COMMUNICATIONS PANEL (CP) NINETEENTH MEETING OF WORKING GROUP - I Montreal, Canada January 2016

Similar documents
ESSIP OUTLINE DESCRIPTION FOR THE IMPLEMENTATION OF THE VOICE OVER INTERNET PROTOCOL IN ATM

AeroMACS Briefing / Update

CS5 EAIMS Call For Interest Technical annexe

SESAR Studies & Demonstration Projects on RPAS & Cyber-Security

AGENDA. Need for PENS Business Case PENS Governance Current PENS Users

PRESENTATION. Patrick Ky Executive Director EUROPEAN COMMISSION

ATC Networks are the application area for VoIP in ATM

CS6-7 CNR/OCNS EUROCONTROL. Edition Number : 2.1 Edition Date : 28 August 2015 Status : Released Issue Intended for : EUROCONTROL Stakeholders

The SESAR programme: Making air travel safer, cheaper and more efficient

EUROCONTROL AT THE WORLD ATM CONGRESS

Aeronautical Communications Panel. Use of Internet Protocols Suite (IPS) As a Provision for. Aeronautical Internetworking

THE SESAR CONCEPT AND SWIM. David Bowen Head of ATM Operations & Systems SESAR Joint Undertaking

COMMITTEE ON AVIATION ENVIRONMENTAL PROTECTION (CAEP)

Austrian Participation in SESAR. Frequentis SESAR Head Negotiator: Johannes Gio Prinz

Common Regional Virtual Private Network (CRV) Of Asia/Pacific Air Navigation Planning and Implementation Regional Group (APANPIRG)

THE MASTER PLAN CAMPAIGN. Workshop RPAS (WS 03) 22 January 2015

REPORT OF THE FIFTH MEETING OF AERONAUTICAL TELECOMMUNICATION NETWORK (ATN) IMPLEMENTATION CO-ORDINATION GROUP OF APANPIRG (ATNICG/5)

European ADS-B Regulation

Official Journal of the European Union L 13/3

ASIA/PAC Technical Specification of the Air Traffic Services Message Handling System (AMHS)

Next generation ICAO 9896 Voice over IP interfaces for the Air Traffic Service Ground Voice Networks

PLANNIN WORKING PAPER. International. Theme 1: WORK. (Presented by SUMMARY. in this paper. feasibility of. system in the future.

PENS. Centralised Service on Pan European Network Services (PENS) Concept of Operations (CONOPS) EUROCONTROL

This document is meant purely as a documentation tool and the institutions do not assume any liability for its contents

Course code: JSP-EU230

EUROCONTROL. Paving the way towards UAS ATM integration. Mike Lissone

CRV Terms of Reference. Chonlawit Banphawatthanarak CRV TF Chairman MID IP Network Workshop (Cairo, Egypt, January 2016)

SESAR. Luftfahrttechnologie - Auftaktveranstaltung zum 7. EU-Forschungsrahmenprogramm Wien, 4 Dezember 2006

International Civil Aviation Organization WORLDWIDE AIR TRANSPORT CONFERENCE (ATCONF) SIXTH MEETING. Montréal, 18 to 22 March 2013

Preliminary Cost Benefit Analysis CS#7 Network Infrastructure Performance Monitoring and Analysis

IN FLIGHT SECURITY INCIDENT MANAGEMENT

CYBER SECURITY IN CIVIL AVIATION

INTERNATIONAL CIVIL AVIATION ORGANIZATION ASIA AND PACIFIC OFFICE CHECKLIST FOR IMPLEMENTATION OF GROUND/GROUND ATN NETWORK INFRASTRUCTURE

Advanced Data Link Infrastructure Solution for Next Generation of Air Traffic Management

Ad-hoc Working Group: MPLS VPN support VoIP and Data (AMHS, ATFM, AIDC, OPMET databanks, etc.)

airsight Company Profile

Future Communications Study (FCS)

Your Global Partner for the Airport City

International Civil Aviation Organization The Fourth Meeting of the APANPIRG ATM Sub-Group (ATM /SG/4) Bangkok, Thailand, July 2016

ATM Security. Emergent challenges and opportunities focusing on increasing automation and cyber-security. Antonio Nogueras

International Civil Aviation Organization

Overview of NM and CDM

Block 0: Capabilities within our Grasp

THE UNIVERSAL SECURITY AUDIT PROGRAMME (USAP)

Next Generation of Air Traffic Safety Electronic Personnel (ATSEP) IFATSEA NGAP symposium March 2010, Montreal

EASA s perspective on ATCO licensing and language proficiency

AERONAUTICAL COMMUNICATIONS PANEL (ACP) ATN and IP

SITA AIRCOM Service (VHF & Satellite)

ASIA/PAC AERONAUTICAL TELECOMMUNICATION NETWORK SECURITY GUIDANCE DOCUMENT

This document is meant purely as a documentation tool and the institutions do not assume any liability for its contents

FIFTH MEETING OF THE AFI REGION AIS/MAP TASK FORCE

NextGen - SESAR Data Model Coordination Group (NSDMCG) ICAO AIRM Governance Considerations

AIXM Change Management Charter

EUROCONTROL COOPERATIVE NETWORK DESIGN

Common SES-Certification 4-States/Eurocontrol ANSPs Common Requirements AMCs and analyses working sheet Status: 2 February 2006

SWAT Initial steps & thoughts in Europe

COMMISSION RECOMMENDATION. of

European AIS Database Developments of the EAD. Peter Matern Head of European AIM Unit

European AIS Database - EAD 10+ years of EAD. Guido HAESEVOETS Gaston LIEGEOIS EAD Client Management 28/01/2016

Integration of QMS, SMS,

APPLICATION OF THE NEW EU REGULATORY FRAMEWORK TO IP TELEPHONY

civil air navigation services organisation CANSO Cyber Security and Risk Assessment Guide

Federal Aviation Administration

Emerging Threats from Cyber Security in Aviation Challenges and Mitigations

International Civil Aviation Organization WORLDWIDE AIR TRANSPORT CONFERENCE (ATCONF) SIXTH MEETING. Montréal, 18 to 22 March 2013

NEWS. Offprint from News 201. Europe s air traffic control on the way to voice over IP

Air Traffic Service Providers Entry Control Procedures Manual 3. Approved Provider s Operations Manual

International Civil Aviation Organization ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE

Civil Aviation and CyberSecurity Dr. Daniel P. Johnson Honeywell Aerospace Advanced Technology

EUROPEAN CIVIL RPAS OPERATORS FORUM

First Edition 2009 International Civil Aviation Organization

OUTCOME OF PROCEEDINGS

Integrated surface management Herve Drevillon (DSNA) Airport safety support tools for pilots, vehicle drivers and controllers Nicolas Leon (DSNA)

Space Applications and Technologies Expo Rome, Italy February 4 6, 2010

LISP A Multi-Homing and Mobility Solution for ATN using IPv6

SESAR 2020 EXPLORATORY RESEARCH INFO DAY PROPOSALS SUBMISSION & EVALUATION & PROGRAMME MANAGEMENT REQUIREMENTS

NEFAB Project Initiative 9 Commonality of CNS/ATM Systems

Before the. Committee on Energy and Commerce Subcommittee on Communications and Technology United States House of Representatives

SESAR RPAS R&D ROADMAP DEVELOPMENT

From patchwork to network:

Federal Identity, Credentialing, and Access Management. Identity Scheme Adoption Process

( T A C T ) C A ) I A

RTCA SC-214 / EUROCAE WG-78 Advanced Data Communication Baseline 2 Standards. Baseline 2 Tutorial. Melbourne (FL), March 2013

The Virtual Centre Model

Adapting to air traffic growth in Europe

THE ICAO EUR/NAT OFFICE ROUTE DEVELOPMENT GROUP EAST (RDGE) (Presented by the Secretariat) SUMMARY

Faculdade de Direito, Lisboa, 02-Jul The Competitive Advantage of Cybersecurity

Design & Manufacture Seminar SOFTWARE SECURITY & DESIGN ASSURANCE JAYSON ROWE SENIOR ENGINEER AVIONICS

Global Air Navigation System Performance Based Air Navigation eanp Framework

Communication, Navigation, Surveillance (CNS) engineers and executives of Airports Authority of India

Contents. Acknowledgments

ASTRAEA the findings so far

Emergency Support Function (ESF) #5. Emergency Management

NEFAB Project Initiative 8 Supervision and Monitoring of CNS Infrastructure

NEFAB ANSP Programme Business Plan ANSCB meeting 12 October 2015

OPEN meter Project. OPEN meter. OPEN meter. Open Public Extended Network 7 TH FRAMEWORK PROGRAMME

NATO Cyber Security Capabilities & Industry Opportunities Building on Solid Foundations. Ian J West Chief, Cyber Security

Cybersecurity for ALL

TOWARDS A MORE SECURE ATC VOICE COMMUNICATIONS SYSTEM

ICAO New FPL Format Interpretation of different set of rules -

Transcription:

International Civil Aviation Organization CP-WGI 19/ IPxx 20-22 January 2016 INFORMATION PAPER COMMUNICATIONS PANEL (CP) NINETEENTH MEETING OF WORKING GROUP - I Montreal, Canada 20-22 January 2016 Agenda Item 4.2: IPS Security ATM SAFETY CRITICAL COMMUNICATIONS IPS SECURITY CURRENT STATUS AND EVOLUTION (Presented by EUROCONTROL) 0BSUMMARY The purpose of this paper is to list IPS Security current and planned documents related to the ATM Safety Critical Communication which are identified by EUROCONTROL as being critical for the IPS recent standardisation context evolution lead by the Communication Panel (CP) and falling under the incidence of WGI area of expertise. It is intended to update the references of his paper on regular basis. In order to initiate the work in this direction a minimum set of assumptions / questions are to be answered 1. Introduction 1.1 Most of today s ATM systems deployed world-wide use or plan to use Internet Protocol based technology. To ensure that the communication is secure, the appropriate security mechanisms need to be implemented. 1.2 Amongst different mechanisms, the use of PKI technology is considered. Strong authentication implementations would require the establishment of a public key infrastructure (PKI). However, the use of this technology may adversely affect the ATM systems interoperability. Consequently, a World-wide strategy for the deployment of PKI technology needs to be addressed. 1.3 The purpose of this paper is to list IPS Security current and planned documents related to the ATM Safety Critical Communication which are identified by EUROCONTROL as being critical for the IPS recent standardisation context evolution lead by the Communication Panel (CP) and falling under the incidence of WGI area of expertise. It is intented to update the references of his paper on regular basis. (5 pages) ACP WG-I/18 IP-xx

ACP-WGW/18 IP-01-2 - 2. Current status of IPS Security documents 2.1 AMHS and the European Directory Services (EDS): 2.1.1 For Messaging (AMHS), IPS security evolution shall comply and support the Security requirements of EUROCONTROL Specification on the AMHS, September 2009 Annex D Security. The document is available for download at: https://www.eurocontrol.int/documents/amhs-specification 2.1.2 The EDS Operational Concept defines an EDS security policy for authentication and access control based on the X.500 standards. Authentication and access control requirements on section 5.5 of ICAO EUR Doc.020 EUR AMHS Manual Appendix G: European Directory Services (EDS), April 2013 shall apply. Note 1: Technical requirements for the Directory Service are based on ICAO Doc 9880: Manual on Detailed Technical Specifications for the Aeronautical Telecommunication Network (ATN) using ISO/OSI Standards and Protocols, Part IV Directory Services, Security and Systems Management, First Edition 2010 Note 2 : AMHS and EDS Security is planned to be addressed in a future edition of Technical requirements for the Directory Service are based on ICAO Doc 9880: Manual on Detailed Technical Specifications for the Aeronautical Telecommunication Network (ATN) using ISO/OSI Standards and Protocols, Part IV Directory Services, Security and Systems Management 2.2 Voice over IP (VoIP) 2.2.1 For VoIP in ATM security recommendations had been defined in EUROCAE ED-138 Part1 Network Specification, edition February 2009, chapter III Security Policy. 2.2.2 The EUROCAE ED138 is referenced in the Part III Guidance of the ICAO Doc 9896: Manual on the Aeronautical Telecommunication Network (ATN) using Internet Protocol Suite (IPS) Standards and Protocols, Second Edition currently under publication. 2.2.3 EUROCAE ED138 document is available at: https://www.eurocae.net/ Note: EUROCONTROL VoIP Implementation Support Group (VOTE) set up a VoIP Security Subgroup with activities planned between January 2016 and June 2017. The following set of deliverables will be developed by this sub-group: Minimum level of VoIP security across ANSPs, Common Code of VoIP Connection document, Cyber-security threats analysis associated with cross-border VoIP, VoIP Security Implementation Guidance, Security issues reporting mechanism across ANSPs. 2.3 Secure Dialogue Service (SDS) 2.3.1 ICAO Doc 9896 includes an IP Dialogue Service which allows legacy (ATN/OSI) applications such as CPDLC and CM to operate in the ATN/IPS environment. The IP Dialogue Service presents the same logical interface to legacy applications as in the OSI environment. Secure Dialogue Service (SDS) subgroup deliverables are expected by end 2016.

- 3 - ACP-WGW/18 IP-01 2.4 Future Communication Infrastructure (FCI) 2.4.1 A high level overview of the Security framework of Aeronautical Mobile Airport Communication System (AeroMACS) that are applicable to both the airborne radios and the ground systems was presented in WP14 of ICAO WGI-18 meeting in June 2015. 2.4.2 For other datalinks part of the Future Communication Infrastructure (FCI) security provisions are under development by SESAR Project 15.2.4. 2.4.3 SESAR Project 15.2.4 Deliverable 05 - FCI Security Risk Assessment Report, May 2014 is available under dissemination request to SESAR Joint Undertaking. 2.4.4 SESAR Project 15.2.4 Deliverable 09 - FCI Logical Architecture will be submitted for approval to SESAR Joint Undertaking in Jan 2016. 2.5 Operational Concepts 2.5.1 EUROCONTROL published two IPS security related operational concepts. 2.5.2 The first one, CS6-6 Management of Common Network Resources Service/Security Certificate Service (CNR/SCS) will be part of the security infrastructure of the ATM system, covering the delivery of the Public Key Infrastructure (PKI) to perform user authentication and encryption/decryption when needed. The objective of this service will be the delivery of the network keys, ensuring network security and avoiding heavy coordination between the different stakeholders. The document was released in November 2015 and is available at: http://www.eurocontrol.int/publications/conops-cnr-6-6 2.5.3 The second one, CS6-7 Management of Common Network Resources Service/Operation and Coordination of Network Security (CNR/OCNS) is a new operational service to coordinate issues relating to cyber security, to consolidate the ATM network cyber security events/incidents and to recommend actions, when and if needed (cyber attacks for instance). 2.5.4 It is composed of the European ATM CERT (Computer Emergency Response Team) in charge of collecting, generating and sharing cyber intelligence as well as coordinating the pan-european response to cyber security events/incidents, and of a Security Operations Centre (SOC) for all centralised services and for those stakeholders wishing to delegate (entirely or partially) their SOC to the CS6-7. The document was released in August 2015 and is available at: http://www.eurocontrol.int/services/cs6-7-management-common-network-resources-serviceoperationand-coordination-network

ACP-WGW/18 IP-01-4 - 3. List of Reference Documents 3.1 ICAO DOC 9896 ATN/IPS Manual, edition 2010 Part I Detailed Technical Specifications Chapter 2 Requirements 2.5 Security Requirements 3.2 EUROCONTROL Specification on the AMHS, September 2009 Annex D Security. 3.3 ICAO EUR Doc.020 EUR AMHS Manual Appendix G: European Directory Services (EDS), April 2013 - section 5.5 3.4 ICAO Doc 9880: Manual on Detailed Technical Specifications for the Aeronautical Telecommunication Network (ATN) using ISO/OSI Standards and Protocols, Part IV Directory Services, Security and Systems Management, First Edition 2010 3.5 EUROCAE ED-138 Network Requirements and Performances for Voice over Internet Protocol (VoIP) Air Traffic Management (ATM) Systems, Part 1:Network Specification, chapter III Security Policy, edition February 2009, 3.6 SESAR Joint Undertaking, Project 15.2.4 Deliverable 05 - FCI Security Risk Assessment Report, May 2014 3.7 EUROCONTROL CS6-6 Management of Common Network Resources Service/Security Certificate Service (CNR/SCS) Operational Concepts, version 2.1, November 2015 3.8 EUROCONTROL CS6-7 Management of Common Network Resources Service/Operation and Coordination of Network Security (CNR/OCNS) Operational Concept, version 2.1, August 2015. 4. Discussion 4.1 CP Work Programme item 8 (Job-Card CP007.001 WG/I,S, T) calls to develop a security technical framework identifying policy issues by the end of 2016 and then finalising the related standards and guidance material by 2020. 4.1.1 CP Work Programme item 8 description: In coordination with the AVSEC Panel and others as needed), establishment of technical provisions to meet security requirements for the COM aspects (considering the operational requirements). Initially this will involve the development of a security technical framework, raising questions on security policy and operational issues for consideration by other panels, ie; AVSEC, RPASP, IMP. 4.2 Taking into account the close deadline, in order to initiate the work in this direction a minimum set of assumptions / questions are to be answered: 4.2.1 All current development is section 2 of this paper is based on PKI technology. Is the PKI technology the common and agreed technical solution for ensuring the IPS Security? 4.2.2 If the answer to the question above is yes, do we need a global PKI aviation architecture? Is that feasible? 4.2.3 If the answer to the above question is yes, who will address the following implementation aspects? (Technical Requirements, Global Architecture, Implementation guidance, etc)

- 5 - ACP-WGW/18 IP-01 4.2.4 What need to be developed by each involved Panel? 4.2.5 How to ensure the PKI timely deployment? Who will be the responsible Authority? 5. Recommendation 5.1.1 It is recommended that the WGI members: a) Take note of the presented material b) Discuss the initial questions in section 4. c) Review and update the above list of reference documents in section 3. d) Propose appropriate measures to integrate the appropriate material in ICAO DOC 9896 next edition to ensure Job Cards completeness in relation with the ATN/IPS CP work programme items. e) Coordinate with WGM for AMHS and EDS security developments. END

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information