icao cyber summit · direction générale de l’aviation civile icao cyber summit dubaï, april...
TRANSCRIPT
Ministère de l‘Environnement, de l’Energie et de la Mer
Direction générale de l’Aviation civile
ICAO Cyber Summit
Dubaï, April 2017
An ANSP Perspective
Loïc ROBIN, DSNA (French ANSP)
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
InfoSec environment
CULTURAL &
MANAGt TECHNICAL
INSTITUTIONAL
SYSTEMWIDE
National : Security Policy SOC Logging System arch. Mapping Firewall ….
Europe : Network Interconnection (Others ANSP; PENS) Euroncontrol CANSO EUROCAE
National : (General)
Parliament (Law) Government (ANSSI) (ATM)
NSA
Europe : (General)
European Commission (NIS directive) (ATM)
EASA
A more and more open system …and also more and more integrated (air/ground) A problem that is not specific to ATM. A rapidly evolving threat that requires expertise
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
My scope today
1. A matter of corporate culture, first ?
2. About security management ?
3. Cooperation & Partnerships
Ministère de l'Écologie, du Développement durable, et de l’Énergie
Direction Générale de l’Aviation Civile
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction générale de l’Aviation civile
Culture
Page 4
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – Intro #2 part 1
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – Intro #2 part 2
Safety Safety Safety
Stil
l sa
fety
Always safety
Don’t forget safety
Control Tower
football
Aic
ra
ft
sa
fety
net
Se
cu
rity
Safety first
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – #1-1 – Internal organization
Direction
Mission Environnement
SDRH Sous direction
Ressources Humaines
SDFI Sous direction
Finances
SDPS Sous direction Planification
Stratégie
DO Direction
Opérations
SIA CESNAC
DTI Direction
Technique Innovation
5 CRNA
11 SNA
Mission Management Sécurité, Qualité
Sûreté
Management : Safety Quality Security Independant of Operationnal & Technical Directorates
Safety Quality
Staff : ~8000 (4000 ATCO; 1500 ATSEP; …) Controlled flights : ~3 000 000 per year
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – #1-2 – Internal organization
What does that mean ?
InfoSec has been taken into account like any other evolution in safety before…
Never the same in depth reflection that
the one we had had for safety
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
RDPS
FDPS VCS
Power supply
CWP + ATCO
1. Corporate culture – #2-1 – Perception of threat
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
What does that mean ?
our perception of what is critical or not is still too often limited to what is real-time job or not we use sensitive data in operational rooms (not necessary confidential), but we have also sensitive data outside these rooms (sometimes confidential)
1. Corporate culture – #2-2 – Perception of threat
This is also a matter of cultural maturity
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture –#3-1-Internal threat
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture –# 3-2-Internal threat
DDOS
jan
Virus
jun
Trojan Horse
oct
DDOS (Webserver)
mar
Defacement
fév
Phreaking
jan
Trojan Horse
jun
Defacement
aou
Ransomware
déc
aou
jan
Phreaking
Worm
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
What does that mean ?... or doesn’t mean !
We still have to convince : • Cyber-threat is a reality • Internal threat ≠ malicious « Cyber hygiene »
1. Corporate culture – #3-3 – Internal threat
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – # 4-1 – The reflex « cyber »
The scenario : • August 2016 :
Computer slowdowns at an airport
• Replacement of the computer, NIC, ….
• Several WEEKS later : « Could it be a cyber problem ? »
….and it was…
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
What does that mean ?
Thinking « cyber » is not natural yet Cyber likelyhood still too often considered when there’s nothing left in the toolbox
1. Corporate culture – #4-2 – The reflex « cyber »
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – end #1
Safety Safety Security
Stil
l sa
fety
Authentification
Cyber awareness
Control Tower
football
Aic
ra
ft
sa
fety
net
Fire
wa
ll
Safety first
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
1. Corporate culture – end #2
• Our culture must better integrate cyber issues
• This will be reflected in our organizations
• This will include the need for a « cyber hygiene » for all (operationnal AND non operationnal staff)
• This should lead to an increased training, particularly for the ATSEPs
Awareness is of the utmost importance… …and is our top priority
Ministère de l'Écologie, du Développement durable, et de l’Énergie
Direction Générale de l’Aviation Civile
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction générale de l’Aviation civile
Management
Page 19
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
SECURITY
SAFETY
2. Management - Intro
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
2. Management – #1-1 - What about the model ?
REASON & SAFETY
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
2. Management – #1-2 - What about the model ?
REASON & SAFETY
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
2. Management – #1-3 - What about the model ?
REASON & THE MALICIOUS ACT
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
REASON & THE MALICIOUS ACT
2. Management – #1-4 - What about the model ?
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
2. Management – #2 – The time-scale
SAFETY SECURITY
Long development cycle Safety case for any change
New vulnerabilities New cyber-attacks
Service must be restored Must be observed before
(APT)
Both to be reconciled in a same management system !!
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
2. Management – #3 – « Sharing » vs « secret »
• Safety improvement largely based on information sharing… …even if each of us remains autonomous for his action plan.
• The culture of secrecy still often surrounds the world of security ... …even though we will certainly have to coordinate our policies.
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
CULTURAL &
MANAGt TECHNICAL
INSTITUTIONAL
SYSTEMWIDE
Ministère de l'Écologie, du Développement durable, et de l’Énergie
Direction Générale de l’Aviation Civile
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction générale de l’Aviation civile
Cooperation & Partnerships
Page 28
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
3. Cooperation & Partnerships – #1-1 – SOC
How did we imagine a SOC organization adapted to us ? • First question : Internal or external ?
• External : we thought an ATM expertise would be missing. We wanted expertise in our system architecture, but also in our system operation (NOC for example)
• Internal : do we have the required competence ? Are we able to maintain it the long term ? Is that our role ?
• The scope ? Operationnal AND non operationnal systems (a
kind of « crash box »)
• Operation : must be efficient and robust
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
SIEM
Ops. Systems
Archi
SIEM
External
Assistance
3. Cooperation & Partnerships – #1-2 – SOC
3 different locations in DSNA + 1 external assistance, working together, each in his role
Role: Logs analysis Incident response Ops + InfoSec expertise
Location : NOC
Role : SOC « Pilot » Incident response coordination Logs analysis Ops + non-ops + InfoSec competence Training/Awareness Watch
Location : IS Dir. For non operationnal system + Ops Dir.
Role : Technical expertise Incident response Risk assessment Training/Awareness Secured architect.
Location : Techn. Dir.
Role : Support for SOC implementation. InfSec Expertise (« hacking ») Incident response Training/awareness « Forensic » « Pentesting »
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
3. Cooperation & Partnerships – #2-1 – What is to come…
• 80s-90s : ANSP : OLDI deployment with end-to-end links /
Proprietary languages / Analogic Ground/Ground comm.
Airports : some information exchange Aircrafts : VHF & radar
• 1990-2000
ANSP : Networks (X25) / no more proprietary languages Airports : some interconnections
• 2000-2010….
ANSP : (New)PENS / IP (including G/G & Radar) / COTS Airports : interconnections (CDM) Aircrafts : VDL, CPDLC, ADS-B, EhS, …
Ministère de l’Environnement, de l’Energie, et de la Mer
Direction Générale de l’Aviation Civile
3. Cooperation & Partnerships – #2-2 – What is to come…