greg kurten director of cns – uae general civil aviation ...€¦ · 1 local ipvpn international...

14

Cyber security in ATM - Is it sink or SWIM An ANSP’s perspective. Greg Kurten Director of CNS – UAE General Civil Aviation Authority

Upload: others

Post on 16-Aug-2020

3 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cyber security in ATM - Is it sink or SWIMAn ANSP’s perspective.

Greg KurtenDirector of CNS – UAE General Civil Aviation Authority

Page 2: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 2

Page 3: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 3

Our traditional “trust” model…

VoIP

/E1

Local IPVPN

InternationalIPVPN

OLD

I

OMAE ACC

Local IP-VPN also has OLDIInternational also has VOIP

Page 4: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 4

SWIM = “Exposure to the elements”…

VoIP/

E1Local

IPVPNInternational

IPVPN

OLDI

OMAE ACC

Internet

Trusted Users

Page 5: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 5

ANS systems vulnerability…

Page 6: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

• Legacy equipment• Increased operational demands for SWIM connectivity • Lack of Training• Vulnerability of Critical inter-connected non-CNS systems • Cloud based solutions • Limited guidance on ANS related cyber regulations• Staffing

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 6

Why are ANS systems vulnerable?

Page 7: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 7

Or are we the biggest problem?

Page 8: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

• Credible data corruption:ATFM slot allocation manipulationADS-B/ADS-C spoofed dataAMAN tactical manipulationGNSS spoofing

• Loss of revenue

• Reputational damage

• Loss of life

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 8

Consequences of a successful cyber attack

Page 9: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 9

What can be done to mitigate these risks

Page 10: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 10

ANS Related Cyber Guidelines - Minimum Security Baselines (MSB’s)…

• Application security • Firewall security • Linux security • Router security• Switch security• Third party data sharing and vendor access• Web application firewall security

Page 11: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 11

Dedicated ANS cyber security training…

Page 12: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 12

Effective implementation…

Page 13: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

Cybersecurity and resilience Symposium - Amman- Jordan, 15-17 October 2019 13

Continuous monitoring…

Page 14: Greg Kurten Director of CNS – UAE General Civil Aviation ...€¦ · 1 Local IPVPN International IPVPN OLDI. OMAE ACC. Local IP-VPN also has OLDI. International also has VOIP. Cybersecurity

roster - Wings Across America · THE WASP R OSTER 43-W-5 Karlson, Ann M. (Kenney) Kekic, Annabelle (Robart) Kurten, Ellenor (Schaffer) Ledbetter, Julie E. Lindley, …

Basic SYSCO Principles and Standard OLDI Communication Seminar/1- MI… · MID AIDC/OLDI Seminar Basic SYSCO Principles and Standard OLDI Communication ICAO EUR/NAT Office Celso Figueiredo

MOMENTUM CYBER CENTER OF EXCELLENCE In 2016, CCOE …...•oldi, Chief Analytics Officer, FICO Scott Z. MARKETING & COMMUNICATIONS. CCOE evolved its website, collateral, LinkedIn and

Basic SYSCO Principles and Standard OLDI Communication Seminar/1- MID AIDC_O… · MID AIDC/OLDI Seminar Basic SYSCO Principles and Standard OLDI Communication ICAO EUR/NAT Office

Next generation data link communication system for the ... Presentations... · AIRCOM IPVPN RIO IP Ground Network REC CINDACTA 3 DECEA RIO Data Link Processor (GIGP) YUL SIN ... 3G

Instrumentarul Stomatologic Kurten Daniel

MPLS/IPVPN to AWS (with Dedicated Cross Connect) · 2020. 12. 19. · Connect for the first time via CenturyLink’s Cloud Connect with Dedicated Cross Connect. Information contained

TENTATIVE PROGRAM 07.06 - exicon.websiteexicon.website/uploads/editor/GMA/Presentations/S11_04-Mohamed... · • AIDC/OLDI: 11 States to ... • The ICAO MID Regional Office’sobjectives

EUROCONTROL Specification for On-Line Data Interchange … · 7.1 General ... EUROCONTROL Specification For On-Line Data Interchange (OLDI) ... Figure F.1 – Transferring Unit –

ENHANCEMENT OF MPLS IPVPN BACKUP NETWORK FROM …eprints.utem.edu.my/4644/1/Enhancement_Of_Mpls... · ENHANCEMENT OF MPLS IPVPN BACKUP NETWORK FROM ISDN TO ADSL INTERM OF TIME SWITCHING

For Data Centers - IEEE Standards Association · OnLine Data Intensive (OLDI) Services The fundamental difference between Online Data Intensive services and their offline counterparts

BRYAN TEXAS UTILITIES BUILDING FOR THE FUTURE...substation allowing BTU to serve Kurten from either the Dansby substation or Jack Creek substation, greatly improving reliability for

Online Development Inc. (OLDI): Module-based Data Transfer Options for ControlLogix including OPC UA

Santa Maria Oceanic Control Center · Piarco Canarias (OLDI) New York (AIDC) Cabo Verde (OLDI) Shanwick(OLDI) Madrid (OLDI) Lisboa (OLDI) ATS Communications Santa Maria FIR (CPDLC)

AIDC and OLDI: gap analysis - International Civil … Seminar/2... · Notification, coordination, transfer (1/2) - Core set • CORE SET of messages for Notification, coordination

I.R.IRAN AIDC/OLDI Status Arash Khodaei [email protected]

BRYAN TEXAS UTILITIES BUILDING FOR THE FUTURE€¦ · substation allowing BTU to serve Kurten from either the Dansby substation or Jack Creek substation, greatly improving reliability

EoFTTC webinar - TalkTalk Business · EoFTTC webinar. PRIVATE Product, ... Talk Talk’s Next Generation Network Internet MPLS IPVPN Hosted Services Street Cabinet Network Exchange

An introduction to coverage MPLS IPVPN · An introduction to MPLS IPVPN Other 99.99% Network coverage Uptime UFO Settings Bluetooth Tick Cross Equals Cloud Connectivity Inbound Outbound

Jordan Presentation AIDC/OLDI · 1- Under the umbrella of Jordan Saudi Cooperation for Air Navigation Services, the two parties agreed to establish OLDI service between Amman and

Common Aeradio Communications and NAT Documents/NAT... · Common Aeradio Communications ... (SELCAL CODE) ... reference of the NAT OLDI group to include database compatibility,

180508 Investor presentation May 2018 - ir.kpn.com€¦ · Strategy Strategic choices embedded in organization CEO ... services Platform specific access Shared access & OTT (IPVPN,

Bill Chang, CEO, Group Enterprise and Country Chief …...Bill Chang, CEO, Group Enterprise and Country Chief Officer Singapore 13 June 2018 >12,000 #1 International IPVPN in APeJ

MPLS Networks - Citycom Networks Brochure_01.pdf · MPLS Networks A private IP wide area networking service. Vodafone Product Description MPLS IPVPN Vodafone ... The IP-VPN technology

CASE F-ILE COPY - NASA · nasa technical note nasa tn 0-7990 case f-ile copy apollo experience report - guidance and control systems: lunar module abort guidance system pat m. kurten

RGB to OLDI/LVDS Display Bridge Reference Design for

(OLDI) Specification

Interprovider IP-MPLS Internetworking MIT Wkshopcfp.mit.edu/publications/CFP_Presentations/All Member...Page - 4 Drivers: Target Applications-IPVPN nIPVPN Services: A typical Scenario

APAC SIP on ASBU B0-FICE AIDC Implementation Seminar Standard OLDI Communication Lessons learned in Europe ICAO EUR/NAT Office Celso Figueiredo – Regional

Here is the Vice Chancellor's info that Dr. Chandler is ......From: Glenda Kurten To: Bill L Rooney Cc: Mike Chandler Subject: Fwd: Call for Nominations - 2009 Vice Chancellor"s Awards

SERVICE DESCRIPTION IP VPN - broadnet.no · 4 broadnet.no 1 IPVPN 1.1 Introduction IPVPN is a flexible data communication service, built for the professional market in Norway. IPVPN

EUROCONTROL Specification for On-Line Data Interchange (OLDI)

AIDC and OLDI: gap analysis and perspectives

An international forum for the expression of ideas and ... · x Columbus launches international MPLS network in Caribbean ... IP transit, peering, IPVPN, hosted PBX, managed services

Softing (OLDI): Data Exchange with ControlLogix. Are dedicated modules right for my application?