Cockpit Protection: the case for the secondary barrier ALSO: DEPORTEE MANAGEMENT BRUSSELS AIRPORT OPERATIONS CYBER SECURITY IN AIR TRAFFIC MANAGEMENT BUYERS GUIDE MAIN MEDIA SPONSOR TO: THE GLOBAL JOURNAL OF AIRPORT & AIRLINE SECURITY www .asi-mag.com AN INTERVIEW WITH KETEVAN KARDAVA 17 3 THE MYSTERY OF EGYPTAIR MS804 JUNE 2016 VOLUME 22 ISSUE 3
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Cockpit Protection:the case for the secondary barrier
ALSO:DEPORTEE MANAGEMENT
BRUSSELS AIRPORT OPERATIONSCYBER SECURITY IN AIR TRAFFIC MANAGEMENT
BUYERS GUIDE
MAIN MEDIA SPONSOR TO:
THE GLOBAL JOURNAL OF AIRPORT & AIRLINE SECURITY
www.asi-mag.com
AN INTERVIEW WITH
KETEVAN KARDAVA
17 3
THE MYSTERY OF EGYPTAIR
MS804
JUNE 2016 VOLUME 22 ISSUE 3
June 2016 Aviationsecurityinternational38 VISIT WWW.ASI-MAG.COM – NEW & IMPROVED
When a Somali military court convicted ten suspects for organising this February’s bomb attack on Daallo Airlines, the reality of the potential for further significant
attacks on the industry became apparent. The explosion on the Daallo Airlines Airbus 321 flight occurred around 15 minutes after take-off from Mogadishu, when the plane was at approximately 11,000ft (3,350m). Only the bomb carrier was killed and the pilot was able to make an emergency landing back at Mogadishu airport, aborting the flight to Djibouti. Somalia's militant Islamist group al-Shabab took responsibility for the attack, later admitting that it had failed to bring down the aircraft since the aircraft assembly had withstood the blast.
With developments in the type and frequency of terrorist attacks against the aviation industry, airport security measures have had to evolve in order to protect against threats posed both by passengers with malicious intent as well as by the insider threat. However, aircraft design also has a significant role to play in foiling inflight attacks and, in several incidents, the aircraft assembly has proven itself robust enough to withstand an inflight explosion, allowing the pilot to land safely. Shalini Levens discusses what aircraft manufacturers are doing to make aircraft more resistant both to attempted bombings and to the emerging threat of cyberattack.
AIRCRAFTDESIGN:
ADDRESSINGSECURITY
CONCERNS
Fuselage failure resulting from blast test. Credit: D'Appolonia SpA
June 2016 Aviationsecurityinternational www.asi-mag.com 39
This incident is one of the few examples of aircraft resilience to terrorist attacks after bombs have made it on board and detonated. Another example of an aircraft withstanding an explosion during its journey was the Trans World Airlines (TWA) flight 840 from Rome to Athens in 1986 that exploded 20 minutes before landing due to the detonation of an improvised explosive device (IED) concealed under a passenger’s seat. The blast created a hole in the aircraft’s starboard side, similar in nature to that of Daallo Airlines, killing four passengers who were ejected through the hole in the fuselage. Similarly, in 1994, Philippine Airlines flight 434 operating from Manila to Tokyo via Cebu became a victim of an IED that was placed in a lifejacket under the seat. The explosion killed one passenger while others were injured. The aircraft itself remained intact and the pilot was able to safely land the damaged plane in Okinawa.
The ongoing investigation (at the time of writing) into the loss of EgyptAir flight MS804, en route from Paris to Cairo, has not yet ruled out the possibility that a bomb on board was responsible. Indeed, quite the opposite. With much speculation that the aircraft was the subject of a terrorist bombing, and coming so soon after the Metrojet bombing in Egypt in October 2015 and the Daallo Airlines incident this year, the questions being asked not only focus on what the authorities can do to prevent a bomb being loaded on board, but on what manufacturers can do to ensure that, should a device make it through the security system, damage caused will not be catastrophic.
Aircraft manufacturers are enhancing security in aircraft design via a number of methods. A few of these methods include: aircraft hardening against inflight explosion; assessing and enhancing Least Risk Bomb Locations (LRBL); the provision of systems to prevent hacking and cyber-attacks; flight deck door construction; secondary barriers; the development of systems which limit control of the aircraft to authorised persons, and; systems which might indicate the presence of a stowaway on board.
Aircraft hardening against inflight explosion has become a trending topic of interest since the loss of Metrojet flight 9268, twenty-three minutes after its departure from Sharm el-Sheikh bound for St. Petersburg. Even though
early speculations concluded that Islamic State (IS) was responsible for the attack – and the group even claimed, in Dabiq (its own publication), that a rather crude device utilising a soft drinks can had contained the deadly charge - there were still sources that maintained that the aircraft had been in poor mechanical condition. Another source brought to light the fact that the engines had start failures. The airline denied claims that the aircraft was not in perfect working condition. Nonetheless, all the indicators suggest that the inflight explosion was caused by an improvised explosive device infiltrated on board, and probably by an insider working at the airport.
With regards to the enhancement of the LRBL, FLY-BAG, a lightweight and flexible device which, it is claimed, is able to contain the devastation caused by bombs hidden in the cabin or cargo hold of an aircraft, offers potential benefit. The FLY-BAG cabin device, when not in use, is folded and kept in an overhead locker, and the cargo
device (for wide body aircraft) is a kit to be installed inside a conventional unit load device (ULD) without affecting the payload. Made of highly resistant fabric, the FLY-BAG envelope, a European Research Projects initiative, is specifically designed to absorb the shockwaves and shrapnel caused by explosions. The bomb-proof units have successfully confined blasts in a series of controlled explosions on a Boeing 747 and on an Airbus 321, neither of which suffered any damage as a result of the contained blasts. So, for aircrew faced with the dilemma as to how to deal with a suspicious item found in the cabin inflight, rather than build the bomb stack in the LRBL using damp blankets and cushions alone, placing it inside a FLY-BAG envelope as well greatly improves the chances of the aircraft withstanding a blast.
Turning now to the aircraft’s IT systems, Transmission Control Protocol/Internet Protocol (TCP/IP) technology has been under review of late. TCP/IP technology allows the transfer of data such as flight-critical avionics and passenger information, which turns the aircraft into an airborne, interconnected network domain server. The interconnected system allows external systems such as communications, e-mail, maintenance
“…the questions being asked
not only focus on what the
authorities can do to prevent
a bomb being loaded
on board, but on what
manufacturers can do to
ensure that, should a device
make it through the security
system, damage caused will
not be catastrophic…”
“…bomb-proof units have
successfully confined blasts
in a series of controlled
explosions on a Boeing 747
and on an Airbus 321…”
FLY-BAG for cabin protection. Credit: D'Appolonia SpA
June 2016 Aviationsecurityinternational40 VISIT WWW.ASI-MAG.COM – NEW & IMPROVED
systems and wireless airline operations to integrate with one another. While there are numerous advantages to this, there are also security issues, particularly regarding wireless devices that may be able to gain access to the aircraft's diagonally dominant back stepping (DDBS) controller, which provides flight-critical functions. To address these issues, even back in 2012 the Federal Aviation Administration (FAA) implemented a new Operations Specification (OpSpec) D301, Aircraft Network Security Program (ANSP). Under this programme, all e-Enabled aircraft had to meet the requirements of the OpSpec to become operational. e-Enabled aircraft are vulnerable to misuse or attacks such as: the infection of an aircraft system from Malware (malicious software); cyber-attacks on aircraft system interfaces; passive attacks including traffic analysis, and; active attacks such as replay attack where valid data transmission is maliciously or fraudulently repeated or delayed. Therefore, the OpSpec provided security assurances which included: encryption of data; security incident and event management; security log management and review, alerting and validation; monitoring of security logs to identify policy violations, fraudulent activity and operational problems; physical access control; proper security training of personnel, and updated software implementations.
In one case, the FBI is still investigating the claims of an IT expert, who maintained he was able to hack into the entertainment system of a passenger jet and manipulate the plane's engines during a flight.
Following the attacks on 9/11, flight deck doors were implemented to limit the control of unauthorised persons entering the flight deck. However, practicality revealed that this system was vulnerable since the door must be opened a number of times during flights for the provision of meals and hot drinks to pilots, for access to toilets and for shift rotation. Furthermore, these enhanced cockpit
doors can also prove detrimental to security if the wrong person manages to gain access to the flight deck or, as in the case of Germanwings last year, one of the pilots becomes the problem. Secondary barriers have been developed as an alternative method of reinforcement, and whilst industry research has generally concluded that they are a safe and effective solution for protecting the flight deck, mass deployment/installation is still some way off.
The Federal Aviation Administration (FAA) along with the Department of Homeland Security (DHS) and the Transportation Security Administration (TSA), have been examining the use of biometrics for aviation security for several years – not only on the ground in respect of airport access control and staff identification, but also inflight as an aid to ensure that only authorised persons are at the controls. Biometric technologies vary in complexity, capabilities, and performance, and can be used to verify or establish a person’s identity. Leading biometric technologies include facial recognition, fingerprint recognition, hand geometry, hand vascular pattern/vein recognition and iris recognition. An FAA report has revealed three projects researching the feasibility of biometrics in enhancing aviation security. However, the report stresses that no biometric technology – or in fact any other technology - can work alone. Technology and people need to work together to reach the most effective overall security process. To illustrate this, biometric identification is not suited to all people (e.g. those with certain disabilities) and errors can sometimes occur during matching operations.
Future Travel Experience (FTE), the online media business established to improve the end-to-end passenger experience, predicts that biometric technology will facilitate a personalised travel experience such as tailored in-flight entertainment, streamlined in-flight purchasing, and in-flight immigration processing during the flight.
Just like any new application, a proper risk management approach should contribute to the identification and measurement of security evaluation in aircraft design. It is the objective of any aircraft manufacturer to ensure that its aircraft are safe, secure, efficient and as effective as possible. Therefore, to develop and implement any kind of security system within aircraft design, all integrated technologies and processes need to be defined and measured in relation to the people it aims to protect.
We will always be trying to ensure that improvised explosive devices never make it on board in the first place and, as such, screening people, baggage and cargo will continue to be important, but we would be foolish to rely solely on such processes. The technologies referred to above are necessary layers of security, as are those technologies and processes which exist whereby we have the potential to screen aircraft - by canine units and even X-ray technology. MBTelecom in Romania (featured in an article in this journal in April 2015) have developed the ROBOSCAN-AERIA and, whilst the system was initially developed to screen small private aircraft, recent tests have shown that entire passenger jets can be examined. We may never X-ray all aircraft, and probably never should, but the high quality images further demonstrate that, when adopting a risk management strategy, the solutions to specific concerns identified may be beyond the terminal.
Shalini Levens is a business deve lopment executive at Perseuss, a w e b - b a s e d c o m m u n i t y for airlines to share and collaborate with the purpose of reducing passenger and
credit card fraud. She can be contacted at [email protected]
ROBOSCAN-AERIA X-ray image of a passenger jet. Credit: MBTelecom
Related Documents
![Computer Security Issues and Concerns[1]](https://static.cupdf.com/doc/110x72/577d1ec01a28ab4e1e8f29b6/computer-security-issues-and-concerns1.jpg)
