Air Traffic Control System - Report Example

Table of Contents Introduction 2 Need to protect Air Traffic Control System 2 Web Application Security 3 Intrusion Detection Capabilities 4 Web Application supporting Air Traffic Control System is not secure 5 Intrusion Detection Capabilities can’t protect traffic control system 8 Recommendations 11 Conclusion 12 References 13 Introduction This report looks at evaluating the Web application security and intrusion detection in air traffic control system. This will help to analyze and understand the different areas which are of prime consideration and will require specialized efforts to control accidents. The air traffic control system has considered the traffic control system as an critical infrastructure which has a role in the commercial business of an economy and requires fostering an environment which ensures safety and easy mobility of the people. This will require protecting the air traffic control system both from physical and cyber attacks so that disruptions is reduced and the air traffic flows smoothly as its contribution to the economy is vastly increasing. Need to protect Air Traffic Control System The need to protect air traffic control system from cyber and physical attack requires enhanced attention as the Federal Aviation Administration has increased the need and importance of commercial software and internet protocol based products. This will help to control and monitor the air traffic and will develop a process through which airplane accidents can be reduced. When the air traffic control system uses commercial products based on different web applications it is imperative to collect and disseminate information which is highly risky and confidential as it could impact the safety aspects (Kaiyu & Hughes, 2010). The different attackers take advantage of the software vulnerability and exploit the different products through which they are able to carry out cyber attacks leading to different fatal accidents. A control on the air traffic control system provides an opportunity where all wrong things can be easily carried out and provides a ground based on which different potential harms can be caused. To prevent such accidents and to preserve the industry it is imperative that (1) web applications which support the air traffic control system is properly secured and doesn’t provide unauthorized access to the system (2) using the network intrusion capability to monitor the air traffic control system and looking towards untoward activities so that specific control measures can be implemented which will help to reduce the chances and magnitude of accidents (Kaiyu & Hughes, 2010). Web Application Security It has been identified and tested in over 70 web applications which are used to disseminate information like communication frequency for pilots and controllers and other system shows huge weakness. It was identified that the process which was used has 763 high risk, 504 medium risk and 2590 low risk areas. This risk area arose primarily due to the fact that it had weak passwords and unprotected critical files which could be used by anyone. The high risk and vulnerability which the system provides increases the risk of cyber attack which could lead towards more accidents. Using the vulnerabilities would provide the attackers unauthorized access to information which has been stored on the web applications. This vulnerabilities could further provide an opportunity to gain access to internal control system of air traffic control system as the web application often acts as a front end interface which could thereby have an impact on the security aspect of the nation. The attackers could harm the entire system by further injecting malicious code within the system which would impact the air traffic control process and could lead towards attacks which will have an impact on the overall potential of the business leading to mass scale disruptions in air traffic and increase in the magnitude of accidents. The prime reason which has led towards such increase risk in air traffic control system (1) the web applications haven’t been configured properly which will restrict unauthorized access to different information (2) the different application gaps which were present in the application software were not corrected at the correct time when they were being installed has increased and multiplied the complexities and increased the overall risk for air traffic. Intrusion Detection Capabilities To monitor the manner in which people use different information over the different web applications it is imperative that intrusion detection system is installed at different critical points which will help to monitor the information which is used. This sensor will help to generate automatic signals through security alerts and reduce the degree of intrusion so that incident response system can be made at the correct and appropriate time. The intrusion detection capability becomes ineffective due to the lack of installation of it at crucial points which will provide timely messages and remediation so that incidents can be detected and timely steps can be taken. Without fully deploying the IDS monitoring capability it is important to find out the manner in which cyber attacks take place and need to have in place a mechanism which will reduce the further risk of such an incident and ensure that the attacks which take place on air traffic control system can be reduced. The manner in which cyber attacks are growing in an area of concern and worry. It was evident in February 2009, where hackers gained access to the different web applications being used by air traffic control system and had access to unauthorised personal information of 48,000 current and former employees. Similarly in 2008 the different attackers were able to gain access to the air traffic control system and took control of critical network services by disrupting power services which impacted the different system in a negative manner impacting the flights and increasing the risk of an air crash. In 2006 the hackers gained access to important and critical application which led towards a release of different codes impacting and disrupting the airline services in hale of Alaska. To reduce the impact of such incidents and to ensure a better and healthy air traffic control system it is important that the intrusion system is developed in such a manner that it leads towards better control and ensures minimum impact on air traffic. Web Application supporting Air Traffic Control System is not secure Web applications which support the air traffic control system is not secure which increases the risk of accidents and provides unauthorised access to different web pages. A test which examined the process based on internet access and through Federal Aviation Administration shows astonishing results. It has been identified and tested in over 70 web applications which are used to disseminate information like communication frequency for pilots and controllers and other system shows huge weakness. It was identified that the process which was used has 763 high risk, 504 medium risk and 2590 low risk areas. This is shown in the chart below (Stallings, 2010) High risk vulnerabilities provides the attacker with an immediate opportunity to access the computer system and gain access to remote controls through which different proceedings can be controlled. Medium and low risk vulnerabilities provides an opportunity where useful information can be used through an error message revealing that system configuration has multiplied the difficulties and can be reduced through the computer system. Some of the risk which arises as a result on it is as Vulnerability provides unauthorised access to information stored on web application computers: The different vulnerabilities provides an opportunity where the information which is stored on web application computers can be accessed (Stallings, 2010). This different risk are associated with the opportunity of gaining access to program source code and sensitive PII which impacts the air traffic control system and increases the risk of accidents which will impact the entire situation negatively. Vulnerable web application provides unauthorised access to air traffic control system operations: The different vulnerabilities provides an opportunity where the operations of the air traffic control system can be used for different purposes. This different risk are associated with the opportunity of gaining access to voltage dropouts and surges which could be used by hackers to plan the different attacking points and could disrupt the entire process of carrying out different operations. This provided an opportunity where the hackers were able to gain access to 48,000 employees so that the different information could be used and manipulated which would provide them gain access to different personal information. This has thereby impacted the overall impact and has increased the risk for air accidents (Stankovic, Lee, Mok and Rajkumar, 2005). Vulnerable web application provides unauthorised access to air traffic control system code: The different vulnerabilities provide an opportunity where hackers used the air traffic control system through which codes are exploited and used to create difficulty for air traffic control system. This different risk are associated with the opportunity of gaining access to codes and password which could be used by hackers to plan the different attacking points and could disrupt the entire process of carrying out different operations. In 2006 the hackers gained access to important and critical application which led towards a release of different codes impacting and disrupting the airline services in hale of Alaska (Stankovic, Lee, Mok and Rajkumar, 2005). This has thereby impacted the overall impact and has increased the risk for air accidents which needs to be controlled and changes need to be developed to reduce the risk for it. The different attacks which have taken place so far has impacted and disrupted air traffic control mission support function. The impact from the mission support function could easily lead towards more attack as it can move towards operational network where different information related to real time surveillance, communication and flight information can be affected which will impact aircrafts and is shown in the figure below (Stankovic, Lee, Mok and Rajkumar, 2005) Due to the presence of network connections the authorised and unauthorised risk increases which could lead towards increase cyber attacks and will have an impact on airlines. The impact could be so deep that it can lead towards total disruptions of the flights and could increase the number of accidents increasing the risk associated with life. Intrusion Detection Capabilities can’t protect air traffic control system The air traffic control system is developed based on IP network infrastructure which consists of backbone which comprises of wide area network and local area network. The problem associated with intrusion detection system was that it was not installed at crucial points and along with it the monitoring activities were not carried out clearly. The intrusion detection capability is ineffective because of the fact that deployment of sensors doesn’t provide timely remediation of the different incidents which takes place. This has been thereby associated with the following Lack of proper monitoring mechanism to deal with cyber incidents: To identify the cyber incidents it is imperative that the intrusion detection capabilities are installed at different critical point so that security analysis can be properly carried out. Air traffic control system are located at different points and juncture which helps to control and deal with different impacts associated with air tower control and flight service station. The lack of proper intrusion detection system is seen below (Leavitt, 2010) The use of sensor system is being used only in the field of support system but not using the same in the operational system has impacted the overall level through which services are carried out in the air traffic control system. This has resulted in little or no use in the field of air traffic control operation system which thereby doesn’t provide an opportunity to deal with cyber security threat. To ensure effectiveness it is important that a proper linkage between the air traffic control system and agencies are developed so that they work in close tandem with one another and bring about the change in cyber activities which could lead towards accidents. Improper understanding of the network infrastructure has also made the process less effective and has led towards multiplying the risk associated with air accidents Cyber incidents are not remediated at the correct time: Once a cyber crime is found out it is important that timely actions are taken at the appropriate time so that changes can be made through which cyber attacks can be reduced. It was seen in year 2008 that ATO received complaints of around 877 cyber related incidents (Leavitt, 2010). Still a major of the issues haven’t been solved and will require special steps are taken at the correct time so that the cyber changes can be done. The lack of effectiveness of identifying the correct incident at the appropriate time has intensified the level of problems and requires development of critical structure through which the different critical incidents can be found out. Having proper IDS sensor system installed at the crucial points and juncture will help to collect critical data and ensure that the network device is able to identify the IP address and bring changes in the network. This will help to make ramifications and bring changes so that cyber incidents can be controlled and the point where the incidents are identified steps can be taken through which analysis of the problem is dealt. This will ensure that the overall process will bring the required changes and reduce the overall risk associated with cyber attacks which could lead towards increased air accidents. Recommendations The aviation control system needs to bring major changes and ramifications through a process which ensures that accidents are reduced and the air traffic control process is better exercised. This will require the following Web applications which support the air traffic control system is properly secured and doesn’t provide unauthorized access to the system Using the network intrusion capability to monitor the air traffic control system and looking towards untoward activities so that specific control measures can be implemented which will help to reduce the chances and magnitude of accidents (Leavitt, 2010). Take immediate actions when problems are identified in the intrusion detection system so that timely action can be taken and the air traffic control system is better placed to deal with the changes Work in conjunction with the air traffic control system and other agencies so that the problems identified can be dealt with and appropriate steps can be taken through which better control will be exercised in the process of carrying out activities which will reduce accidents Conclusion This report evaluates the Web application security and intrusion detection in air traffic control system which could lead towards accidents and require proper process through which better control can be exercised. This will help to analyze and understand the different areas which are of prime consideration and will require specialized efforts to control accidents. The air traffic control system has considered the traffic control system as an critical infrastructure which has a role in the commercial business of an economy and requires fostering an environment which ensures safety and easy mobility of the people. This will require protecting the air traffic control system both from physical and cyber attacks so that disruptions is reduced and the air traffic flows smoothly as its contribution to the economy is vastly increasing. References Kaiyu, W. & Hughes, M. 2010. “Specification, Analyzing Challenges and Approaches for Cyber-Physical Systems (CPS)”, Engineering Letters, Issue 3 Leavitt, N. 2010. “Researchers Fight to Keep Implanted Medical Devices Safe from Hackers”, Computer, Volume 43, Issue 8, Pages: 11-14 Stankovic, J. Lee, I. Mok, A. and Rajkumar, R. 2005. “Opportunities and obligations for physical computing systems”, IEEE Computer, 38(11):23–31 Stallings, W. 2010. “Cryptography and network security: principles and practice”, Prentice Hall, 5nd Edition, ISBN-10: 0-13-609704-9 Read More