caa norway perspective on cybersecurity in aviation · 2020. 11. 25. · caa norway perspective on...
TRANSCRIPT
![Page 1: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/1.jpg)
![Page 2: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/2.jpg)
CAA NorwayPerspective on cybersecurity in
aviation
Bjørnar Davidsen - Manager of Civil Protection
Sjur Hartveit - Senior consultant Cybersecurity
![Page 3: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/3.jpg)
CAA Norway – core tasks• Oversight
• Approval
• Legal and regulatory
• Safety promotion
• Civil protection and preparedness
![Page 4: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/4.jpg)
Mr. Davidsen &Mr Hartveit
![Page 5: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/5.jpg)
Cyber threats in aviation – a holistic view
![Page 6: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/6.jpg)
Not only aircraft...
Airports (Aerodromes )Airport SecurityTraining organisationsAero-Medical CentresGoods transportationSupplies
![Page 7: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/7.jpg)
And drones (airborne IoT)…
![Page 8: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/8.jpg)
And (soon) AI…
1
2
3
4
5
Human + Cyber factorsSource: DARPA
![Page 9: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/9.jpg)
Example: GPS Data Spoofing
Avisa Nordlandhttps://www.an.no/flykaptein-er-bekymret-over-stoy-krigen-som-foregar-i-nord-norge-har-ikke-opplevd-et-tidligere/f/5-4-1316985
![Page 10: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/10.jpg)
Example: PAX Entertainment Services - SATCOM
Wifi
![Page 11: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/11.jpg)
PAX Entertainment system – block diagram
Source: IDG Publishing
![Page 12: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/12.jpg)
PAX Entertainment system – Antenna Control Unit (ACU)
Source: Santamarta (IOActive Inc.) ‘Last Call for SATCOM Security’Whitepaper 2018
![Page 13: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/13.jpg)
PAX Entertainment system – the whole picture…
Source: Santamarta (IOActive Inc.) ‘Last Call for SATCOM Security’Whitepaper 2018
未来Mirai botnet
![Page 14: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/14.jpg)
Cybersecurity from a legal perspective
![Page 15: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/15.jpg)
![Page 16: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/16.jpg)
Cybersecurity in aviation - CAA Norway tasks• Implementing rules (EASA NPA-2019-07 etc,)
• Mapping/surveillance (e.g. ISMS)
• National Cyber Security Center - Partner
• Information sharing (Forum for digital security)
• 2021(2022?) Oversight within cybersecurity• ISMS
• Resources
• Information security policy
• Roles and responsibility
• Risk assessments
• ……
• Get involved with cybersecurity research and innovation
![Page 17: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/17.jpg)
Questions?
• We can also be reached at CAA Norway:
• Bjørnar Andre Davidsen bad@ caa.no
• Sjur Hartveit [email protected]
![Page 18: CAA Norway Perspective on cybersecurity in aviation · 2020. 11. 25. · CAA Norway Perspective on cybersecurity in aviation Bjørnar Davidsen - Manager of Civil Protection Sjur Hartveit](https://reader033.vdocuments.us/reader033/viewer/2022052814/60a0736eea63ac0b5f494816/html5/thumbnails/18.jpg)
Thank you for your time.