View
0
Download
0
Category
Preview:
Citation preview
Rad 3: Datum (skrivs in och uppdateras automatiskt).
©LFV 2019
A-CDM SWIM SOLUTION FOR LARGE, MEDIUM AND SMALL AIRPORTS
SWIM Service Implementation Workshop, December 2019
Peder Blomqvist, Åke Wall – LFV
Niklas Häggström, Mikael Månström – Knowledge Agency Europe
Tänk talarstöd och inte talarmanus.
Digital information for secure sharing with improved collaboration and awareness for air/landside actors for Airport Flight, Event, MET and Runway Services.
Arlanda Airport, Sweden
ATC, AU, APOC, MET, MED, Validation of Operational Procedures/Use cases including technical description of interfaces and Service Tool.
Tänk talarstöd och inte talarmanus.
Internet
API Gateway
Cyber Security
PKISWIM Registry
Services
ACDM – SPADS Users
SimulationVerificationValidation
• ACDM – SPADS UI Users (PC, Smartphones, iPad) implemented. ACDM- SPADS prepared for Microservices and B2B Users
• SWIM Services are designed and implemented including tool for Simulation, Verification and Validation of Services.
• Cyber Security, Super Safe Cloud solution including API for secure data payload for SWIM Services is realised
• Public Key Federated Infrastructure for authentication has been designed
• API-catalogue is based on Open Source
• ESB Mediation Open Source solution
• SWIM TI Yellow Profile and TCP/IP internet standards
Tänk talarstöd och inte talarmanus.
A-CDM improvements areas with direct or indirect proven links to efficiency enhancement by the use of SWIM Services
Improve predictability Improve on-time performance Reduce ground movement costs Optimise/enhance use of ground
handling resources Optimise/enhance use of stands, gates
and terminals Optimise the use of the airport
infrastructure and reduce congestion Reduce ATFM slot wastage Flexible predeparture planning Reduce apron and taxiway congestion
Tänk talarstöd och inte talarmanus.
Scenarios overviewSN
OW •MET-induced
operational scenario
•Airport Operations Centre (APOC) and Air Traffic Control (ATC)
•SNOWTAM, Runway Capacity & Flight Information
•SESAR SWIM Services
MED
ICA
L •Medical event scenario
•Airspace User, APOC and ATC
•Event, File and Flight Information
•Mix of SESAR and SPADS research services
TEC
HN
ICA
L •API catalogue / SWIM Registry
•Service configuration and orchestration
•SWIM Technical Infrastructure Profiles and bindings
Tänk talarstöd och inte talarmanus.
Medical scenario summary
Medical details (Confidential)
Sick passenger
New Stand
New Event Update Arrival Sequence
Airspace User
Air Traffic Control
Airport Operations
SOS Alarm
1
2 3
4
5
Tänk talarstöd och inte talarmanus.
SWIM PROTOTYPE AIRPORT DIGITAL SERVICES - PROJECT- a lifecycle perspective
SWIM Federation
Architecture
Specification
Development & testing
Deployment
Service discovery
Service use
IT Operations
• Service providers & consumers• SWIM infrastructure
• PKI• SWIM Registry
• Secure file & payload exchange
• SESAR design• EUROCAE Specification• EUROCONTROL standards• SWIM Governance• SWIM Service Business model
• Development approach• Service Test Review and
Acceptance tool (STRAX)• Demonstration of automated
testing
• Registration in API Catalogue/ SWIM Registry
• Approval process
• Catalogue integration• Browsing the API
catalogue/taxonomy
• Connecting to service providers
• Security, including authentication and authorisation
• Monitoring of Services availability and performance
• Service orchestration
SPADS technical components
Simulation
Cyber Security
PKI
Services
API-catalogue
SESAR Service Specifications SPADS Service Specifications
SWIM-TI Yellow Profile• SOAP / XML• REST / XML• AMQP / XML
Airport Flight Information
Runway Management Information
SNOWTAM METAR TAF
EventSecure File /
Payload
Yellow Profile• REST / JSON
Peer-to-peer• Proprietary
API• REST / JSON
Tänk talarstöd och inte talarmanus.
Service canvas – a SPADS innovation
Providers• Swedavia (APOC)
Consumers• LFV (ATC)
Provider revenue
• Not disclosed
Consumer value
• Cost-efficient way of acquiring flight information
• Improved operational responsiveness
• Improved collaboration with partners
Supported ATM Capabilities
• Collaborative Airport Management• Demand and Capacity Balancing
(airport)
• Departure Sequencing• Arrival Sequencing• Target Time Arrival Optimisation
Exchanged Information
• Flight ID & Aircraft information• Runway, Stand & Gate for flight• Outbound times: Scheduled Off-
Block• Destination Aerodrome
(outbound)
Benefiting Activities• Manage Airport Operations Plan• Manage stands and gates• Facilitate airport part of trajectory• Manage turn-round• (Pre-)Departure Sequencing
Consumer Resources• Airport Operations Centre
Provider Resources
• Aerodrome Control Tower• Area Control Centre
Required Activities
• Manage traffic
Channels• SWIM-Technical Infrastructure, Yellow profile• SOAP over HTTPs (Request/Reply) and AMQP (Publish/Subscribe)• Certificate based authentication (X.509 PKI)
Airport Flight Information Service
• Provides information and alerts regarding inbound flights, landing in airports and outbound flights, taking off from the airports.
Service Measures
• Accuracy of provided flight information (Estimated vs Actual)
• Coverage of flight information (% of flights)
• Service availability
Airport Flight Information Service – Swedavia to LFV
Tänk talarstöd och inte talarmanus.
Service development platform
STRAX, is a complete tool to support projects when developing and testing services as well as supporting operational projects in concept development, validation and demonstration exercises.
Ensure Collaboration Verify Interoperability Conformance validation Shorten Development time Ease Integration
Interface validation
Automatic Service testing
Service Simulation
Record and replay
(playback)
Scripting
Configuration
STRAX
Service Test, Review and Acceptance tool
Tänk talarstöd och inte talarmanus.
SPADS Cyber Security SWIM payload solution
• Solves ”design conflict” of global information sharing with many actors at the same time as sensitive information can be restricted on a need to know basis.
• The Event is accessible to many actors but not everybody needs to know the full details of everything.
• Zones provide a key building block in order to introduce restricted access to information and to collaborate securely.
• Zones can be created and changed dynamically but is best created in advance
• Zones provides the possibility to extend secure collaboration outside a federation, e.g. police, authorities.
Cross-reference
Medical file zone
Event zone
Lessons learned
SWIM Operational benefits
• Clarifies roles and responsibilities
• Improved situational awareness through exchange of flight information
• Decreased workload on flight deck
• Increased throughput at airports
• Increased collaboration with meteorological service providers
• Enables flexibility in multi-stakeholder operational environments
©LFV 2019
Lessons learned
SWIM Technical aspects
• Service specifications were important
• Easy to implement new services with to the service development tool
• Easy to separate sensitive data payload from non sensitive data with the SWIM Cyber Security payload solution
• Demonstrated compliance to the proposed registry standard set up (ECTL-LFV-SWEDAVIA-FAA)
• Flexible reuse of the services and scalable large/small airport
• SPADS PKI Architecture fulfils SWIM goals –flexibility, service oriented, common sharing
Tänk talarstöd och inte talarmanus.
SPADS – detailed information
SPADS - Project main report and appendixes
1. LFV_SPADS_Main_report_TRV_version_1.02. LFV_SWIM Prototype Airport Digital Services (SPADS) - Project Plan v1.13. LFV_SPADS_Operational_description_version 1.04. LFV_SPADS_SWIM_CANVAS_version_1.0_final5. LFV_SPADS_Final_Report_Technical_Architecure_version_1.06. LFV_SPADS_Final_Report_STRAX_version_1.07. LFV_SPADS_prototype_components_synkzone_description_version 1.08. LFV_SPADS_prototype_components_SWIM_registry_description_version 1.09. LFV_SPADS PKI Conceptual Design Presentation version 1.010. LFV_SPADS_Service Description for Airport Event Service_version 1.011. LFV_SPADS_SWIM_Candidate_Airport_Event_Service_Specification_version 1.012. LFV_SPADS Demo 2 STHLM Day 1 Full13. LFV_SPADS Demo 2 STHLM Day 2 Full14. LFV_SPADS_Prestudy v1.0
Peder Blomqvist, Knowledge Agency Europe peder.blomqvist@knowledgeagency.seNiklas Häggström, Knowledge Agency Europe niklas.haggstrom@knowledgeagency.se
Tänk talarstöd och inte talarmanus.
Hemavan Airport, Sweden
Digital information sharing for improved collaboration and awareness - Airport, AFIS, ATC and Network
Tänk talarstöd och inte talarmanus.
ACDM Lite Hemavan Airport – Overview
SWIM
standards
infrastructure
Governance
ATM Information
Qualified parties
Services
Fact finding study Hemavan Airport
Technical description
Process and Use Cases
ACDM Lite Beta version - Validation
Tänk talarstöd och inte talarmanus.
Airport Collaborative Decision Making (A-CDM) for the smallest airports• Low cost and focus on AFIS Airports
NUMBER A-CDM MILESTONE TIME REFERENCE
MST3 Take off from outstation ATOT from outstation
Estimated Landing Time ELDT
MST6 Landing ALDT
MST9TOBT update prior to issue of
TTOT
Issue of Target Take Off Time TTOT
MST16 Actual Take Off Time ATOT
Tänk talarstöd och inte talarmanus.
ACDM Lite - setup for information exchange
ACDM Lite Beta tool, with web interface, for AFIS Vilhelmina - ESNV AFIS Hemavan - ESUT
• Arrival list
– Display of Landing times
• ELDT
– Update AFIS and Airport
• Departure list
– Setting of Departure times
• TOBT, TTOT and ATOT
– Update ATC and Network
Tänk talarstöd och inte talarmanus.
SWEDAVIA / LFV
Potential use of SESAR/NM SWIM Service specifications
LFV
EUROCONTROL
NM
Flight
Data
Regional ATFCM
ATFCM
Flight PlansFlight Data
Vilhelmina Airport
Airport Flight
Information
ACDM-Lite configuration
Aerodrome AFIS
Airport Operations
Centre
TSATTTOTATOT
ELDT
Airport
Flight
Information
Hemavan Airport
Airport Flight
Information
ACDM-Lite configuration
Aerodrome AFIS
Airport Operations
Centre
LFV
Flight
DataFlight Data
Airport
Flight
InformationTOBTTTOTATOT
Stockholm ER ACC
Arlanda Tower
En-Route / Approach
ATC
Aerodrome ATC
Används då du vill skriva ett kort citat, en fråga eller en siffra att diskutera runt.
©LFV 2019
Cyber security
Tänk talarstöd och inte talarmanus.
ACDM Lite project relations
- Operational Scenario- Use Cases, general- Stakeholders- Systems
- Use Cases, exchanges- Information Exchange Requirements (IER)- Information Exchange Services
SWIM
sp
ecif
icat
ion
sSE
SAR
20
20
, SW
IM G
ove
rnac
e
Tänk talarstöd och inte talarmanus.
• Conclusions & Rekommendations
• Security Assessment Report
SecRAM, SESAR 2020
Cyber Security Methodology and catalogues
ISO 27000 series-----------------------------------------------
• Draft EUROCONTROL Specifications for SWIM
NIST Cybersecurity controls -----------------------------------------------
• SESAR 2020 European ATM Architecture, EATMA
Reference Material
Content & relations
• From main ACDM-lite project
Operational Scenario
• From SWIM subproject
Information Exchange
Requirements
• From SWIM subproject
Service Analysis
Security Risk Asessment
Cyber Security Objectives
Enviroment Assumptions
Risk Evaluation & Treatment
Collaborative support
Tänk talarstöd och inte talarmanus.
Primary Asset Identification & Impact analysis
IE # Primary assets C I A
1 PA#1 Scheduled Flight Trajectory / NM Flight Data Service 4 3 2
2 PA#2 Target Off Block Time TOBT / Airport Flight Information Publication Service 3 2 2
3 PA#3 Target Start-Up Approval Time TSAT / Airport Flight Information Publication Service 3 2 2
3 PA#4 Target Take Off Time TTOT / Airport Flight Information Publication Service 3 2 2
4 PA#5 Actual Take Off Time ATOT / Airport Flight Information Publication Service 3 3 3
5 PA#6 Flight Update Message / NM Flight Data Service 3 3 2
6 PA#7 Radar Plot (Position, Altitude, Speed, Heading) 3 3 3
7 PA#8 Estimated Landing Time ELDT / Airport Flight Information Publication Arrival Service or
Management Information Service 4 3 2
8 PA#9 Actual Landing Time ALDT / Airport Flight Information Publication Service 3 2 2
Security Risk Asessment
These numbers are a measure of how business/operations can be impacted frombreaches of confidentiality (C), integrity (I) or from non-availability (A) affecting thelisted information, information exchange or information exchange service.
Impact scale: 1 No impact; 2 Minor; 3 Severe; 4 Critical; 5 Catastrophic
Tänk talarstöd och inte talarmanus.
Supporting Asset (SA) identification
SA #2 example
Security Risk Asessment
PA #1
SA #1
SA #2, Communication CannelNote: Underlying protocols are 2-way.
Tänk talarstöd och inte talarmanus.
Identification of Threats and Vulnerabillities to Supporting Assets
Security Risk Asessment
Supporting assets Threats
Primary assets
PA#1 PA#2
.
PA#3/4
.
PA#5 PA#6 PA#7
.
PA#8
C I A C I A C I A C I A C I A C I A C I A
SA#1
ACDM Lite Server
T#X Xxxxxx
T#Y Yyyyyyy
…
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
SA#X
AFIS OperatorT#X Xxxxxx
T#Y YyyyyyySA#3
ATFCM – ACDM Lite
Server Communication
system
T#2 Wireless communications jamming
T#3 Ground message spoofing
T#4 Flooding over wireless communication means
T#7 Use of Electro-Magnetic Energy (EMI/EMP
)T#9 Unauthorized use of equipmentX
X
X
X
X
X
XX
X
X
X
X
X
Note: Real world, detailed, Threat/Vulnerability scenario impact analysis should be confidential
Tänk talarstöd och inte talarmanus.
Risk Level Treatment
Risk Evaluation & Treatment
ApplicableSESAR Minimum Set of Security Controls (MSSC)
based on ISO 27002Additional/strengthened controls/requirements
Risk Treatment options to be agreed:Accept (Tolerate) for GREN/ORANGE RISK LEVEL.Transfer risks managed by external stakeholders.Avoid risks considered to high or where counter
measures to reduce too costly.Reduce (Mittigate) for remaining RED RISK LEVEL
Tänk talarstöd och inte talarmanus.
Conformance to the SWIM Specifications - Implemented with SWIM services using SWIM technical infrastructure, cyber security
at that level can be chosen from standardised best-practise levels e.g. defined in Eurocontrol Specifications for TI Yellow Profile.
- At present no common PKI solution is defined for SWIM (ongoing) but providers such as Eurocontrol Network Manager have solutions for their own services.
Maturity and evolution (cyber security part)
- Risks levels seem acceptable with SESAR Minimum Set of Security Controls apart from sensitive flights/circumstances case.
- Safety and physical security assessment has to be made to analyse risks in safety area and if physical security is as assumed.
Tänk talarstöd och inte talarmanus.
Lessons learned
- Nr of analysed combinations can be difficult to handle without loosing relevance
- Handle “special” cases separately
- Tools support efficient work (WhatIf analysis, Overview/Details, Extrems analysis)
- Consult subject matter experts for impact analysis
- Pay special attention to interfaces to safety, physical security, collaborative support, …
- Check transferred risks treatment by third-parties and assess the remaining risk
- Review this Security Risk Assessment regularly in order to ensure it is up to date, e.g. SWIM PKI
- SWIM specifications incl. “Service Definition” and SecRAM/ISO 27000 series standards are good pillars for SWIM Cyber Security work but need to be tailored to enterprise/ systems considered.
Tänk talarstöd och inte talarmanus.
ACDM Lite Hemavan – detailed information
ACDM Lite - Project reports
– Processes and Use Cases
– Technical description
– Validation and Verification
– SWIM analysis
– Cyber Security analysis
Åke Wall, LFV Sweden ake.wall@wallconsulting.se
Mikael Månström, Knowledge Agency Europe mikael.manstrom@knowledgeagency.se
Tänk talarstöd och inte talarmanus.
Recommended