Volume List  / Volume 3 (4)

Article

CYBER SECURITY FOR AIRPORTS

DOI: 10.7708/ijtte.2013.3(4).02


3 / 4 / 365-376 Pages

Author(s)

Kasthurirangan Gopalakrishnan - Department of Civil, Construction and Environmental Engineering, Iowa State University, USA -

Manimaran Govindarasu - Department of Electrical and Computer Engineering, Iowa State University, USA -

Doug W. Jacobson - Department of Electrical and Computer Engineering, Iowa State University, USA -

Brent M. Phares - Bridge Engineering Center, Institute for Transportation, Iowa State University, USA -


Abstract

In today’s information age, government organizations and business enterprises are heavily relying on interconnected computer systems to manage a variety of public services including energy, transportation, water, etc. While this increased connectivity has many operational advantages benefitting the public, they have also become vulnerable to cyber attacks such as Corporate Security Breaches, Spear Phishing, and Social Media Fraud. The aviation sector is one the critical infrastructure systems that is not only vulnerable to physical threats, but also cyber threats, especially with the increased use of Bring Your Own Device (BYOD) at airports. It has been recognized that there is currently no cyber security standards established for airports in the United States as the existing standards have mainly focused on aircraft Control System (CS). This paper summarizes the need, background, ongoing developments and research efforts with respect to the establishment of cyber-security standards and best practices at U.S. airports with special emphasis on cyber security education and literacy.


Download Article

Number of downloads: 16119


References:

ACI-NA. 2011. ACI-NA Business Information Technology Committee Participation Plan. Airports Council International of North America. Available from Internet: http://www.aci-na.org/sites/default/files/bit_committee_participation_2012.pdf.

 

AirTight Networks. 2012. Impacts of Bring Your Own Device (BYOD) on Enterprise Security. A Survey by AirTight Networks, Inc. Available from Internet: http://www.airtightnetworks.com/fileadmin/pdf/AirTight-BYOD-Survey-April-2012.pdf.

 

Cook, C. 2010. Heathrow Terminal 5: An IT Infrastructure success story. Airports International Magazine, Key Publishing Ltd.

 

Cheong, B. 2011. Cyber security at airports. Airports Council International of North America. Available from Internet: http://aci-na.org/sites/default/files/cheong-cybersecurity-bit.pdf.

 

Duggan, D.P. 2005. SAND2005-2846P: Penetration Testing of Industrial Control Systems. Technical report, Sandia National Laboratories.

 

Fortinet. 2012. Top 10 Network Security Threats. Fortinet, Inc. Available from Internet: http://www.fortinet.com/.

 

GAO. 2009. Aviation Security: A National Strategy and Other Actions Would Strengthen TSA’s Efforts to Secure Commercial Airport Perimeters and Access Controls. GAO-09-399. Report to Congressional Requesters, US Government Accountability Office (GAO), Washington, D.C. Available from Internet: http://www.gao.gov/new.items/d09399.pdf.

 

Hahn, A.; Kregel, B.; Govindarasu, M.; Fitzpatrick, J.; Adnan, R.; Sridhar, S.; Higdon, M. 2010. Development of the PowerCyber SCADA security testbed. 2010. In Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, CSIIRW ’10.

 

Infosecurity. 2008. Cyber security lacking at airports. Available from Internet: http://www.infosecuritymagazine.com/view/1206/cyber-security-lackingat-airports-/.

 

INL. 2007. National SCADA Test Bed: Fact Sheet. Idaho National Laboratory (INL), Idaho.

 

INL. 2008. Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program. Technical report, Idaho National Laboratory (INL).

 

Jacobson, D.; Idziorek, J. 2012. Computer Security Literacy: Staying Safe in a Digital World. Chapman & Hall/CRC Press, First Edition, Boca Raton, USA.

 

Kaiser, L. 2012. 2013-2023 Transportation Industrial Control Systems (ICS) Cybersecurity Standards Strategy. U.S. Department of Homeland Security. Available from Internet: http://trbcybersecurity.erau.edu/files/Transportation-Standards-Plan.pdf.

 

McAllister, B. 2011. How to be Cyber Secure. Aviationpros. Cygnus Business Media. Available from Internet: http://www.aviationpros.com/article/10522704/cyber-security-for-airports.

 

Nessi, D. 2013. Knowing Your Virtual Vulnerabilities. Aviationpros. Cygnus Business Media. Available from Internet: http://www.aviationpros.com/article/10898119/know-your-virtual-vulnerabilities.

 

Parks, R.C. 2007. SAND2007-7328: Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment. Technical report, Sandia National Laboratories.

 

Permann, M.R.; Rohde, K. 2005. Cyber Assessment Methods for SCADA Security. Technical report, The Instrumentation, Systems and Automation Society (ISA).

 

Rencher, R.; Whitlock, S.; Francy, F. 2012. Securing Airline Information on the Ground and in the Air. The Boeing Company, Aero Quarterly, QTR_03. 25-28.

 

TSWG. 2012. Roadmap to Secure Control Systems in the Transportation Sector. Version 3.0, Prepared by the The Roadmap to Secure Control Systems in the Transportation Sector Working Group. Available from Internet: http://www.us-cert.gov/control_systems/pdf/TransportationRoadmap083112.pdf.

 

Williams, J.H.; Signore, T.L. 2011. National Airspace System Security Cyber Architecture. Case #10-4169, Approved for Public Release by the FAA. Available from Internet: http://www.mitre.org/work/tech_papers/2011/10_4169/10_4169.pdf.