In February 2017, the EASA (European Aviation Safety Agency) and CERT-EU (Computer Emergency Response Team) signed a Memorandum of mutual Cooperation (MoC) for the implementation of a European Centre for Cyber Security in Aviation (ECCSA). CERT-EU’s mission is to support the European Institutions to protect themselves against intentional and malicious attacks that would hamper the integrity of their IT assets and harm the interests of the EU.
ECCSA’s mission is to provide information and assistance to European aviation stakeholders (e.g. manufacturers, airlines, maintenance organisations, air navigation service providers) in order to protect the critical elements of the system such as aircraft, navigation and surveillance systems, datalinks, airports, etc. ECCSA will serve as an information sharing and management platform and will cover the full spectrum of aviation. The Centre will provide secure means for aviation stakeholders to exchange domain relevant cybersecurity information, such as vulnerabilities, events and incidents with the aviation community. Its operational team of analysts will provide additional inputs to the information shared by the participants and intends to assist its members in the successful prevention and response to cyber security incidents. In that cooperation, the role of CERT-EU will be to provide the appropriate and secure IT infrastructure services as well as the cybersecurity tools and threat management services needed for the development of cyber-secure components in aviation while EASA will provide the analyst resources and technical expertise for the coordination of the ECCSA.
The participation to ECCSA will be voluntary as well as the information sharing. The organisations that will join ECCSA as a member will become part of its Constituency and a number of them will be involved in the governance in order to ensure that the cyber security centre will be independently managed by its members. All stakeholders relevant for the safety and security of European Civil Aviation may apply for ECCSA membership providing they meet applicable security selection criteria.
The initial group of ECCSA should include the following stakeholders:
- Aviation manufacturers: aircraft, parts, avionic systems or ground systems, etc.
- Aviation organisations: airlines, maintenance repair organisations, aviation communication services providers, etc.Air Navigation
- Service Providers (ANSP): national and cross-border ANSPs.
- European Commission, EASA, CERT-EU, ENISA, National Aviation Authorities and governmental Civil Aviation institutions etc.
By becoming members of the ECCSA, stakeholders will benefit from secure information exchange and aviation cyber-intelligence sources platform. They will also be informed of attacks and be provided (on demand) with means to face cyber security threats. On the other side, European regulators expect to gather information about cyber security threats and improve the safety of air transport. To make this work, precise rules for dissemination and information exchange amongst members will be needed and it is already planned that a Traffic Light Protocol (TLP) will be used for this purpose. The pilot phase to select future ECCSA founding Members will be launched soon.