Simulation-supported aviation cyber-security risk analysis: a case study

The air transport infrastructure is important and prominent. The current aviation system is already vulnerable and the advent of more automation and pervasion of standard IT in the future leads to ever more complex and interconnected systems with an increasing attack surface. To cope with this situation, we need suitable methods and tools to achieve understanding of the consequences in potential cyber threat situations. In this paper, we present results of a case study on the use of simulation methodologies to support aviation cyber-security risk assessment. We use different variants of a flight plan data manipulation scenario as well as a scenario, where the availability of flight plan data is compromised. The one day scenarios were implemented in the air traffic simulator TrafficSim. The aim is to investigate the potential of the methodology and to achieve an estimation of cyber-threat potentials in connection with flight plan data processing. One scenario capped the flight level of 473 flights on the same airway, resulting in 1073 t additional fuel, and 147 flights would spent their minimum final reserve fuel before landing. A second scenario showed that four or five flights, missing their flight plan at startup, could impact a well utilized runway for about 2–4 h. During a risk assessment, the effects of an attack can be more accurately assessed using simulation results. We recommend to (1) develop, maintain, and apply simulation models and cyber attack simulation scenarios, (2) connect and develop simulation models from “gate-to-gate”, and (3) integrate human interactions with cyber attack simulation scenarios.