Spoiler Alert - we will talk about the ECSF in the Part-IS workshop in November
-
-
Davide MARTINI created an event in Cybersecurity
-
Davide MARTINI commented on Vasileios PAPAGEORGIOU's topic in Cybersecurity
Davide MARTINI • 1 week agoHi Michal, thanks for the feedback.
As mentioned in the article, the use of EFBs in operations requires a risk assessment (by the operator) and specific approval (by the competent authority) as there may be an impact on safety that should be managed.
Like you wrote, one way to control this is to compare the results with other systems or another EFB, or to compare with manuals etc. From a security point of view, it is better if the comparison is made against a different /dissimilar system.
-
Vasileios PAPAGEORGIOU created a topic in Cybersecurity
-
Dominique SAVEL posted in Cybersecurity
1 week ago PublicHello Vasileios, today we received the information that EASA and EUROCONTROL are signing a cooperation protocol to strengthen cooperation for a safe and sustainable future of European aviation. Is it possible to know more about the cybersecurity part in particular given the fact that Eurocontrol has 41 member countries while Europe is still at 27 ?
-
Michal Walczak commented on Vasileios PAPAGEORGIOU's topic in Cybersecurity
Michal Walczak • 2 weeks agoHi Vasileios, as there were many good questions asked via Slido that were not answered during today's session, is there a chance to have them answered in an offline form? Like FAQ 2.0, or just post session material?
-
Vasileios PAPAGEORGIOU created a topic in Cybersecurity
-
Vasileios PAPAGEORGIOU created a topic in Cybersecurity
-
Miguel F. del Pino commented on Vasileios PAPAGEORGIOU's topic in Cybersecurity
Miguel F. del Pino • 1 month agoGood morning Vasileios
Like Grégoire and Dominique, the reminder is appreciated.
In Spain, apart from the use of 27k, since 2010 we have had the National Security Scheme as a working framework to which the ANSP are obliged to comply https://ens.ccn.cni.es/es/To a large extent, the requirements of the ENS and the Part-IS are traceable as well as those of the 27k, although I do not know how EASA has assessed the internal legislations of the EU member countries. Is there any validation plan for these frameworks by AESA to validate compliance with Part-IS?
-
Dominique SAVEL commented on Vasileios PAPAGEORGIOU's topic in Cybersecurity
Dominique SAVEL • 1 month agoHello, Part-IS adds ISMS requirements, I understand. My question is how the European EASA regulations interpret the storage of data outside the European Union and therefore not subject to the GDPR ? Concretely, will we have a map of the servers in order to guarantee that the data stored there is indeed governed by the security rules that apply to us ? Mapping the risk will otherwise be complicated, and this without going into the detail of the processing of data subject to 15 CFR 730-774.