Passenger Terminal Today.com
The daily portal for the latest airport passenger terminal news and views
   Sort by: relevance most recent



INDUSTRY OPINION >>

Safe travels: How blockchain and the cloud can reinforce cybersecurity in aviation

From keeping aircraft in the air to checking passengers in, aviation organizations rely heavily on IT systems. However, data collected from the growing number of aircraft, routes and passengers has increased the pressure on these systems, while legacy and inflexible IT systems are also leaving airlines vulnerable to the growing threat of cyberattacks.

Jeff Cass, VP, strategy, at the aviation and defence business unit at IFS, explains why safeguarding data is a serious challenge in the aviation industry and how cloud security and blockchain can help airlines reinforce cybersecurity.

Like most industry segments, airlines are quickly realizing that threats are just as likely to come from inside the organization as from outside. Cyberattacks have been reported at airports across the world, and it seems only a matter of time before we see an attack on a major airline.

In response to this threat, many commercial aviation organizations are actively hiring chief security officers and, according to a SITA Airline IT Trends Survey, the number of airlines which said they were advancing preparations to manage cyber risks has almost doubled to 91% in three years.

With more IoT-enabled sensors being used, it’s actually the newer aircraft fleets which have a higher chance of being attacked, many of which can be ill-equipped to prevent unauthorized access. Real-time air-to-ground communications, which are increasingly being used for things such as passenger wi-fi, are evolving to support mission critical functions such as inflight fuel adjustments and aircraft health monitoring, both of which could severely disrupt airlines if compromised.

The safeguarding of data has become a major challenge for airlines, one that threatens to disrupt key practices for the entire industry.

Compliance priority
From passenger information at check-in desks to engine health data and maintenance history, airlines collect huge amounts of data. The corruption or loss of any of this information can pose serious safety and regulatory issues.

Storing information means airlines must adhere to compliance regulations, such as PCI DSS for customer payment data, or the UK Data Protection Act, which states that information must be protected against unauthorized access and accidental loss. These regulations are even harder for international airlines to meet, as they have to cope with different data compliance laws across country borders.

This has implications on data storage, a lot of which is now being held in the cloud. Companies that don’t have strict policies in place, lack data access controls or use legacy IT systems will struggle to keep their data secure.

Blue sky thinking
Cloud solutions are a vital tool in the new airline IT landscape, especially when dealing with scheduled and unscheduled aircraft maintenance. Having mobile devices wirelessly connected to software and data in the cloud frees up personnel from having to physically or electronically store manuals and documents.

Powerful and easy-to-use mobile applications are now available to help decipher the mountains of data available, finally leveraging the elusive ‘return on experience’ to support mechanics in real time.

This also helps with compliance during inspections, as data on portable tools can be easily recorded. A cornerstone principal in aviation compliance is having that second set of eyes. Allowing data to be shared across organizations lowers the potential for errors as there is no longer the time lag and inaccuracy that workers have been accustomed to from paper records.

The new generation of cloud solutions can be set up in their own separate environments, which today have the potential to be far more secure than any previous private or on-premise data center. As the name suggests, cloud containers create isolated boundaries of data which means that if anything goes wrong in one container, it only affects that single cell and not the entire system – helping reduce the threat of a wider cyberattack.

Blockchain and cybersecurity
The aviation supply chain covers a wide variety of businesses, from original equipment manufacturers and Tier 1 suppliers to airlines, airports and third party MRO providers. This presents an interesting dilemma because not only do you need to secure and protect data accumulated from each party, you also need to be able to share it across this broad supply chain. Blockchain technology is emerging for this very purpose.

In a blockchain, each record, or ‘block’, of data has its own timestamp and is encrypted with credentials in a peer-to-peer relationship, which makes malicious tampering extremely difficult. All ‘blocks’ are linked to the previous block of data, meaning the only way to tamper with its content is to have the entire network of trusted peer-to-peer contributors collude to corrupt the chain.

Blockchain is still some way off being widely adopted, and is just a concept for airlines right now, but the technology has real potential to help boost cyber defences.

Safe travels
The fear of cyberattacks disrupting the entire aviation industry is driving organizations to make sure they have the right solutions in place when, not if, an attack occurs. Cloud security systems build the assurance airlines need to prevent and minimize the impact of cyberattacks, and blockchain could even further protect operational data for airlines in the future.

But keeping up with cyber developments requires airlines to adapt to new technology. Legacy systems pose a stumbling block, especially when it comes to dealing with compliance regulations and data protection – the cost of which can be damaging in an industry where safety is the top priority.

Inflexible and cumbersome IT implementations cannot always adapt quickly to incorporate new technologies to stay ahead in the cyber arms race. Airline systems need inherent agility in order to keep passengers, staff and the business safe from the rising tide of cyberattacks. 

October 5, 2017

 

Comments:

There are currently no comments.

If you would like to post a comment about this blog, please click here.




Monthly Poll >>

Should airports be developing their own indoor navigation systems in multiple languages or use external companies to develop their maps for them?

OPINION ARCHIVE >>



SUPPLIER SPOTLIGHT

Click here for listings and information on leading suppliers covering all aspects of the passenger terminal industry. Want to see your company included? Email Damien de Roche.

View all suppliers >>

Passenger Terminal World >>

Read latest issueNEW DIGITAL EDITION:
Passenger Terminal World September 2017 is now online.

Read now.


More Information>>

Railway Terminal World >>

Read latest issueNEW DIGITAL EDITION: From the publishers of Passenger Terminal World, the only magazine dedicated to railway terminal and station design and technologies.


Read the free digital edition >>


TV >>

Aberdeen International Airport opens new terminal extension

Scotland’s Aberdeen International Airport has officially opened the extension of its terminal with the help of HRH The Duchess of Cornwall, of The Duchess of Rothesay as she is known in Scotland.

Watch Now >>

Annual Showcase 2017 >>

Read latest issueNEW DIGITAL EDITION:

Passenger Terminal World Showcase 2017 is now online.

Read now.


More Information >>