Date post: | 27-Mar-2015 |
Category: |
Documents |
Upload: | mason-cunningham |
View: | 213 times |
Download: | 0 times |
The European Organisation for the Safety of Air Navigation
WG-I #16 Meeting SESAR 15.2.10 Security TasksSpeaker Liviu POPESCU on behalf of Boleslaw GASZTYCH Organisation EUROCONTROL Date and venue Montreal, Canada 28 – 30 January 2013
WG-I Meeting Montreal, 28-30 January 2013 2
SESAR 15.2.10 Project Overview
Agenda
• Project scope
• Project members• Tasks• Activities• 15.2.10 Security - Scope and
Deliverables
WG-I Meeting Montreal, 28-30 January 2013 3
SESAR 15.2.10 Project Overview
Scope• The main goal of Project 15.02.10 is to verify and demonstrate the suitability of PENS
as the IP network backbone infrastructure for ATM environment :
• Evaluation of suitability of end-to-end PENS performances as SWIM backbone
(Tasks T01, T02 and T03) COMPLETED
• Establishment of a Security Policy for the SWIM backbone infrastructure (Tasks
T04, T05 and T06)
• Verification of surveillance IP Multicast applications on PENS (Tasks T07, T08
and T09) COMPLETED
• Verification of VoIP for G/G and ground segment of A/G Communications on
PENS (Tasks T10, T11 and T12)
WG-I Meeting Montreal, 28-30 January 2013 4
SESAR 15.2.10 Project Overview
Project Members
• AENA, Spain• DFS, Germany• DSNA, France• ENAV, Italy• EUROCONTROL • FREQUENTIS, Austria• INDRA, Spain• Selex ES, Italy
WG-I Meeting Montreal, 28-30 January 2013 5
SESAR 15.2.10 Project Tasks
P.15.02.10Terrestrial Communication Infrastructure - SWIM backbone
T01 T03PENS(Lead EUROCONTROL)
T07 T9Multicast (Lead FREQUENTIS)
T01 Analysis of requirements and applications to be PENS users
T02 Definition and Verification of Methodology for tests on PENS
T03 Integration and Testing on PENS
T04 SWIM Backbone Security Risk Assessment
T05 Development of the Security System Model
T06 Development of the final SWIM backbone security management documents
T07 Requirements Analysis and Test Scenarios Definition on IP Multicast
T08 Test Definition and Implementation in test-bed on IP multicast
T09Test IP multicast capability in PENS
T10 Verification Analysis of VoIP ground network within PENS/ANSPs networks
T11 Verification of VoIP systems within PENS (phase I)
T12Final Verification of VoIP systems within PENS (phase II) and WG67 deliverables refinement
T04 T06Security(Lead EUROCONTROL)
T10 T12VoIP(Lead FREQUENTIS)
T13Management(Lead INDRA)
WG-I Meeting Montreal, 28-30 January 2013 6
SESAR 15.2.10 Project Overview
ActivitiesCLOSED ACTITIVIES• T001 Analysis of requirements and applications to be PENS users• T002 Definition and Verification of Methodology for tests on PENS• T003 Integration and Testing on PENS• T004 SWIM Backbone Security Risk Assessment• T007 Requirements Analysis and Test Scenarios Definition on IP Multicast• T008 Test Definition and Implementation in test-bed on IP multicast• T009 Test IP Multicast capability in PENS• T010 Verification Analysis of VoIP ground network within PENS/ANSPs networks• T011 Verification of VoIP systems within PENS - phase I
Nearly completed • T005 Development of the Security System Model• T012 Final Verification of VoIP systems within PENS - phase II
On-going activities • T006 Development of the final SWIM backbone security management documents
WG-I Meeting Montreal, 28-30 January 2013 77
15.2.10 Security TasksDeliverables
T04 SWIM Backbone Security Risk AssessmentD04 – Security Risk Assessment (SRA)
For FMTP, AMHS, VoIP, LARA & Network Elements
T05 Security System SpecificationD05 - Development of Security System Model
Identify security mechanisms and develop model
D05 - Security System Model TestingDevelop vulnerability tests and Test Bed toolsPerform tests including civil/military interoperability
T06 SWIM Backbone Security ManagementD06 - Final security management documents
Final Security Risk Assessment & Security Model
WG-I Meeting Montreal, 28-30 January 2013 8
15.2.10 Security Tasks Security Task Relationship
T05 - Dev. of System Security Model
T05 - System Security Model Testing
T06 – SWIM Backbone Security
Mgmt
Final D06 / documents
PSSGSJUOther SESAR projects
D04 (SRA)
ATM Security Methodology
T04 – Security System Assessment
D05
The European Organisation for the Safety of Air Navigation
D04 – Security Risk Assessment (SRA)
WG-I Meeting
WG-I Meeting Montreal, 28-30 January 2013 10
15.2.10 Security Tasks D04 – Scope of Assessment
Network Elements
SRA
FMTP
AMHS
VoIP
Draft Delivered to PSSG Final version to SJU in
July 2012
Military LARA
Existing Security Docs
ATM Security Methodology
WG-I Meeting Montreal, 28-30 January 2013 1111
15.2.10 Security Tasks SRA Contents
• SRA covers FMTP, AMHS, VoIP, LARA and SESAR VPN (Network Elements)
• For each of the above:• System description• Assumptions• Key risks• Security goals / description /
sources of attacks / impact• Risk assessment• Identification of management
options
The European Organisation for the Safety of Air Navigation
D05 Development of Security System Model & Testing
WG-I Meeting
WG-I Meeting Montreal, 28-30 January 2013 1313
15.2.10 Security TasksDeliverables
T04 SWIM Backbone Security Risk AssessmentD04 – Security Risk Assessment (SRA)
For FMTP, AMHS, VoIP, LARA & Network Elements
T05 Security System SpecificationD05 - Development of Security System Model
Identify security mechanisms and develop model
D05 - Security System Model TestingDevelop vulnerability tests and Test Bed toolsPerform tests including civil/military interoperability
T06 SWIM Backbone Security ManagementD06 - Final security management documents
Final Security Risk Assessment & Security Model
WG-I Meeting Montreal, 28-30 January 2013 14
15.2.10 Security Tasks T05 Security Model
INTRA DOMAIN INTRA DOMAININTER DOMAIN
PENSLocalNetwork
CE CEFW FWLOCAL
ROUTERLOCAL
ROUTER
AMHS
LocalNetwork
FMTP
VOIP
APPL
AMHS
FMTP
VOIP
APPL
ANSPs SECURITY CONTROLS ANSPs SECURITY CONTROLSSITA SECURITY CONTROLS
End-to-end SECURITY CONTROLS
WG-I Meeting Montreal, 28-30 January 2013 1515
15.2.10 Security Tasks D05: Identification of security mechanisms and development and testing of the Security Model
• D05 Part A provides additional security mechanisms (controls) that need to be implemented over and above those recommended by the SESAR WP15.2.10-D04
• D05 Part B contains
• Vulnerability Test specifications, including a detailed description of the test scope and constraints.
• Summary of key findings, which provides strategic advice in a clear and concise form, documenting the security posture observed during tests.
The European Organisation for the Safety of Air Navigation
D06 SWIM Backbone Security Management
WG-I Meeting
WG-I Meeting Montreal, 28-30 January 2013 1717
15.2.10 Security Tasks D06 : SWIM Backbone Security Management
• T06 will
• Integrate results form the Security Risk Assessment of the SWIM performed by the SESAR 14.02.02 project
• Assess and summarize the findings and recommendations from D04 and D05
• D06 will describe the work carried out in the 15.2.10 project related to the establishment of a security policy, procedures and architectures for the SWIM Backbone
The European Organisation for the Safety of Air Navigation
WG-I Meeting 15.2.10 Security Tasks
“This presentation is created by EUROCONTROL and is based on ©SESAR JOINT UNDERTAKING material developed within the frame of the SESAR Programme, co-financed by the EU and EUROCONTROL. The opinions expressed herein reflect the author’s view only. The SESAR Joint Undertaking is not liable for the use of any of the information included herein. Reprint of information included herein with approval of publisher and with reference to source code only”