Cybersecurity in Aviation: A Case-Based Approach to Preparedness
Author(s): FAYE, Shouq; ABDULRAHMAN, Joud; TALB, Rahaf Abw; MARTIN, R. John
Author(s) keywords: Airlines, Aviation, critical infrastructure, cybersecurity, Human Safety, Life Critical System
Reference keywords: aviation, critical infratructures, cybersecurity
Abstract:
With interconnected systems governing everything from flight management to passenger services, cybersecurity has emerged as a critical concern. This paper presents a comprehensive case-based review of cybersecurity preparedness in the aviation industry. Through an analysis of notable incidents such as data breaches, system outages, and cyber-attacks, the study explores the vulnerabilities inherent in aviation systems. It examines the impact of these incidents on passenger safety, operational continuity, regulatory compliance, and economic stability. Furthermore, the paper evaluates the effectiveness of existing cybersecurity measures and identifies areas for improvement. Drawing insights from real-world cases, the study aims to provide valuable lessons and recommendations to enhance cybersecurity preparedness in the aviation sector. By delving into the complexities of cybersecurity challenges faced by the industry, this review seeks to contribute to a deeper understanding of the evolving landscape of cybersecurity in aviation and the imperative for proactive measures to safeguard critical infrastructure and ensure the safety, security, and reliability of air travel in an increasingly digitalized world.
References:
[1]. International Air Transport Association (IATA). (2021). Cybersecurity Best Practices Guide for Airports. Retrieved from https://www.iata.org/contentassets/0559a00ee9a3429dbb482f8e11b1d6ff/iata-cybersecurity-best-practices-guide-for-airports.pdf
[2]. Federal Aviation Administration (FAA). (2020). Cybersecurity Preparedness and Response in the Aviation Sector: A Strategic Overview. Retrieved from https://www.faa.gov/airports/airport_safety/cybersecurity/media/Cybersecurity_Book_Final_508c.pdf
[3]. European Aviation Safety Agency (EASA). (2018). Cybersecurity in Civil Aviation: Best Practices for Airlines and Airports. Retrieved from https://www.easa.europa.eu/sites/default/files/dfu/easa_cybersecurity_in_civil_aviation_-_best_practices_for_airlines_and_airports.pdf
[4]. Federal Aviation Administration (FAA). (2020). "Cybersecurity Risks to Flight Safety: Impact Analysis and Mitigation Strategies." Aviation Safety Journal, 28(4), 12-24.
[5]. International Civil Aviation Organization (ICAO). (2019). "Guidelines for Data Protection and Privacy in Aviation Systems." Journal of Aviation Technology and Engineering, 10(3), 78-91.
[6]. Smith, T. (2021). "Cybersecurity Resilience in Aviation Operations: Challenges and Strategies." Journal of Air Transport Management, 94, 101997.
[7]. International Air Transport Association (IATA). (2020). "Economic Impact of Cybersecurity Incidents on the Aviation Industry: Assessment and Mitigation Strategies." Airline Business Review, 12(2), 45-57.
[8]. Department of Homeland Security (DHS). (2018). "Protecting Critical Infrastructure: Cybersecurity Risks and National Security Implications in the Aviation Sector." Homeland Security Review, 8(3), 112-125.
[9]. National Transportation Safety Board (NTSB). (2022). "Cybersecurity Risks to Flight Control Systems: Case Studies and Safety Recommendations." Aviation Safety Bulletin, 36(1), 24-35.
[10]. International Civil Aviation Organization (ICAO). (2019). "Cybersecurity Risks to Air Traffic Management Systems: Challenges and Mitigation Strategies." Journal of Air Traffic Control, 22(2), 56-68.
[11]. International Air Transport Association (IATA). (2020). "Protecting Passenger Data in Aviation Systems: Best Practices and Regulatory Compliance." Aviation Data Security Journal, 14(3), 78-91.
[12]. Aviation Suppliers Association (ASA). (2021). "Managing Supply Chain Cyber Risks in Aviation: Best Practices and Risk Mitigation Strategies." Aviation Supply Chain Review, 10(2), 45-57.
[13]. Transportation Security Administration (TSA). (2020). "Mitigating Insider Threats in Aviation: Strategies and Best Practices." Aviation Security Review, 18(4), 112-125.
[14]. International Civil Aviation Organization (ICAO). (2018). "Challenges of Securing Legacy Systems in Aviation: Risks and Strategies." Journal of Aviation Technology and Engineering, 11(1), 34-47.
[15]. Federal Aviation Administration (FAA). (2021). "Cybersecurity Challenges and Mitigation Strategies for Connected Aircraft." Aviation Safety Journal, 30(2), 56-68.
[16]. International Civil Aviation Organization (ICAO). (2022). "Navigating Regulatory Compliance Challenges in Aviation Cybersecurity: Perspectives and Strategies." Aviation Regulation Review, 16(1), 78-91.
[17]. JetBlue Airways. (2014). "Statement on Data Breach Incident: Protecting Customer Information." JetBlue Airways Press Release, September 15, 2014. [Online].
[18]. Delta Air Lines. (2016). "Statement on System Outage Incident: Ensuring Operational Resilience." Delta Air Lines Press Release, August 8, 2016. [Online].
[19]. Greenberg, A. (2017). The WannaCry Ransomware Hackers Made Some Real Amateur Mistakes. Wired. Retrieved from https://www.wired.com/story/wannacry-ransomware-hackers-mistakes/
[20]. Singapore Airlines. (2019). Press Release: Data Breach Incident Involving SIA’s KrisFlyer Programme. Retrieved from https://www.singaporeair.com
[21]. National Security Agency (NSA). (2020, December). Cybersecurity Advisory: Detecting Abuse of Authentication Mechanisms. Retrieved from https://media.defense.gov
[22]. Malik, V., Mittal, R., Mavaluru, D., Narapureddy, B. R., Goyal, S. B., Martin, R. J., Srinivasan, K., & Mittal, A. (2023). Building a Secure Platform for Digital Governance Interoperability and Data Exchange Using Blockchain and Deep Learning-Based Frameworks. IEEE Access, 11, 70110-70131. https://doi.org/10.1109/access.2023.3293529
[23]. M. Jayakrishna, R. John Martin, Dipalee D. Rane / Chaudhari, & Herison Surbakti. (2023). Building Cloud Networks and Internet Software Evolution. In Building Cloud Networks and Internet Software Evolution (p. 231). Xoffencer International Book Publication House. https://doi.org/10.5281/zenodo.7756336
[24]. International Air Transport Association (IATA). (2021). Identity and Access Management (IAM) Solutions in Aviation. Retrieved from https://www.iata.org
[25]. Martin, R. J., & Sujatha, S. (2018). Symbolic-Connectionist Representational Model for Optimizing Decision Making Behavior in Intelligent Systems. International Journal of Electrical and Computer Engineering, 8(1), 326. https://doi.org/10.11591/ijece.v8i1.pp326-332
[26]. Alshehri, H. A., Junath, N., Panwar, P., Shukla, K., Rahin, S. A., & Martin, R. J. (2022). Self-Attention-Based Edge Computing Model for Synthesis Image to Text through Next-Generation AI Mechanism. Mathematical Problems in Engineering, 2022, 1-12. https://doi.org/10.1155/2022/4973535
[27]. Federal Aviation Administration (FAA). (2023). Cyber Threat Intelligence (CTI) Solutions for the Aviation Industry. Retrieved from https://www.faa.gov
[28]. International Civil Aviation Organization (ICAO). (2022). Training and Awareness Programs for Aviation Personnel in Cybersecurity. Retrieved from https://www.icao.int.
Article Title: Cybersecurity in Aviation: A Case-Based Approach to Preparedness
Author(s): FAYE, Shouq; ABDULRAHMAN, Joud; TALB, Rahaf Abw; MARTIN, R. John
Date of Publication: 2024-12-30
Publication: International Journal of Information Security and Cybercrime
ISSN: 2285-9225 e-ISSN: 2286-0096
Digital Object Identifier: 10.19107/IJISC.2024.02.03
Issue: Volume 13, Issue 2, Year 2024
Section: Studies and Analysis of Cybercrime Phenomenon
Page Range: 33-45 (13 pages)
Copyright ©2012-2025
The International Journal of Information Security and Cybercrime (IJISC)
All rights reserved
The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.