The European Organisation for the Safety of Air Navigation

WG-I #16 Meeting SESAR 15.2.10 Security TasksSpeaker Liviu POPESCU on behalf of Boleslaw GASZTYCH Organisation EUROCONTROL Date and venue Montreal, Canada 28 – 30 January 2013

WG-I Meeting Montreal, 28-30 January 2013 2

SESAR 15.2.10 Project Overview

Agenda

• Project scope

• Project members• Tasks• Activities• 15.2.10 Security - Scope and

Deliverables

WG-I Meeting Montreal, 28-30 January 2013 3

SESAR 15.2.10 Project Overview

Scope• The main goal of Project 15.02.10 is to verify and demonstrate the suitability of PENS

as the IP network backbone infrastructure for ATM environment :

• Evaluation of suitability of end-to-end PENS performances as SWIM backbone

(Tasks T01, T02 and T03) COMPLETED

• Establishment of a Security Policy for the SWIM backbone infrastructure (Tasks

T04, T05 and T06)

• Verification of surveillance IP Multicast applications on PENS (Tasks T07, T08

and T09) COMPLETED

• Verification of VoIP for G/G and ground segment of A/G Communications on

PENS (Tasks T10, T11 and T12)

WG-I Meeting Montreal, 28-30 January 2013 4

SESAR 15.2.10 Project Overview

Project Members

• AENA, Spain• DFS, Germany• DSNA, France• ENAV, Italy• EUROCONTROL • FREQUENTIS, Austria• INDRA, Spain• Selex ES, Italy

WG-I Meeting Montreal, 28-30 January 2013 5

SESAR 15.2.10 Project Tasks

P.15.02.10Terrestrial Communication Infrastructure - SWIM backbone

T01 T03PENS(Lead EUROCONTROL)

T07 T9Multicast (Lead FREQUENTIS)

T01 Analysis of requirements and applications to be PENS users

T02 Definition and Verification of Methodology for tests on PENS

T03 Integration and Testing on PENS

T04 SWIM Backbone Security Risk Assessment

T05 Development of the Security System Model

T06 Development of the final SWIM backbone security management documents

T07 Requirements Analysis and Test Scenarios Definition on IP Multicast

T08 Test Definition and Implementation in test-bed on IP multicast

T09Test IP multicast capability in PENS

T10 Verification Analysis of VoIP ground network within PENS/ANSPs networks

T11 Verification of VoIP systems within PENS (phase I)

T12Final Verification of VoIP systems within PENS (phase II) and WG67 deliverables refinement

T04 T06Security(Lead EUROCONTROL)

T10 T12VoIP(Lead FREQUENTIS)

T13Management(Lead INDRA)

WG-I Meeting Montreal, 28-30 January 2013 6

SESAR 15.2.10 Project Overview

ActivitiesCLOSED ACTITIVIES• T001 Analysis of requirements and applications to be PENS users• T002 Definition and Verification of Methodology for tests on PENS• T003 Integration and Testing on PENS• T004 SWIM Backbone Security Risk Assessment• T007 Requirements Analysis and Test Scenarios Definition on IP Multicast• T008 Test Definition and Implementation in test-bed on IP multicast• T009 Test IP Multicast capability in PENS• T010 Verification Analysis of VoIP ground network within PENS/ANSPs networks• T011 Verification of VoIP systems within PENS - phase I

Nearly completed • T005 Development of the Security System Model• T012 Final Verification of VoIP systems within PENS - phase II

On-going activities • T006 Development of the final SWIM backbone security management documents

WG-I Meeting Montreal, 28-30 January 2013 77

15.2.10 Security TasksDeliverables

T04 SWIM Backbone Security Risk AssessmentD04 – Security Risk Assessment (SRA)

For FMTP, AMHS, VoIP, LARA & Network Elements

T05 Security System SpecificationD05 - Development of Security System Model

Identify security mechanisms and develop model

D05 - Security System Model TestingDevelop vulnerability tests and Test Bed toolsPerform tests including civil/military interoperability

T06 SWIM Backbone Security ManagementD06 - Final security management documents

Final Security Risk Assessment & Security Model

WG-I Meeting Montreal, 28-30 January 2013 8

15.2.10 Security Tasks Security Task Relationship

T05 - Dev. of System Security Model

T05 - System Security Model Testing

T06 – SWIM Backbone Security

Mgmt

Final D06 / documents

PSSGSJUOther SESAR projects

D04 (SRA)

ATM Security Methodology

T04 – Security System Assessment

D05

The European Organisation for the Safety of Air Navigation

D04 – Security Risk Assessment (SRA)

WG-I Meeting

WG-I Meeting Montreal, 28-30 January 2013 10

15.2.10 Security Tasks D04 – Scope of Assessment

Network Elements

SRA

FMTP

AMHS

VoIP

Draft Delivered to PSSG Final version to SJU in

July 2012

Military LARA

Existing Security Docs

ATM Security Methodology

WG-I Meeting Montreal, 28-30 January 2013 1111

15.2.10 Security Tasks SRA Contents

• SRA covers FMTP, AMHS, VoIP, LARA and SESAR VPN (Network Elements)

• For each of the above:• System description• Assumptions• Key risks• Security goals / description /

sources of attacks / impact• Risk assessment• Identification of management

options

The European Organisation for the Safety of Air Navigation

D05 Development of Security System Model & Testing

WG-I Meeting

WG-I Meeting Montreal, 28-30 January 2013 1313

15.2.10 Security TasksDeliverables

T04 SWIM Backbone Security Risk AssessmentD04 – Security Risk Assessment (SRA)

For FMTP, AMHS, VoIP, LARA & Network Elements

T05 Security System SpecificationD05 - Development of Security System Model

Identify security mechanisms and develop model

D05 - Security System Model TestingDevelop vulnerability tests and Test Bed toolsPerform tests including civil/military interoperability

T06 SWIM Backbone Security ManagementD06 - Final security management documents

Final Security Risk Assessment & Security Model

WG-I Meeting Montreal, 28-30 January 2013 14

15.2.10 Security Tasks T05 Security Model

INTRA DOMAIN INTRA DOMAININTER DOMAIN

PENSLocalNetwork

CE CEFW FWLOCAL

ROUTERLOCAL

ROUTER

AMHS

LocalNetwork

FMTP

VOIP

APPL

AMHS

FMTP

VOIP

APPL

ANSPs SECURITY CONTROLS ANSPs SECURITY CONTROLSSITA SECURITY CONTROLS

End-to-end SECURITY CONTROLS

WG-I Meeting Montreal, 28-30 January 2013 1515

15.2.10 Security Tasks D05: Identification of security mechanisms and development and testing of the Security Model

• D05 Part A provides additional security mechanisms (controls) that need to be implemented over and above those recommended by the SESAR WP15.2.10-D04

• D05 Part B contains

• Vulnerability Test specifications, including a detailed description of the test scope and constraints.

• Summary of key findings, which provides strategic advice in a clear and concise form, documenting the security posture observed during tests.

The European Organisation for the Safety of Air Navigation

D06 SWIM Backbone Security Management

WG-I Meeting

WG-I Meeting Montreal, 28-30 January 2013 1717

15.2.10 Security Tasks D06 : SWIM Backbone Security Management

• T06 will

• Integrate results form the Security Risk Assessment of the SWIM performed by the SESAR 14.02.02 project

• Assess and summarize the findings and recommendations from D04 and D05

• D06 will describe the work carried out in the 15.2.10 project related to the establishment of a security policy, procedures and architectures for the SWIM Backbone

The European Organisation for the Safety of Air Navigation

WG-I Meeting 15.2.10 Security Tasks

“This presentation is created by EUROCONTROL and is based on ©SESAR JOINT UNDERTAKING material developed within the frame of the SESAR Programme, co-financed by the EU and EUROCONTROL. The opinions expressed herein reflect the author’s view only. The SESAR Joint Undertaking is not liable for the use of any of the information included herein. Reprint of information included herein with approval of publisher and with reference to source code only”