SlideShare une entreprise Scribd logo

0503 al achkar-jabbour_lebanese_univ_rev

Mona Al-achkar
Mona Al-achkar

CyberSecurity, Mona Al Achkar Jabbour, UNOOSA, ICAO, Civil Aviation, Cyber Defense, Cyber safety, Cyber Peace, Cyber crime, Pan Arab Observatory for Cyber Security, Lebanese Information Technology Association

Technologie
1  sur  45
Télécharger pour lire hors ligne
Cyb-Air Security in Civil Aviation Mona Al Achkar Jabbour Lebanese University Pan arab Observatory for Cyber Security LITA ICAO/UNOOSA Symposium, 28-31 August 2017
Security: Safeguarding civil aviation against acts of unlawful interference. •measures •human •material resources This objective is achieved by a combination of: Cyber security is about the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access. But, it is also bout resiliency and survivability
Deal with unlawful acts like : • unlawful seizure of aircraft • destruction of an aircraft in service • hostage‐taking on board aircraft or on aerodromes • forcible intrusion on board an aircraft, at an airport or on the premises of an aeronautical facility • introduction on board an aircraft or at an airport of a weapon or hazardous device or material intended for criminal purposes • use of an aircraft in service for the purpose of causing death, bodily injury, or damage to property or the environment
Current landscape Developed Interconnection of civil aviation transport sector New technologies, and extension of connectivity use of Commercial Off The Shelf (COTS) solutions in the aviation industry Example: the field of Air Traffic Management (ATM) increase of the risk and the impact of threats to critical assets attackers become more numerous, adaptive and far- reaching Increase of cyber attacks Increase of points of attack extended on the entire industry chain including design, manufacturing, operation and maintenance processes of any aviation product next-generation cockpit that integrates connectivity and allows pilots to sync information with the outside world
Emerging challenges Connectivity , digitization, Internet of things, cloud services, big data analytics, artificial intelligence, and cognitive systems bring: • opportunity for growth • efficiencies But?! They also bring: • new and novel threats • vulnerabilities • increasing systemic risk complexity
Cyber New threats Emerging Challenges Three main targets could be the focus of cyber attacks on civil aviation: - internal airport computer systems - in-flight aircraft control systems - air traffic management systems Aviation widely and deeply relies on computer:
civil aviation relies on electronic systems for critical parts of their operations Management Operations Technologues Systems Processed Information Talking Cyber Security concerns:
• cyber-attacks directly affect CA systems even in the physical domains • numerous access points of attack • Any physical connection that passes data, is a potential pathway for an attacker • Examples: maintenance and logistic systems, radios, systems that connect operators and platforms (i.e. aircraft, pods). • Complexity: • vulnerabilities are not static • new vulnerabilities may be introduced with Every software update, every new capability, and every new piece of equipment • many operations dependencies will lie outside CA influence Cyber New Threats
• Disruption of flight schedules • Blocking messages between cockpits and control systems • Manipulation of flight data • Data loss Cyber New Threats
Report: Hackers broke into FAA air traffic control systems • Breaches exposed sensitive employee data, forced the shutdown of part of a network, and could have allowed hackers to disrupt the agency's mission- support network, a government report says. • 2006 US Federal Aviation Administration (FAA) was forced to shut down some of its air traffic control (ATC) systems in Alaska • 2009, An attack on an Federal Aviation Administration (FAA) computer – hackers obtained access to personal information on 48,000 past and present FAA employees
Carnage: The charred wreckage of the Spanair flight after the crash in Madrid in 2008 which killed 154 • August 2008 The crash of Spanair flight 5022, killing 154 people – Civil Aviation Accident and Incident Investigation Commission of Spain reported that the crash occurred because the central computer system used for monitoring technical problems on board the aircraft was infected with malware
• 2013, A cyber-attack led to the shutdown of the passport control systems at the departure terminals at Istanbul Atatürk and Sabiha Gökçen airports causing many flights to be delayed
Growing threats: IOT Thanks to advanced technologies, Frequent Cyber-attacks can be carried out: from virtually anywhere by anyone with sufficient knowledge low-budget methodologies The goal of these attacks (confidential, critical or sensitive information, to manipulate or erase information and/or to control or destroy systems or services Results •- uncontrollability of aircraft •- local, limited , large scale •- taking down of system because of an indirect attack (victim of “collateral damage”)
Growing threats: IOT • Risks are becoming physical • Some new connected devices could cause serious real-world damage Every new connected device represents a new link on the network SECURITY RISKS ARE INCREASING IN NUMBER, FREQUENCY AND IMPACT
Growing Danger cyber-nihilism weapons are no longer restricted to a small group of actors, including government agencies and coding virtuosos, who follow a set of ethics. scary exploits are available (breaches at the NSA) , rogue nation states , criminals who purchase them on the dark net
Warning So far, The attacks have primarily disrupted some support functions but they could get to the operational networks • (time surveillance, communications and flight information) Things can get worse, and damaging to the world peace, when we see that Nations attackers have been mentioned in many reports
National Security •stuxnet, BearWeaponized malware •States sponsored attack Blurred lines between cyber security and cyber attack
National security • Manufacturing plants seriously damaged • Energy grids shut down • Cars manipulated Attacks • It’s only a matter of time before such attacks become more common • more physically dangerous to both people and property Experts
• Cybersecurity involves protecting information and systems from major cyberthreats, such as cyber terrorism, cyber warfare, and cyber espionage. • In their most disruptive form, cyberthreats take aim at secret, political, military, or infrastructural assets of a nation, or its people. • Cybersecurity is therefore a critical part of any governments’ security strategy. National Cyber Security
International efforts In the early 1970s, ICAO adopted the Annex 17 and published a Security Manual to assist its Member States to take measures for the prevention of unlawful interference, minimize its effects Cyber security threat was left unaddressed Chicago Convention on Civil Aviation still referred to cyber security as a “recommended practice” and not a “standard.”
International efforts • - Each Contracting State must develop measures in order to protect information and communication technology systems used for civil aviation purposes from interference that may jeopardize the safety of civil aviation • The ICAO is working on new safety standards for 2018 on large unmanned aircraft that can fly across borders Chapter 4 of Annex 17 now deals with cyber threats:
International efforts Beijing Convention, 2010, hailed as the first step forward in securing the aviation industry The treaties adopted in Beijing further criminalize the act of using civil aircraft as a weapon, and of using dangerous materials to attack aircraft or other targets on the ground It is in this Convention that the problem of cyber threats is implicitly addressed
Beijing 2010 An offence is also said to be committed where a person communicates information, which that person knows to be false, thereby endangering the safety of an aircraft in flight This can be applied to situations where personas are engaged in interrupting air navigation services However, “in flight” may restrict the scope of this provision if such communication is made when the doors are open or when the aircraft is not actually in flight
DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 1. It is the responsibility of States to act in such a way as to mitigate the risk posed by cyber threats, to build their capability and capacity to address such threats in civil aviation, and to ensure their legislative framework is appropriately established to take action against actors of cyber-attacks; • 2. Cyber capabilities applied to aviation should be used exclusively for peaceful purposes and only for the benefit of improving safety, efficiency and security; • 3. Collaboration and exchange between States and other stakeholders is the sine qua non for the development of an effective and coordinated global framework to address the challenges of cybersecurity in civil aviation
DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 4. Cybersecurity matters must be fully considered and coordinated across all relevant disciplines within State aviation authorities; • 5. Cyber-attacks against civil aviation must be considered an offense against the principles and arrangement for the safe and orderly development of the international civil aviation;
DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 6. The ratification and entry into force of the Beijing Instruments would ensure that a cyberattack on international civil aviation is considered an offence, would serve as an important deterrent against activities that compromise aviation safety by exploiting cyber vulnerabilities, and therefore it is imperative that all States and ICAO work to ensure the early entry into force and universal adoption of the Beijing Instruments, as called for in ICAO Assembly Resolution A39-10: • Promotion of the Beijing Convention and Beijing Protocol of 2010; and Reiterate our commitment to the development of a robust, efficient and sustainable civil aviation system.
•Position civil aviation cyber security as a high priority on the international diplomatic agenda • Adopt end-to-end holistic vision •create a robust cyber security risk response plan that may avoid gaps, overlaps, duplication of qualification/certification efforts or interoperability issues describes and monitors roles and responsibilities of all stakeholders to •States responsibilities • guidelines to manage current and future cyber threats and vulnerabilities, and continuously update those through a comprehensive Air Transport Cyber security Management System; • establish Centre (National& international) for Cyber Security in Aviation • develop & increase capabilities in managing major cyber crisis in Aviation •Avoid unbalanced regulatory developments from different regions of the world Mitigating cyber threats in civil aviation Aeronautics, Space, Defence and Security Industries in Europe ASD’s Civil Aviation task force
Plan of Action Awareness, capacity building Collaboration Legislations, Regulations and standards Information Exchange
Shared responsability • Giving the nature of the sector, and the cyber space, as well as the extended surface of implicated authors in the sector, • cyber protection is a shared responsibility among all stakeholders (governments, airlines, airports, and manufacturers) States’ engagement
Industry-Led Public Private Partnerships The private sector should take the lead on developing the new regime has expertise about their companies to know where their cyber security stands what needs to be done to effectively increase their protection without misallocating company resources Government participation adds important pieces to make this a reality incentive information financial resources ability to facilitate coordination among private companies
Specific & general approach Specific Approach tailored to the civil aviation needs a general approach must be considered • transportation is part of the critical infrastructure • technologies employed in civil aviation are also used in other sectors and are, therefore, subject to the same cyber threats • But: A Framework designed to provide high-level guidance to all critical infrastructure sectors, that don’t address the particularities of civil aviation’s cybersecurity needs won’t be effective
Proactive Law Approach In civil Aviation industry engineering, management, operations, maintenance, etc… are conceptualized around ICTs’ use • Security and safety should follow there is a need for the law to be conceptualize around the nature, the own challenges and the risks of technology, by adopting a proactive approach, that allows better adoption of the law to the new environment
The law has to discipline: • the organization of internal controls • the functioning • roles and responsibilities related to the development and the management of Civil aviation ITC systems • liabilities and obligations in all related activities, in administration, operations, services or other • Nation States commitment
Existing blocks • Air law conventions • Cyber crime conventions • Personal data protection • Intellectual property • illegal inception of transmission of computer data • data interception and exchange interception • NIS European Directive & other tools Is it enough?
Proactive law helps: applying sound legal practices: • to create future facts • - to plan a future course of conduct • - to strengthen the awareness of the population for self-protection and a safe behavior in order to reduce risks and avoid legal trouble – Predicting human behavior – Adopting Interdisciplinary approach – Using economic methods – Avoiding Laws falling behind in context and time
Importance of this approach? It aims at helping people avoid legal trouble, disputes, and litigation It helps build a protective system or a defense mechanism that makes administration, its management and personnel, strong and resistant and keeps them in good legal situation and “immune” to the legal risks inherent in ICTs
Technical Side A combination of defense in depth, resiliency, and advanced defense measures Rethink cybersecurity’s approach “from walling off the system to detecting, monitoring and mitigating attacks on the system” Making cyber defence testing part of the airworthiness certification process for ICAO and other organizations
Protecting against APTs protects to protect against common threats APTs currently make up a small portion of cyberthreats protecting against APTs will inherently protect against common threats prepared for the worst-case scenario • prepared for less drastic attacks Common threats: make up the larger portion can be mitigated by basic cyber security efforts are often one step in the APT attack method
Sector based risk Approach develop regulations that are sector appropriate The sector based risk assessments shall consider general framework of National Infrastructure Protection Plan Legislation should: • harmonize efforts between all multistaholders to avoid neighborhood wars • support collaboration between industry and government partners • foster mutually agreed-upon solutions targeted at increasing collective security
Working toward Cyb Air Security development of new national legislation that defines: • how civil aviation sector assets are protected • Organization of cooperation and collaboration between the public and private sectors At the international level: • Efforts to stop current and emerging information threats and attacks Answer the challenges lying behind: - understanding the needs and conditions that exist in both public and private sectors and of all stakeholders - Reduce and eliminate lack of trust – Build rules on international, regional or national agreements that consider all parties Enhance collaboration between governments, industry, international bodies, private initiatives, academic sector, and all stakeholders
Working toward Cyb Air Security Fostering a “digital Chicago’s provisions” for cyber security Building strong partnerships Developing a common regulatory culture for mutual recognition and understanding of emerging evolving cyber threats Ensuring openness of air transport market and convergence of regulatory system in all domain in the civil aviation
The way ahead! Adoption of security by design. integrated security systems by the industry Working on performance metrics to “measure and report on the effectiveness of all of cyber risk mitigation activities or cybersecurity position” Considering Mitigation of APTs as critical step to create stronger protection Focusing on resilience and cyber survivability
The way ahead Reinforcing cooperation between International Partners Exchanging information and organization safety data Enhancing interdependence to promote stability, security and sustainable development Issuing c security certificates stating adoption of cyber standards and rules, 44
Thank you Let’s be Cyber Alerted Make Cyber Security part of the sector DNA

Recommandé

Cyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoCyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoOWASP Delhi
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil AviationNetwork Intelligence India
 
Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in TransportationOren Elimelech
 
cyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIcyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIfEngel
 
Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Security Aspects in Aviation Sector
Security Aspects in Aviation SectorSecurity Aspects in Aviation Sector
Security Aspects in Aviation SectorSanjeev Sinha PMI-PBA®, CSM®
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity European Services Institute
 
municipal_drones_FINAL
municipal_drones_FINALmunicipal_drones_FINAL
municipal_drones_FINALMartin Tom-Petersen
 

Recommandé

Cyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoCyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoOWASP Delhi
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil AviationNetwork Intelligence India
 
Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in TransportationOren Elimelech
 
cyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIcyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIfEngel
 
Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Security Aspects in Aviation Sector
Security Aspects in Aviation SectorSecurity Aspects in Aviation Sector
Security Aspects in Aviation SectorSanjeev Sinha PMI-PBA®, CSM®
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity European Services Institute
 
municipal_drones_FINAL
municipal_drones_FINALmunicipal_drones_FINAL
municipal_drones_FINALMartin Tom-Petersen
 
Cyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPASCyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPASGiovanni Panice
 
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...Bikram Kumar Sinha
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 African Cyber Security Summit
 
ADAM ADLER FLORIDA
ADAM ADLER FLORIDA ADAM ADLER FLORIDA
ADAM ADLER FLORIDA AdamAdler10
 
Maritime Cyber Security Education
Maritime Cyber Security EducationMaritime Cyber Security Education
Maritime Cyber Security EducationValentin Bañaco
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaAngeloluca Barba
 
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli ALIAS Network
 
Flying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressedFlying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressedWilliam Piedra
 
CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113Adlan Hussain
 
The need for security
The need for securityThe need for security
The need for securityDhani Ahmad
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityZymbian
 
ACA Group Presentation
ACA Group PresentationACA Group Presentation
ACA Group PresentationHamed Jabbari
 
Aviation Security Challenges: Practical Solutions
Aviation Security Challenges: Practical SolutionsAviation Security Challenges: Practical Solutions
Aviation Security Challenges: Practical SolutionsProfessional Aviation Services
 
Eidws 109 communications
Eidws 109 communicationsEidws 109 communications
Eidws 109 communicationsIT2Alcorn
 
amrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdfamrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdfamrapalibuildersreviews
 
Technical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNOTechnical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNOLucas Oostrum
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security applicationRihab Chebbah
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repairedSaransh Garg
 
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warezCe hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warezVi Tính Hoàng Nam
 
Defentect cbrn threat_detection system
Defentect cbrn threat_detection systemDefentect cbrn threat_detection system
Defentect cbrn threat_detection systemSandeep Kumar
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsCybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
 

Contenu connexe

Tendances

Cyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPASCyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPASGiovanni Panice
 
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...Bikram Kumar Sinha
 
ADAM ADLER FLORIDA
ADAM ADLER FLORIDA ADAM ADLER FLORIDA
ADAM ADLER FLORIDA AdamAdler10
 
Maritime Cyber Security Education
Maritime Cyber Security EducationMaritime Cyber Security Education
Maritime Cyber Security EducationValentin Bañaco
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaAngeloluca Barba
 
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli ALIAS Network
 
Flying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressedFlying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressedWilliam Piedra
 
CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113Adlan Hussain
 
The need for security
The need for securityThe need for security
The need for securityDhani Ahmad
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityZymbian
 
ACA Group Presentation
ACA Group PresentationACA Group Presentation
ACA Group PresentationHamed Jabbari
 
Eidws 109 communications
Eidws 109 communicationsEidws 109 communications
Eidws 109 communicationsIT2Alcorn
 
amrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdfamrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdfamrapalibuildersreviews
 
Technical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNOTechnical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNOLucas Oostrum
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security applicationRihab Chebbah
 
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warezCe hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warezVi Tính Hoàng Nam
 
Defentect cbrn threat_detection system
Defentect cbrn threat_detection systemDefentect cbrn threat_detection system
Defentect cbrn threat_detection systemSandeep Kumar
 

Tendances (20)

Cyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPASCyber Security and Cyber-Resilience for RPAS
Cyber Security and Cyber-Resilience for RPAS
 
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
Database management for Secured operation of Aircraft by Bikram Kumar Sinha, ...
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
ADAM ADLER FLORIDA
ADAM ADLER FLORIDA ADAM ADLER FLORIDA
ADAM ADLER FLORIDA
 
Maritime Cyber Security Education
Maritime Cyber Security EducationMaritime Cyber Security Education
Maritime Cyber Security Education
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
 
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
INNOVATIVE TECHNOLOGIES IN RPAS by Sarah Bardelli
 
Flying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressedFlying robot corp pitch deck jan 2019 compressed
Flying robot corp pitch deck jan 2019 compressed
 
CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113CNL Software IPSecurityCenter Case Studies Presentation 0113
CNL Software IPSecurityCenter Case Studies Presentation 0113
 
The need for security
The need for securityThe need for security
The need for security
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 security
 
ACA Group Presentation
ACA Group PresentationACA Group Presentation
ACA Group Presentation
 
Aviation Security Challenges: Practical Solutions
Aviation Security Challenges: Practical SolutionsAviation Security Challenges: Practical Solutions
Aviation Security Challenges: Practical Solutions
 
Eidws 109 communications
Eidws 109 communicationsEidws 109 communications
Eidws 109 communications
 
amrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdfamrapali builders -- maroochy water-services-case-study briefing.pdf
amrapali builders -- maroochy water-services-case-study briefing.pdf
 
Technical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNOTechnical aspects concerning the safe and secure use of drones by TNO
Technical aspects concerning the safe and secure use of drones by TNO
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repaired
 
Ce hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warezCe hv6 module 50 software piracy and warez
Ce hv6 module 50 software piracy and warez
 
Defentect cbrn threat_detection system
Defentect cbrn threat_detection systemDefentect cbrn threat_detection system
Defentect cbrn threat_detection system
 

Similaire à 0503 al achkar-jabbour_lebanese_univ_rev

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsCybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsSITA
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...DaveNjoga1
 
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...DroneSec
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Robots in The Chemical Industry
Robots in The Chemical IndustryRobots in The Chemical Industry
Robots in The Chemical IndustryIJRTEMJOURNAL
 
Cybersecurity for Chemical Industry
Cybersecurity for Chemical IndustryCybersecurity for Chemical Industry
Cybersecurity for Chemical Industryjournal ijrtem
 
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax Cybersec
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Business Finland
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Benjamin Ang
 
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCommunity Protection Forum
 
Cyber Sec Project Proposal
Cyber Sec Project ProposalCyber Sec Project Proposal
Cyber Sec Project ProposalChris Young
 
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...ssuser793b4e
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 

Similaire à 0503 al achkar-jabbour_lebanese_univ_rev (20)

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthy
 
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World AirportsCybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
Cybersecurity - Dominic Nessi, Former CIO, Los Angeles World Airports
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation Sector
 
P04-AIDC-NAM-IDC04.pdf
P04-AIDC-NAM-IDC04.pdfP04-AIDC-NAM-IDC04.pdf
P04-AIDC-NAM-IDC04.pdf
 
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...
Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...
 
CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste Yankey
 
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...
The Need for Drone Forensic Investigation Standardisation (Evangelos Mantas) ...
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
vjvja.pptx
vjvja.pptxvjvja.pptx
vjvja.pptx
 
Robots in The Chemical Industry
Robots in The Chemical IndustryRobots in The Chemical Industry
Robots in The Chemical Industry
 
Cybersecurity for Chemical Industry
Cybersecurity for Chemical IndustryCybersecurity for Chemical Industry
Cybersecurity for Chemical Industry
 
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
 
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Cyber Sec Project Proposal
Cyber Sec Project ProposalCyber Sec Project Proposal
Cyber Sec Project Proposal
 
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...
A Study of Cyber Security Threats, Challenges in Different Fields and its Pro...
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 

Dernier

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 

Dernier (20)

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

0503 al achkar-jabbour_lebanese_univ_rev

  • 1. Cyb-Air Security in Civil Aviation Mona Al Achkar Jabbour Lebanese University Pan arab Observatory for Cyber Security LITA ICAO/UNOOSA Symposium, 28-31 August 2017
  • 2. Security: Safeguarding civil aviation against acts of unlawful interference. •measures •human •material resources This objective is achieved by a combination of: Cyber security is about the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access. But, it is also bout resiliency and survivability
  • 3. Deal with unlawful acts like : • unlawful seizure of aircraft • destruction of an aircraft in service • hostage‐taking on board aircraft or on aerodromes • forcible intrusion on board an aircraft, at an airport or on the premises of an aeronautical facility • introduction on board an aircraft or at an airport of a weapon or hazardous device or material intended for criminal purposes • use of an aircraft in service for the purpose of causing death, bodily injury, or damage to property or the environment
  • 4. Current landscape Developed Interconnection of civil aviation transport sector New technologies, and extension of connectivity use of Commercial Off The Shelf (COTS) solutions in the aviation industry Example: the field of Air Traffic Management (ATM) increase of the risk and the impact of threats to critical assets attackers become more numerous, adaptive and far- reaching Increase of cyber attacks Increase of points of attack extended on the entire industry chain including design, manufacturing, operation and maintenance processes of any aviation product next-generation cockpit that integrates connectivity and allows pilots to sync information with the outside world
  • 5. Emerging challenges Connectivity , digitization, Internet of things, cloud services, big data analytics, artificial intelligence, and cognitive systems bring: • opportunity for growth • efficiencies But?! They also bring: • new and novel threats • vulnerabilities • increasing systemic risk complexity
  • 6. Cyber New threats Emerging Challenges Three main targets could be the focus of cyber attacks on civil aviation: - internal airport computer systems - in-flight aircraft control systems - air traffic management systems Aviation widely and deeply relies on computer:
  • 7. civil aviation relies on electronic systems for critical parts of their operations Management Operations Technologues Systems Processed Information Talking Cyber Security concerns:
  • 8. • cyber-attacks directly affect CA systems even in the physical domains • numerous access points of attack • Any physical connection that passes data, is a potential pathway for an attacker • Examples: maintenance and logistic systems, radios, systems that connect operators and platforms (i.e. aircraft, pods). • Complexity: • vulnerabilities are not static • new vulnerabilities may be introduced with Every software update, every new capability, and every new piece of equipment • many operations dependencies will lie outside CA influence Cyber New Threats
  • 9. • Disruption of flight schedules • Blocking messages between cockpits and control systems • Manipulation of flight data • Data loss Cyber New Threats
  • 10.
  • 11. Report: Hackers broke into FAA air traffic control systems • Breaches exposed sensitive employee data, forced the shutdown of part of a network, and could have allowed hackers to disrupt the agency's mission- support network, a government report says. • 2006 US Federal Aviation Administration (FAA) was forced to shut down some of its air traffic control (ATC) systems in Alaska • 2009, An attack on an Federal Aviation Administration (FAA) computer – hackers obtained access to personal information on 48,000 past and present FAA employees
  • 12. Carnage: The charred wreckage of the Spanair flight after the crash in Madrid in 2008 which killed 154 • August 2008 The crash of Spanair flight 5022, killing 154 people – Civil Aviation Accident and Incident Investigation Commission of Spain reported that the crash occurred because the central computer system used for monitoring technical problems on board the aircraft was infected with malware
  • 13. • 2013, A cyber-attack led to the shutdown of the passport control systems at the departure terminals at Istanbul Atatürk and Sabiha Gökçen airports causing many flights to be delayed
  • 14. Growing threats: IOT Thanks to advanced technologies, Frequent Cyber-attacks can be carried out: from virtually anywhere by anyone with sufficient knowledge low-budget methodologies The goal of these attacks (confidential, critical or sensitive information, to manipulate or erase information and/or to control or destroy systems or services Results •- uncontrollability of aircraft •- local, limited , large scale •- taking down of system because of an indirect attack (victim of “collateral damage”)
  • 15. Growing threats: IOT • Risks are becoming physical • Some new connected devices could cause serious real-world damage Every new connected device represents a new link on the network SECURITY RISKS ARE INCREASING IN NUMBER, FREQUENCY AND IMPACT
  • 16. Growing Danger cyber-nihilism weapons are no longer restricted to a small group of actors, including government agencies and coding virtuosos, who follow a set of ethics. scary exploits are available (breaches at the NSA) , rogue nation states , criminals who purchase them on the dark net
  • 17. Warning So far, The attacks have primarily disrupted some support functions but they could get to the operational networks • (time surveillance, communications and flight information) Things can get worse, and damaging to the world peace, when we see that Nations attackers have been mentioned in many reports
  • 18. National Security •stuxnet, BearWeaponized malware •States sponsored attack Blurred lines between cyber security and cyber attack
  • 19. National security • Manufacturing plants seriously damaged • Energy grids shut down • Cars manipulated Attacks • It’s only a matter of time before such attacks become more common • more physically dangerous to both people and property Experts
  • 20. • Cybersecurity involves protecting information and systems from major cyberthreats, such as cyber terrorism, cyber warfare, and cyber espionage. • In their most disruptive form, cyberthreats take aim at secret, political, military, or infrastructural assets of a nation, or its people. • Cybersecurity is therefore a critical part of any governments’ security strategy. National Cyber Security
  • 21. International efforts In the early 1970s, ICAO adopted the Annex 17 and published a Security Manual to assist its Member States to take measures for the prevention of unlawful interference, minimize its effects Cyber security threat was left unaddressed Chicago Convention on Civil Aviation still referred to cyber security as a “recommended practice” and not a “standard.”
  • 22. International efforts • - Each Contracting State must develop measures in order to protect information and communication technology systems used for civil aviation purposes from interference that may jeopardize the safety of civil aviation • The ICAO is working on new safety standards for 2018 on large unmanned aircraft that can fly across borders Chapter 4 of Annex 17 now deals with cyber threats:
  • 23. International efforts Beijing Convention, 2010, hailed as the first step forward in securing the aviation industry The treaties adopted in Beijing further criminalize the act of using civil aircraft as a weapon, and of using dangerous materials to attack aircraft or other targets on the ground It is in this Convention that the problem of cyber threats is implicitly addressed
  • 24. Beijing 2010 An offence is also said to be committed where a person communicates information, which that person knows to be false, thereby endangering the safety of an aircraft in flight This can be applied to situations where personas are engaged in interrupting air navigation services However, “in flight” may restrict the scope of this provision if such communication is made when the doors are open or when the aircraft is not actually in flight
  • 25. DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 1. It is the responsibility of States to act in such a way as to mitigate the risk posed by cyber threats, to build their capability and capacity to address such threats in civil aviation, and to ensure their legislative framework is appropriately established to take action against actors of cyber-attacks; • 2. Cyber capabilities applied to aviation should be used exclusively for peaceful purposes and only for the benefit of improving safety, efficiency and security; • 3. Collaboration and exchange between States and other stakeholders is the sine qua non for the development of an effective and coordinated global framework to address the challenges of cybersecurity in civil aviation
  • 26. DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 4. Cybersecurity matters must be fully considered and coordinated across all relevant disciplines within State aviation authorities; • 5. Cyber-attacks against civil aviation must be considered an offense against the principles and arrangement for the safe and orderly development of the international civil aviation;
  • 27. DECLARATION ON CYBERSECURITY IN CIVIL AVIATION DUBAI, UNITED ARAB EMIRATES April 2017 • 6. The ratification and entry into force of the Beijing Instruments would ensure that a cyberattack on international civil aviation is considered an offence, would serve as an important deterrent against activities that compromise aviation safety by exploiting cyber vulnerabilities, and therefore it is imperative that all States and ICAO work to ensure the early entry into force and universal adoption of the Beijing Instruments, as called for in ICAO Assembly Resolution A39-10: • Promotion of the Beijing Convention and Beijing Protocol of 2010; and Reiterate our commitment to the development of a robust, efficient and sustainable civil aviation system.
  • 28. •Position civil aviation cyber security as a high priority on the international diplomatic agenda • Adopt end-to-end holistic vision •create a robust cyber security risk response plan that may avoid gaps, overlaps, duplication of qualification/certification efforts or interoperability issues describes and monitors roles and responsibilities of all stakeholders to •States responsibilities • guidelines to manage current and future cyber threats and vulnerabilities, and continuously update those through a comprehensive Air Transport Cyber security Management System; • establish Centre (National& international) for Cyber Security in Aviation • develop & increase capabilities in managing major cyber crisis in Aviation •Avoid unbalanced regulatory developments from different regions of the world Mitigating cyber threats in civil aviation Aeronautics, Space, Defence and Security Industries in Europe ASD’s Civil Aviation task force
  • 30. Shared responsability • Giving the nature of the sector, and the cyber space, as well as the extended surface of implicated authors in the sector, • cyber protection is a shared responsibility among all stakeholders (governments, airlines, airports, and manufacturers) States’ engagement
  • 31. Industry-Led Public Private Partnerships The private sector should take the lead on developing the new regime has expertise about their companies to know where their cyber security stands what needs to be done to effectively increase their protection without misallocating company resources Government participation adds important pieces to make this a reality incentive information financial resources ability to facilitate coordination among private companies
  • 32. Specific & general approach Specific Approach tailored to the civil aviation needs a general approach must be considered • transportation is part of the critical infrastructure • technologies employed in civil aviation are also used in other sectors and are, therefore, subject to the same cyber threats • But: A Framework designed to provide high-level guidance to all critical infrastructure sectors, that don’t address the particularities of civil aviation’s cybersecurity needs won’t be effective
  • 33. Proactive Law Approach In civil Aviation industry engineering, management, operations, maintenance, etc… are conceptualized around ICTs’ use • Security and safety should follow there is a need for the law to be conceptualize around the nature, the own challenges and the risks of technology, by adopting a proactive approach, that allows better adoption of the law to the new environment
  • 34. The law has to discipline: • the organization of internal controls • the functioning • roles and responsibilities related to the development and the management of Civil aviation ITC systems • liabilities and obligations in all related activities, in administration, operations, services or other • Nation States commitment
  • 35. Existing blocks • Air law conventions • Cyber crime conventions • Personal data protection • Intellectual property • illegal inception of transmission of computer data • data interception and exchange interception • NIS European Directive & other tools Is it enough?
  • 36. Proactive law helps: applying sound legal practices: • to create future facts • - to plan a future course of conduct • - to strengthen the awareness of the population for self-protection and a safe behavior in order to reduce risks and avoid legal trouble – Predicting human behavior – Adopting Interdisciplinary approach – Using economic methods – Avoiding Laws falling behind in context and time
  • 37. Importance of this approach? It aims at helping people avoid legal trouble, disputes, and litigation It helps build a protective system or a defense mechanism that makes administration, its management and personnel, strong and resistant and keeps them in good legal situation and “immune” to the legal risks inherent in ICTs
  • 38. Technical Side A combination of defense in depth, resiliency, and advanced defense measures Rethink cybersecurity’s approach “from walling off the system to detecting, monitoring and mitigating attacks on the system” Making cyber defence testing part of the airworthiness certification process for ICAO and other organizations
  • 39. Protecting against APTs protects to protect against common threats APTs currently make up a small portion of cyberthreats protecting against APTs will inherently protect against common threats prepared for the worst-case scenario • prepared for less drastic attacks Common threats: make up the larger portion can be mitigated by basic cyber security efforts are often one step in the APT attack method
  • 40. Sector based risk Approach develop regulations that are sector appropriate The sector based risk assessments shall consider general framework of National Infrastructure Protection Plan Legislation should: • harmonize efforts between all multistaholders to avoid neighborhood wars • support collaboration between industry and government partners • foster mutually agreed-upon solutions targeted at increasing collective security
  • 41. Working toward Cyb Air Security development of new national legislation that defines: • how civil aviation sector assets are protected • Organization of cooperation and collaboration between the public and private sectors At the international level: • Efforts to stop current and emerging information threats and attacks Answer the challenges lying behind: - understanding the needs and conditions that exist in both public and private sectors and of all stakeholders - Reduce and eliminate lack of trust – Build rules on international, regional or national agreements that consider all parties Enhance collaboration between governments, industry, international bodies, private initiatives, academic sector, and all stakeholders
  • 42. Working toward Cyb Air Security Fostering a “digital Chicago’s provisions” for cyber security Building strong partnerships Developing a common regulatory culture for mutual recognition and understanding of emerging evolving cyber threats Ensuring openness of air transport market and convergence of regulatory system in all domain in the civil aviation
  • 43. The way ahead! Adoption of security by design. integrated security systems by the industry Working on performance metrics to “measure and report on the effectiveness of all of cyber risk mitigation activities or cybersecurity position” Considering Mitigation of APTs as critical step to create stronger protection Focusing on resilience and cyber survivability
  • 44. The way ahead Reinforcing cooperation between International Partners Exchanging information and organization safety data Enhancing interdependence to promote stability, security and sustainable development Issuing c security certificates stating adoption of cyber standards and rules, 44
  • 45. Thank you Let’s be Cyber Alerted Make Cyber Security part of the sector DNA