Page 42 - AAA SEPTEMBER - OCOTBER 2017 Online Magazine
P. 42

COLUMN JEFF CASS



        Safe travels



        How blockchain and cloud can reinforce cyber security in
        commercial aviation




        Cyber-Attacks – Not If, but When    international airlines to meet, having to cope
        Like  most industry  segments,  airlines  are   with different data compliance laws across
        quickly realising that threats are just as   country borders.  This has implications on
        likely to come from inside the organization   data storage, a lot of which is now being held
        as from outside. Cyber-attacks have been   in the cloud. Companies that don’t have strict
        reported at airports across the world, and it   policies in place, lack data access controls or
        seems only a matter of time before we see   use legacy IT systems will struggle to keep
        an attack on a major airline.       their data secure.
           In response to this threat, many
        commercial aviation organizations are   Blue Sky Thinking               Jeff Cass is Vice President, Strategy at the
        actively hiring Chief Security Officers and,   Cloud solutions are a vital tool in the new   Aviation & Defence Business Unit at IFS
        according to a SITA Airline IT Trends Survey,   airline IT landscape, especially when dealing
        the number of airlines which said they were   with scheduled and unscheduled aircraft
        advancing  preparations to  manage  cyber   maintenance.  Having  mobile  devices  variety of businesses, from original
        risks has almost doubled to 91 percent in   wirelessly  connected to  software and  data   equipment manufacturers and  Tier 1
        the space of three years.           in the cloud frees up personnel from having   suppliers to airlines, airports and 3rd
           With more IoT-enabled sensors being   to physically or electronically store manuals   party MRO providers.  This presents an
        used, it’s actually the newer aircraft    and documents.  Powerful  and easy-to-use   interesting dilemma because not only
        fleets which have a higher chance of   mobile applications are now available to help   do you need to secure and protect data
        being attacked, many of which can be ill-  decipher the mountains of data available,   accumulated from each party, you also
        equipped to prevent unauthorised access.   finally leveraging the elusive “return on   need to be able to share it across this
        Increasingly being used for things such as   experience” to support mechanics in real-  broad supply chain.
        passenger  Wi-Fi, real-time air-to-ground   time.                          Blockchain technology is emerging
        communications are evolving to support   This also helps with compliance during   for this very purpose. In a Blockchain,
        mission critical functions such as inflight   inspections, as data on portable tools can   each record or ‘block’ of data has its
        fuel adjustments and aircraft health   be easily recorded. A cornerstone principal   own timestamp and is encrypted with
        monitoring,  both of  which  could  severely   in aviation compliance is having that second   credentials in a peer-to-peer relationship,
        disrupt airlines if compromised.    set of eyes. Allowing data to be shared   which  makes  malicious  tampering
           The safeguarding of data has become   across organisations lowers the potential   extremely difficult. All ‘blocks’ are linked
        a major challenge for airlines, one that   for errors as there is no longer the time   to the previous block of data, meaning the
        threatens to  disrupt  key practices  for  the   lag and  inaccuracy that workers have  been   only way to tamper with its content is to
        entire industry.                    accustomed to from paper records.   have the entire network of trusted peer-
                                               The new generation of cloud solutions can   to-peer contributors collude to corrupt
        Compliance A Top Priority                  be set up in their own separate environments,   the chain.
        From passenger information at check-  which today have the potential to be far   Blockchain is still some way off being
        in desks to engine health data and   more secure than any previous private or on   widely adopted, and is just a concept for
        maintenance history, airlines collect huge   premise data center. As the name suggests,   airlines right now, but the technology has real
        amounts of data. The corruption or loss of   cloud containers create isolated boundaries   potential to help boost cyber defences.
        any of this information can pose serious   of data which means that if anything goes
        safety and regulatory issues. Storing   wrong in one container, it only affects that
        information means airlines must adhere   single cell and not the entire system – helping
        to compliance regulations, such as PCI-  reduce the threat of a wider cyber-attack.
        DSS for customer payment data which
        states that information must be protected   Blockchain Will Help Redefine
        against unauthorized access and accidental   Cyber Security
        loss. These regulations are even harder for   The aviation supply chain covers a wide
        42    A SIAN AIRLINES & AEROSP A A CE   NO  T OBER 2017                 WWW .GBP .COM.SG/AAA
        42
                                                                                WWW.GBP.COM.SG/AAA
                                                                                     .COM.SG/AAA
                                                                                   .GBP
                                                                                WWW
           SIAN AIRLINES & AEROSP
             A
                          CE
                           SEPTEMBER / OC
        42   ASIAN AIRLINES & AEROSPACE  JUNE / JULY 2017VEMBER / DECEMBER 2016
   37   38   39   40   41   42   43   44