The terrorist attack on the twin towers of the World Trade Centre on 11 September 2001 taught the world that an attack on aviation can, aside from the direct human and material impact, result in extremely negative societal and economic consequences on a global scale.
This prompted us to look at how European Air Transport could be appropriately protected. As a result, 'ATM Security' was launched as a discipline on its own right.
Impact of ATM Security issues
A security incident may of course have a very negative impact on flight safety, but it can also impact the provision of air navigation services, the availability of ATM/CNS (Communications Navigation Surveillance) infrastructure or the confidentiality, integrity and availability of data;
Future operational concepts such as SESAR and NextGen will increasingly rely on information‑sharing and the use of new technologies. It is therefore vital to protect ATM assets if we are to enable the level of safety, integration and interoperability required under future operational concepts. ATM assets include aircraft, people (e.g. passengers, crew and ATM personnel), physical infrastructures, Communication, Navigation & Surveillance (CNS systems), ICT (Information and Communications Technologies) systems and operational data.
ATM Security has an interface with Airspace Security, which focuses on national security and defence requirements, operational aspects of collaborative support, and technological security and interoperability between civil and military systems.
ATM Security is a major component of Aviation Security (AVSEC)
and comprises two key areas
|Self-protection of the ATM system||
Safeguarding of the ATM (Air Traffic Management) System from security threats and vulnerabilities, by ensuring the security and resilience of the physical infrastructure, personnel, information and communication systems, ATM/CNS infrastructure and networks;
ATM Collaborative Support
|To civil aviation security, national security and defence, and law enforcement.|
|Activities and bodies|
ATM Security development
|ATM Security is safeguarded in coordination with the NATO EUROCONTROL ATM Security Coordinating Group (NEASCOG) and the ATM Security Team (SET). Both bring together the major ATM players responsible for ATM security such as national civil and military authorities (i.e. the National Supervisory Authorities -NSAs), airspace users, ANSPs (Air Navigation Service Providers), organisations such as ICAO, FAA (US Federal Aviation Administration), ECAC, EC (European Commission), professional associations of pilots and controllers, general aviation and the military, etc.|
Collaborations with partners
|We have established an open and productive working relationship with ICAO, ECAC, EUROCAE (European Organisation for Civil Aviation Equipment), NATO, IATA, IFALPA (International Federation of Air Line Pilots' Associations) and other organisations, Member States and industry partners. This collaboration ensures consistency on how to address ATM security issues and makes it possible to move forward in a constructive way.|
Implementation support and training courses
We provide guidance in areas such as the implementation of legal requirements in the field of security (e.g. security oversight, security management systems, etc.)Twice a year, the Institute of Air Navigation Services (IANS) organises ATM security and civil/military ATM training for our stakeholders.
We provide support to
- The European Commission, in the context of the Stakeholders Advisory Group for Aviation Security (SAGAS), identifying critical infrastructures in ATM, implementing new regulations for the security of air cargo and mail from third countries and R&D projects, e.g. GAMMA (Global ATM Security Management);
- ICAO in developing and reviewing the ATM Security Manual and developing threat and risk assessments for ATM;
- ECAC in reviewing ATM Security guidance (ECAC Doc30 document);
- NATO in implementing the Cooperative Airspace Initiative (CAI) with the Russian Federation, and possible interface with the US ADAPT (Automatic Detection and Processing Terminal) system;
- EUROCONTROL Member States (e.g. guidance material for the ATM security oversight function and implementation of a Security Management System such as the 'Manual for National ATM Security Oversight).
We also contribute to
- The ICAO threat and risk working group for cyber and CNS security;
- Research &Development (SESAR - Single European Sky ATM Research Programme and ACARE- Advisory Council for Aeronautics Research in Europe).
Our major achievements
Some of the important milestones reached in the area of ATM security are:
- ASSIM (Airspace Security Incident Management) tool;
- CIRS (Comloss – loss of communications - Incident Reporting System) tool;
- SET guidance on security management systems for ANSPs and NSAs;
- NEASCOG guidance on airspace security incident management and cyber;
- ATM security oversight manual;
- Complementary work programmes to bring forward improvements in European ATM security. The current NEASCOG work programme focuses on cyber security, airspace security and training;
- Air Traffic Management Security guideline documents, training programmes and toolkits;
- Security Risk Assessments;
- Comprehensive ATM security strategy for the SES (Single European Sky Programme);
- Leading ATM security in the ECAC (European Civil Aviation Conference) work programme;
- Airspace Security Policy
Improvements have been made in the areas of threat assessment, early threat detection of possible suspicious flights, incident management, education, awareness and training. The number of COMLOSS (loss of communications) incidents has thus been reduced by 30% in recent years. The new NEASCOG programme of work is expected to bring more achievements in cyber, CNS and airspace security and security training.
Our priorities for the future
Over recent years, international collaboration has greatly improved between the organisations concerned.
Still, the threat is persistent and evolving. Work must continue, with particular focus on new emerging threats (cyber attacks on CNS systems, missile attacks, laser interference, RPAS - Remotely Piloted Aircraft Systems, etc. ) while maintaining a close watch on the full spectrum of threats through risk management processes.
Our work is currently focused on how to ‘Make Security fit for 21st Century’. This will mainly be achieved by establishing a civil-military “Total System Approach” security structure at national and international level.