Cyber Threats in Aviation - Any Lessons from other Industries Experience with Cyber?


Cyber Threats in Aviation - Any Lessons from other Industries Experience with Cyber?

Stefan Frei

This talk first addresses the peculiarities of the cyber security field and what the software industry had to painfully learn in the past decades in order to adapt to these new threats. To understand the cyber landscape and how it affects aviation we classify threat actors and explain global developments that critically impact the security (such as interdisciplinary, complexity, miniaturization, diversity of the crowd, price erosion, dynamics of the security community, ...). Based on the realization that cyber security is a complex adaptive system (CAS), rather than a simple technological issue, we highlight fundamental properties of a CAS that help us understand future threats, design effective security, and to identify ineffective security approaches. In part two the talk examines how the aviation industry and authorities handled safety and security issues in the past 100 years – and challenges the applicability of these processes to address current and future cyber threats. We show how previously secure and isolated aviation systems become critically exposed and identify security assumptions that are prone to fail in the present cyber landscape. The talk concludes with key lessens learned by other industries and how these can be applied to the aviation sector. Recommendations on the organizational, system design, and technical level are given in the hope to create awareness and avoid preventable issues with cyber security in aviation. For many of the challenges solutions already exist – let’s get them implement before they get exploited.

April 21, 2016, Stefan Frei


  1. Slides: 8. Deutscher Verkehrspilotentag

Exteral Links


Date Time: 2018-08-17 16:34:32
Recent Papers
Recent Press Coverage
© 2000-2018 Stefan Frei