IMPLEMENTATION OF A EUROPEAN CENTRE FOR CYBER SECURITY IN AVIATION (ECCSA)
After the ‘Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace’, JOIN(2013) 1 from7 February 2013, EASA And CERT-EU signed in February this year a memorandum of mutual cooperation (MoC) for the implementation of a European Centre for Cyber Security in Aviation (ECCSA).
The EASA ‘Cybersecurity roadmap’ presented in 2015 has been considered as basis for implementing a cybersecurity framework for aviation – taking into account the principles laid in the new European ATM Master Plan and in the EU Aviation Strategy- acting as support to the European Commission, EASA Member States, EASA and industry work.
The memorandum includes the areas of responsibility of both parties. On the one hand, CERT-EU agrees to provide the appropriate and secure IT infrastructure services as well as the cybersecurity tools and threat management services needed for the development of cyber-secure components in aviation. On the other hand, EASA will provide the analyst resources and technical expertise for the coordination of the ECCSA. Both agree to execute the Technical Roadmap within the given milestones for this purpose and maintain close collaboration between their analysts’ teams.
What will ECCSA do?
ECCSA will primarily serve as an information sharing and management platform, a key enabler for implementing a resilient aviation cyberspace. ECCSA will provide secure means for aviation stakeholders to exchange domain relevant cybersecurity information, such as vulnerabilities, i.e. weakness that can be used for malicious purposes, as well as events and incidents that might be worth sharing with the aviation community.