security selection criteria.

In particular the initial group of ECCSA founding members should be representative of the following stakeholders:

  • Aviation manufacturers: aircraft, parts, avionic systems or ground systems, etc.
  • Aviation organisations: airlines, maintenance repair organisations, aviation communication services providers, etc.
  • Air Navigation Service Providers (ANSP): national and cross-border ANSPs.
  • European Commission, EASA, CERT-EU, ENISA, National Aviation Authorities and governmental Civil Aviation institutions etc.

A ‘Pilot Phase‘ to enrol the ECCSA’s funding Members will be launched soon.

Which are its benefits?

The benefit for members will consist of a secure information exchange and aviation cyber-intelligence sources platform. This platform will provide awareness of attacks and, on demand, to have operational means to face cyber security threats. The expected benefits for EASA and the European regulators will be to obtain information about cyber security threats and within its remit to improve the safety of air transport.

In addition, it is fundamental for ECCSA’s constitution and its operations to establish precise rules for dissemination and information exchange amongst members.  For this purpose it is planned to use a Traffic Light Protocol (TLP). TLP is a set of designations used to ensure that sensitive information is shared with the correct audience. It employs colours associated to different sensitivity levels and the corresponding sharing authorisation to be applied by the recipients. Further information about TLP can be found at the following link: https://en.wikipedia.org/wiki/Traffic_Light_Protocol