Addressing Security in the ATM Environment: From Identification to Validation of Security Countermeasures with Introduction of New Security Capabilities in the ATM System Context

This paper addresses the full lifecycle of security countermeasures identified in the Security Risk Analysis of the future Air Traffic Management System (ATM). The process establishes new security functions identified in the GAMMA project [1] and their implementations in order to ensure acceptable levels of security for ATM. In this project, ATM Security is addressed by focusing on two dimensions defined by Single European Sky ATM Research [2]: establishing a collaborative support capability by defining a framework embracing three-levels for Security Management (i.e. European, National, and Local) and developing security measures for the self-protection/resilience of the ATM Systems by exploiting automated security-related functions to handle potential threats. This paper concentrates on the second dimension and how the countermeasures are identified, implemented and developed in prototypes. The prototypes will then be validated in an operational scenario, through the new concept introduced by the project. The reader will be accompanied through a practical example of the whole process on how ATM Security needs have been identified. The objective is to protect the core ATM Security functionalities (Primary Assets) and corresponding Supporting Assets. We identified 44 of the most feared threat scenarios in terms of impact on the SESAR Key Performance Areas (KPA). The threat scenario described in this paper is "False ATCO", affecting the Supporting Asset "Voice system". The developed prototype is "SACom" (Secure ATC Communication) that considers the security countermeasures identified in the risk treatment analysis to reduce the risks. The paper concludes with the description of the activities planned for validating the SACom prototype as part of the proposed global solution.