Defining Aviation Cyber Security

According to Merriam-Webster dictionary, cybersecurity is defined as “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack”.  This is a very general definition that is certainly applicable to aviation.  

The term “cybersecurity” is being used more and more frequently and is a relatively new term that has boomed in usage since 2008. According to Google Trends, the internet searches related to Cybersecurity have more than 15 times between 2008 and 2020.

Within Aerospace the definition of cyber security has different implications depending on the context of: Aircraft on board systems (including entertainment systems, , Aircraft Information Systems, 

FAA Definition: since 2015 the FAA  has promoted the use of the term Aircraft Systems Information Security Protection (ASISP). The FAA has stated that in the past many terms have been used interchangeably such as network security, information security, systems security, and ofcourse cyber security. The use of various terms has led to confusion which motivated the FAA to push for the standardization of  the term ASISP (1). The FAA has defined ASIP as “ to indicate security from electronic attacks on aircraft networks and systems.”

Type of Cybersecurity Threats

Aerospace cybersecurity threats are presented in the subsections below categorized by the nature of the threat with 3 main categories (Confidentiality, Trust, Integrity). This concept was described by: 

The majority of this assessment could also be applicable to unmanned aerial vehicles in addition

  1. Confidentiality threats:  These types of threats deal with the confidentiality of data and the malicious use of confidential data to cause harm.