Aviation: Cybercrime

(asked on 11th June 2015) - View Source

Question to the Department for Transport:

To ask the Secretary of State for Transport, what discussions his Department has had with the (a) US Federal Aviation Administration and (b) European Aviation Safety Agency on cyber-security risks to (i) aircraft avionic systems and (ii) air traffic control information systems.


Answered by
Robert Goodwill Portrait
Robert Goodwill
This question was answered on 18th June 2015

The Department for Transport (DfT) continues to work closely with national and international partners (including the US Federal Aviation Administration (FAA) and the European Aviation Safety Agency (EASA)) and experts across industry to assess the risk to civil aviation from a range of security threats, including cyber attacks. The growing complexity, connectivity and interdependence of aviation systems means that cyber security is increasingly becoming a factor in the design and operation of aircraft and air traffic control systems. As with all potential security risks, we keep this situation under regular review to ensure we and industry understand the nature and size of the problem and can put in place appropriate security measures and practices.

Air traffic management providers are required to have a security management system to assess their level of risk to all security threats - including unauthorised access to operational systems. The Civil Aviation Authority (CAA) reviews the security management system of all air traffic management providers as part of its ongoing oversight activities. The CAA, in conjunction with other authorities, also monitors the design of aircraft and aircraft systems for robustness against cyber threats and, where necessary, specific certification requirements related to cyber security are levied on aircraft designers and manufacturers.

DfT also participates in the National Cyber Security Programme, led by Cabinet Office, which includes a range of activities with industry aimed at improving the protection of critical infrastructure – including aviation. This work involves the Centre for the Protection of National Infrastructure (CPNI) and other relevant parts of government.

Many of the aviation security challenges we face require a coordinated international response and cyber security is no different. A coherent global approach to cyber across the aviation domain is fundamental to mitigating the risk and integrating new technologies in a safe and secure manner.

Reticulating Splines