Cybersecurity is the backbone of safe and efficient Advanced Air Mobility (AAM) operations. SkyGrid’s latest white paper, Closing the Gap: Addressing the Need for Comprehensive Cybersecurity in Advanced Air Mobility and Autonomous Aviation, calls on stakeholders to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework to ensure secure operations and build trust in autonomous systems, which is a necessity for adopting AAM.
Current AAM Cybersecurity Standards
Regulatory bodies, like the Federal Aviation Administration (FAA), the International Civil Aviation Organization (ICAO), and the European Union Aviation Safety Agency (EASA), outline cybersecurity standards for aviation. The standards currently laid out ensure safety and security for traditional crewed flight operations and conventional onboard aircraft systems.
However, the current cybersecurity standards and regulations reveal significant gaps when applied to AAM and autonomous flight. These standards don’t address the needs of highly automated systems or provide end-to-end security in distributed systems and networks. As these new aviation technologies rely on connected and distributed digital infrastructure, gaps left from insufficient standards make AAM operations highly susceptible to cyber threats.
Existing regulations also lack specific guidance for AAM and do not address the complexity of operations. This includes managing risks related with one operator overseeing multiple flights, utilizing cloud-based data storage, implementing real-time communication systems, and enabling remote management capabilities. Currently, AAM stakeholders have limited options for ensuring the cybersecurity of their advanced systems, highlighting an urgent need for a cybersecurity framework that adapts to the evolving AAM landscape.
Cyber Threats Facing Third-Party Service Providers
As a hub for data management, navigation, and communication, Third-Party Service Providers (TSPs) become appealing targets for cyber threats. Significant risks stem from the connectivity required between ground-based systems and autonomous aircraft.
A cyberattack on a TSP’s network could disrupt the data flow necessary for real-time situational awareness, potentially leading to a loss of separation, collisions, encounters with hazardous weather, or other operational risks. A hacker could compromise the TSP’s data server, alter navigation data sent to an autonomous vehicle, mislead the vehicle’s automated systems, and cause it to deviate from its intended route or violate airspace regulations, resulting in potentially catastrophic consequences.
Many TSPs rely on cloud-based storage and processing to manage flight data, which automatically exposes their infrastructure to cyber threats like data breaches, ransomware attacks, and denial-of-service incidents. TSP systems need to maintain a secure and uninterrupted flow of data to guarantee operational safety, so vulnerabilities must be addressed to ensure the reliability and safety of autonomous operations. Given these risks, TSPs need to prioritize cybersecurity for AAM and autonomous operations to maintain trust, safety, and security.
Building Trust in Autonomous Systems
Secure TSP systems are essential to instill trust in the AAM ecosystem. Therefore, change from current cybersecurity standards is necessary. Aviation cybersecurity has historically been slow to adapt to changes, so infrastructure needs to be enhanced from now on.
NIST offers the most comprehensive solution for addressing TSP cybersecurity, ensuring that infrastructure is secure at every level. The framework also addresses a wide range of risks, from data protection and identity management to incident response and recovery. By adopting strong cybersecurity measures and taking a proactive approach, TSPs empower new aviation technology to function at a greater scale of autonomy. For TSPs like SkyGrid, a well-structured cybersecurity framework builds resilience in digital systems, minimizes risks, and protects critical data, leading to reliable and trustworthy operations.
Read the white paper to learn more about the NIST Cybersecurity Framework and the measures required to build trust in AAM and support safe autonomous flight.