Print Friendly, PDF & Email

With their expensive aircraft, crowds of passengers and databases of user data, airports are a prime target for the world’s criminals.

While there are many similarities between cybersecurity practices in aviation and cybersecurity practices in other industries, professionals in aviation face unique challenges.

For the aviation industry, digitalization of operations presents airports and airlines alike with a huge opportunity to reduce flight delays, improve customer experience and boost their bottom line.

Without question, digitalization of airport and aviation applications improves the average traveler experience. The downside is that by increasingly relying on digitalization – especially the interconnectedness of Internet of Things (IoT) devices – aviation has exposed itself to added cybersecurity vulnerabilities.

In other words, innovative new technologies in the aviation field promise to enhance communication, but they also open up new potential vulnerabilities. One such technology is the electronic flight bag (EFB), a tablet-based replacement for the bulky binders that pilots historically brought along for every flight. While convenient, EFBs pose a security risk that airlines need to assess and mitigate. Unfortunately, a recent survey found that many airlines have not created such a plan.

Cybersecurity is also vital in the Air Force. In 2018, the Air Force started a program to fundamentally reorient its IT staff, reframing their role away from servicing email systems and toward cybersecurity. Now, its IT professionals are part of mission defense teams that carry out the Air Force’s cyber operations.

The Air Force recognizes the crucial role of cybersecurity in accomplishing its core missions. As cyberattacks become an increasingly common tool for disruption and destabilization, the Air Force needs highly-trained teams devoted solely to using IT services for mission assurance.

The Air Force’s reshaping of its IT department is part of a defense-wide initiative to respond to threats to the aviation sector. The updated National Strategy for Aviation Security (NSAS), published by the White House in late 2018, recognizes that emerging technologies are threatening the aviation ecosystem, and it calls for federal, state and local authorities to work with the private sector.

While airport officials and airline CEOs invest heavily to find ways to patch digital vulnerabilities, a new profession has emerged to help combat cyberattacks.

The aviation cybersecurity systems engineer is becoming a valuable member of the aviation community. Responsibilities include performing security assessments of proposed and existing avionics systems using applicable industry guidance and methods. The position also works with
internal engineering teams and OEM partners to plan, design and develop security architectures to meet certification and business requirements.

The aviation cybersecurity systems engineer also maintains aviation security processes and develops and coordinates the execution of test procedures to verity security measures.

Want to learn more? Tonex offers Aviation Cybersecurity Training Bootcamp, a 3-day course focused on cybersecurity oriented aviation training covering civilian and military aircraft cybersecurity and operation analysis including: airworthiness security DO-326A/ED 202A, information and data, mission, networks, technology, embedded avionics systems and the holistic system security engineering problem 360 degree.

Additionally, Tonex offers another 45 courses in Aerospace & Defense Engineering, including:

Combat Systems Engineering Training (3 days)

ARINC 429 Training (2 days)

DO-178 Training/DO-178C Training/DO-254 Training (4 days)

Applied Systems Engineering for Logisticians (3 days)

Intro to Fiber Optics and Infrared Sensors (3 days)

For more information, questions, comments, contact us.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.