Shared Situational Awareness and Collaboration

Governors Summit on Cybersecurity and Privacy 2016

Faye Francy, Executive Director

The Aviation Information Sharing
and Analysis Center (A-ISAC)

January 5, 2016

Speaker Introduction
Faye Francy, Executive Director A-ISAC
Aviation Information Sharing and Analysis Center (A-ISAC)
Executive Director - establish a robust global A-ISAC, a non-profit organization
Implementing a framework for analyzing and sharing information security
threats across the global community
Responsible for establishing, implementing and overseeing the organizations
mission, goals, policies and core guiding principles
The Boeing Company (2001-current)
Boeing Commercial Airplane Cyber ONE Community of Excellence Leader
Director, Networked Systems Domain for CTO 2008-11
Director, Networked Centric Operations, PW 2005-08
Director, Engineering and Programs Air Traffic Management (ATM) 2001-05
Director, FAA Programs at ARINC Incorporated 1998-01
Intersec and AvSec Companies, Owner / President 1989-98
Palm Beach County Sherriff's Department / Maryland State Police
Education
Bachelors Degree in Chemistry and Mathematics from Towson State University
Master Degree in Forensic Chemistry from University of Pittsburgh.

The Threat
A National Security Issue

Rapidly escalating cyber threats

Executive action
Executive Order 13636:
Improving Critical Infrastructure
Cybersecurity
Presidential Policy Directive 21:
Critical Infrastructure Security and
Resilience

Comprehensive Global approach

Now our enemies are also

seeking the ability to sabotage

our power grid, our financial
institutions, and our air
traffic control systems.
Feb, 2013

Resiliency for our Critical Infrastructures

Cybersecurity is a National Security Issue

Promoting Private Sector Cybersecurity

Information Sharing - 2015
Executive Order (EO 13691) 2/13/15
Encourages formation of communities
to share information broadly across
regions, sectors and industries, and to
rapidly respond to emerging threats.
Establishment of Information Sharing
and Analysis Organizations (ISAOs),
includes Information Sharing &
Analysis Centers (ISACs)
Open and collaborative approach
Omni-directional communication
Bridges gap between public/private sector
Voluntary standards for sharing.
Efficient means for granting clearances
4

Cybersecurity Act of 2015

December 18, 2015 (OMNI CISA passed)

Designed to increase cybersecurity information

sharing between private sector & federal government.
Requires DHS to establish a portal for receiving cyber
threat indicators from the private sector and sharing
them with both public and private sector entities
Provides targeted liability protection to companies that share cyber threat
indicators with DHS
Requires two layers of privacy protections:
1) Companies must remove personal information before sharing cyber
threat indicators with DHS, and
2) DHS must implement privacy reviews of all indicators it receives
through the portal.
http://www.natlawreview.com/article/president-obama-signs-cybersecurity-act-2015-to-encourage-cybersecurity-information
5

Safe, Efficient, Secure & Resilient

Global Air Transportation System
Vision
A world confident in the strength, vigilance,
efficiency, and resiliency of the aviation system

Mission
Advocate for a security system that ensures
aviation growth and peoples freedom to fly

Goal
Public and Private Sector working together to
enhance a resilient global commercial aviation
system

Aviation Shared Situational Awareness

& Collaboration
Safe & Secure Global Air Transportation System

Situation Analysis
Threat Outlook
The aviation sector is vast and complex; protecting this system of systems will require
significant collaboration from the government, and sector partners across the globe

E-Enabled Aircraft : The Hackers Playing Field

Simple
Proprietary
Obscure
Isolated
Closed

Complex
Standardized
Documented
Connected
Open

An evolution of capabilitiesbut technology can be pose a risk

Flight Operations
Navigation Charts
Airport Maps
Weather Maps
Performance Calculations
Electronic Manuals
Technical Logbook

Maintenance
Maintenance Tools
Performance Analysis
Monitoring
Troubleshooting
Maintenance Manuals
Technical Logbook

Cabin Crew
Cabin Logbook
Cabin Management
Cabin Systems Control
Passenger Lists
Electronic Manuals

Passengers
IFE Systems
Internet Connectivity
Phone Services
OnBoard Intranet Service

~100,000 unique malware files published every 24 hours (in 2014)

New Malware every 1 second
~6500 new vulnerabilities, 30 % highly critical (in 2014)
New Vulnerability every 1.5 hours

Copyright 2012 Boeing. All rights reserved.

Aviation Industry Call-to-Action

Drivers & Challenges

External Drivers Influencing Aviation

Economic considerations drive increased connectivity

The speed at which cyber threats continue to evolve
Maintaining security in complex & dynamic environment
Integration of physical and cyber threats is critical
Continued growth in information sharing and analysis

Key Challenges for the Aviation Community

Aviations cyber security honeymoon has ended

Success depends on alignment of many stakeholders
Broad spectrum of technology deployment throughout fleet
Regulatory environment constrains the pace of the change

Aviation ISAC Proprietary. All rights reserved.

A Framework for Aviation Cybersecurity

AIAA August 2013
Establish common cyber standards for aviation
systems
Establish a cybersecurity culture
Understand the threat
Understand the risk
Communicate the threats and assure situational
awareness
Provide incident response
Strengthen the defensive system
Define design principles
Define operational principles
Conduct necessary research and development
**Blue indicates area of A-ISAC Focus

Ensure that government and industry work together

Resiliency Across Commercial Aviation

10

Aviation Sector Protection

The Airplane is a Global, Mobile, Industrial Control System

Purpose

Reduce risks and costs

Maintain public trust in aviation
Timely, Actionable Intelligence
Shared situational awareness
Resiliency

Requirements

One plan working together

Access to threat intelligence & analysis
Detailed threat monitoring
Sector-wide / cross sector view
Non-attribution information sharing

Reduction of Risk / Build-in Resiliency

11
Copyright 2013 Boeing. All rights reserved.

1/4/2016

THE COMPLEXITY OF AVIATION

THREAT OUTLOOK
Cabin links accessible to

Satellite Communications
(SATCOM)

passengers (Cabin Wifi, plugs

on cabin seats, FAP, Bluetooth)

Aircraft - Ground links

ADS-B
Spoofing

(ACARS, HF, VHF, SATCOM ;

GPS, ILS) with in-flight access
FMC/
ACARS

COTS, Plugs, Wifi

Air/Ground
Links

Portable
EFBs

ACARS

HF & VHF Satcom

Aircraft - Ground wireless

links (Gatelink, GSM, Wifi,
WiMax)

Gate

GateLink
(Wireless)

Outstation
Operations & Dispatch
centre

Airline
Attacks

Supply chain
Aircraft data & parts
suppliers

12

Factory
S/W
Loads

(Transit of Software from

Supplier to AIRBUS)

Airport
Attacks

GPS
Jamming

Maintenance & Industrial systems

(PMAT, Portable Data-Loader, troubleshooting
equipment, USB keys, ITcards)
Maintenance &
Engineering Centre

Hangar

Factory
S/W
Loads

Warehouse
12

Aviation Sector Protection

The Trajectory

Public-Private Partnership Essential

Cybersecurity Framework for sharing information

Private sector working together / sharing

Resiliency - Risk, Threat, Mitigation

Shared Situational Awareness

Ones detection is anothers prevention

USG & Industry Framework

Aviation Framework and Roadmap needed

International cybersecurity strategy essential

Coordinated policy for aviation cyber domain

Working Together to Thwart the Threat

Copyright 2012 Boeing. All rights reserved.

13

NIST Cybersecurity Framework Structure

Who is implementing this Framework in Aviation?

14

Key Strategic Elements

Building a Roadmap to Protect Aviation

Culture of Security
Embedded Network Security Requirements
Training/Education
Shift from safety to safety, security and resiliency

Design-in Cyber Requirements

Value Chain Visibility/Traceability
Lifecycle Cyber Management
Regulatory Shift to Risk Management

Institutionalize Incident Responses

Threat Response and Recovery
Public Private Information Sharing and Analysis
Forensics Analysis Capabilities
Copyright 2012 Boeing. All rights reserved.

Aviation Cybersecurity Framework

Strategy: Managing Risk
Risk = threat + vulnerabilities and resultant
consequences
Framework focuses on risk-informed
decision-making
Operational goal = mitigate the threat by
using prevent, detect and respond techniques

Physical
Cyber
Human

Set Goals
And
Objectives

Identify
Assets,
Systems,
And
Networks

Assess
Risks
(Consequences,

Prioritize

Implement
programs

Measure
Effectiveness

Vulnerabilities,
And Threats)

Feedback
Loop

Continuous Improvement to enhance protection

Copyright 2012 Boeing. All rights reserved.

What is an ISAC?
Critical Infrastructure Protection
Information Sharing & Analysis Centers (ISACs)
Operational concept for sharing information within private sector
Established by PPD-63 (1998), HSPD-7 (2003), PPD-21 (2013)
DHS National Infrastructure Protection Plan (NIPP)

Protection of Critical Infrastructure / Key Resources

16 CIKR sectors defined by PPD-21

Elevates security and resilience across mission
Integrates cyber-physical-resilience risk management
Affirms need for international collaboration

Unique information sharing capabilities

Member-to-member sharing
Company proprietary / PII / SSI
Global multi-national companies / foreign OEMs
USG classified / LE / Foreign Gov

ISACs sit at the nexus of public-private information sharing

Copyright 2013 Boeing. All rights reserved.

17

Design of the Aviation ISAC

Collaboration across the sector
Shared Situational Awareness & Collaboration
Trusted information sharing with aviation peers
Access to U.S. Government & CI partners
Access knowledgeable minds in cybersecurity
Knowledge, information, resources, analysis

Shared Learning & Risk Mitigation

Threats, vulnerabilities, trends & technologies
Get help & details about a specific attack
Build mitigation strategies
Understand what the USG / others are doing
Protect and secure the business - Build Resiliency

To reduce the risks and costs associated with disruption to

aviation operations due to cyber & physical security events

18

A-ISAC: Overview
Overview & Value Proposition

The A-ISACs purpose is to reduce the risks and costs

associated with disruption to aviation operations
due to security events
Goal
Needs

Offering

What
we
dont do

Share timely, relevant and actionable

information and analysis of threats
vulnerabilities and incidents

Government intelligence and industry

shared intelligence
Timely and actionable threat
information

Mitigation of business risks

Maintaining public trust
Comprehensive, across the sector
Provision of Indications and Warning
Preparedness, response, and recovery
planning
Strategic coordination with USG
Law enforcement activities
Security infrastructure design
Lobbying

Common view of threats

Fusion and analysis of threat-based,
aviation-specific info

Benefits

Sharing of security & resiliency best

practices
Focused Intelligence Information/
Briefings
Member-to-member sharing, with nonattribution and anonymity
Distributed information gathering costs
Risk mitigation for aviation sector
19

A-ISAC: Overview
Collaboration Framework: Working together across private and public sectors

Private Sector Members

Airlines
Aircraft Manufacturers
Air Cargo
Airports
Aviation Suppliers
Service Providers
General Aviation
MROs FBOs
Industry Associations

Government Partners
Department of Homeland Security
Transportation Security
Administration
Dept of Transportation/Federal
Aviation Administration
Federal Bureau of Investigation
Office of Director of National
Intelligence
Intelligence Community
Department of Defense

20

Value Proposition for Public-Private

Partnership

21

Cooperative Research and Development

Agreement (CRADA)
The CRADA is the main governance vehicle permitting information
sharing in Cyber Information Sharing and Collaboration Program
(CISCP)
The CRADA enables DHS and A-ISAC to:
Engage in data flow and analytical collaboration associated with
cybersecurity.
Align differing but related missions, business interests, strengths, and
capabilities.
Identify and develop mitigations for emerging cybersecurity risks.
Enhancing the protection of critical infrastructure and government networks
and systems that are vital to National security and the Nations economy.

CRADA has appendices with statements of work

CRADA Appendix A: Cybersecurity data flow and analytical collaboration.
CRADA Appendix B: Analyst National Cybersecurity and Communications
Integration Center access/presence.
22

President Obama &

Secretary Johnson
NCCIC Visit January 13, 2015

Aviation ISAC Proprietary. All rights reserved.

A-ISAC: Overview
Operational Model: Shared Situational Analysis
A-ISAC information sharing relationships provide voluntarily
timely, anonymized, and actionable intelligence
Government
& Partner

Industry

Analysis

A-ISAC
Aviation
Industry
Analysis

Information
Dissemination

A-ISAC Members

24

Government & Partners

Open Source
Analysis

A-ISAC Snapshot
Progress To-date

Aviation ISAC Established September 10, 2014

Non-profit organization
7 Founding Members - Major Air Carriers, Aviation
Suppliers, Aviation Manufacturers

Current Members: 17 (Includes International Partners)

FS-ISAC / MS-ISAC are our mentors, NCIs
A-ISAC Community Outreach & Meetings

Includes Daily Aviation Memos (DAMs)

Private and Public Sector Sharing Current Events

Promotes education and awareness

Website A-ISAC.COM and Secure SharePoint

Analysts Working Together
Bi-weekly calls
Quarterly in person workshops
Two analysts (20-40%) of time
Copyright 2014 Boeing. All rights reserved.

Unprecedented Collaboration and

Sharing
25

A-ISAC Structure & Governance

A-ISAC Governance Structure

Board of Directors (7)
Chair: John Craig
Vice Chair: Craig Maccubbin
Secretary

Treasurer

Candice Burke

Candice Burke - TBD

Executive Director
Faye Francy
Operations Manager
Terrance Kirk

DHS NCCIC Liaison

Phillip Potts

Intel and Analysis

Douglas Blough
Roger Alvillar

Business Operations
Nick Smith-Simmons
Paul Hart

Membership &
Communications

Bookkeeping / Admin

Lori Pierelli

Julie Kirk
Approved 12/15/15

Biz Plan
100%

Marketing

Legal

Operations

Finance

Marketing
Plan
75%

Certificate of
Incorporation
100%

CONOPS
100%

Financial
Plan
75%

Tri-Fold &
Slicker
100%

By-Laws
100%

Op. Rules
100%

Budget
95%

Subscriber
Agreement
100%

Op. Rhythm
100%

FAQ
100%

Exec Deck
100%

MS-ISAC
Agreement
100%

IRP
80%

A-ISAC Article
100%

ADIAC MOU
25% On HOLD

I-SOP
50%

DHS CRADA
100%

Training
Package 80%

Audit Plan
50%

Human
Resources

Admin

HR Plan
75%

Welcome
Package
90%

Insurance
100%

Member
Guidelines
90%

Policies
90%

Committee
Charters
100%

Anti-Trust
Business Courtesies
COI
COC
Credit Card
Financial
Laptop
Overtime
Record Retention
Travel
Whistleblower

A-ISAC: Membership
Program Benefits
Program / Benefit

Description

Alerting / Crisis
Notifications

Urgent notifications of impending threats to aviation or indications of emerging crises via voice,
SMS text, twitter, e-mail, and across information sharing platform.

Real-time Sharing of
Aviation Intelligence
& Threat Data

Real-time posting of relevant open source reporting, incoming threat data, and Indication &
Warning (I&W) derived from member submissions and Government reporting.

Weekly Intelligence
Summaries (INTSUM)

A weekly intelligence report which consolidates current threat intelligence, indicators, and analytic
reports from various intelligence organizations.

Special Intelligence
Reports

Finished intelligence reports on topics of interest to A-ISAC Membership and Aviation Sector.

Analytic Exchanges /
Liaisons

Analyst exchanges with other ISACs, private sector, vendors and government.

Threat Conference
Calls

Telephonic analyst exchanges featuring voluntary, contributory content and analysis from member
firms as well as special presentations from outside experts.

Response & Recovery

Coordination

During or subsequent to incident or event, A-ISAC will coordinate development and dissemination
of actionable mitigation measures.
29

A-ISAC: Membership
Program Benefits 2
Program / Benefit

Description

Regional Workshops

Establish a series of regional information sharing workshops providing the opportunity to present
and interact in a smaller more focused, regional setting.

Member Contact
Directory

Contact information for A-ISAC member institutions will be shared with members of A-ISAC
providing approval by member is given before dissemination of information.

Regular Roundtable dialog on specific security topics related to aviation, to include trending,
Roundtables / Table Top
mitigation techniques, and best practices. Table Top Exercises will be conducted to evaluate the
Exercises
capability and maturity of the A-ISAC and its membership.
A-ISAC Special
Committees

A-ISAC will convene specialty committees that support the maturation of our program and benefits.
Committees include: Marketing, Membership and Communication; Portal; Legal / Policy; Education;
Best Practices; & Global Engagement.

Member Surveys

A-ISAC will use member surveys to ensure our program and benefits are meeting the needs of the
aviation community.

Annual Summit Event

Forum for A-ISAC members to share and collaborate on critical aviation specific security threats,
industry best practices, and access to top information security executives and vendors in the
aviation sector.

Security Awareness
Training

Tailored to meet our member needs by enhancing the ability of the aviation security sector to
prepare for and response to threats

Aviation Framework for

Develop and mature a meaningful aviation framework for threat information sharing and resiliency.
Resiliency
Aviation ISAC Proprietary. All rights reserved.

30

A-ISAC: Products
Example Products

The following are 2 examples of Traffic Light Protocol (TLP)

products delivered to A-ISAC members
Daily Aviation Memo TLP White

The Daily Aviation Memo is

captures aviation-related cyber
and physical articles based on
community interest.

Alert: TLP Green/Amber/Red

A-ISAC alerts, categorized by

Traffic Light Protocols, are
delivered as necessary on
pertinent aviation sector threats.
31

Committee Information
The Trajectory Safe, Secure, Efficient and Resilient
Global Air Transportation System

Member led with BoD

approved Charter
Month meetings / minutes
Aligns with ED duties
Working Group (need SoW)

1.

Portal Committee - Threat

Intelligence Committee (TIC)

2.

Membership & Communications

Committee (M&C)

3.

Legal Committee

4.

Education & Awareness Committee

5.

Best Practices/ Processes

Committee

6.

IT & Technology

7.

Audit / Finance / Nominating (3 BoD only)

Analysts Working Group

Working Together Across the Aviation System

For A Resilient Global Aviation Transportation System
Aviation ISAC Proprietary. All rights reserved.

National Council of ISACs (NCI)

Collaboration across the sector

Volunteer Group of ISACs

Started in 2003 to address common concerns
Cross-sector interdependencies
Meet monthly virtually / Quarterly F2F

Structure

www.nationalcouncilofisacs.org

Designated representatives 20 ISACs

Share Intel, Exercise, Best Practices
Engage with Government & Partners
Leadership
Chair: Denise Anderson (FS-ISAC)
Vice-Chair: Fred Hintermister (E-ISAC)
Secretary: Josh Poster (ST-ISAC)

Collaboration Across the Communities

33

Aviations Trajectory
The Path Forward

Focused, actionable intelligence

Trusted environment for anonymized
information sharing and collaboration
Shared situational awareness
Global engagement
Greater responsiveness and resilience
Reduced business risk
Working Together Across the Aviation System
For A Resilient Global Aviation Transportation System
34

Richard Clarks Top 10*

1.
2.
3.
4.

Dont be in denial
Dont underestimate the problem
Dont be hostile to the government
Dont make it an issue buried in the
bureaucracy, not just a CIO issue
5. Organize, ISACs, sponsor R&D work
6. Think holistically
7. Dont attempt to defend the entire
network
8. Identify the crown jewels
9. Look at worse case scenarios
10. Have an industry strategy
*Richard A. Clarke TOP 10 LIST
Chairman and CEO, Good Harbor Risk Management, LLC, AIAA Conference, Aug
2013

Thank you!

36

Key Contacts
John Craig, Chairman
john.craig@boeing.com
425-266-6486
Candice Burke, Secretary-Treasurer
cburke@a-isac.com
425-238-1164
Faye Francy, Executive Director
ffrancy@a-isac.com
703-861-5417
Terrance Kirk, Operations Manager
tkirk@a-isac.com
301-346-0715
Lori Pierelli, Membership and Communications Manager
lpierelli@a-isac.com
(443) 226-8093
Douglas Blough, Senior Analyst
dblough@a-isac.com
609-775-8355

Working Together Across the Aviation System

For A Resilient Global Aviation Transportation System
37

A-ISAC Info Sharing Relationships

Timely, Actionable Intelligence, Anonymized
A-ISAC Members

Govt&&All
All Other
Gov
Other

17 Members

General Airlines
Incident reporting
Aviation
Air Cargo
Tips / field reports
Service
Airports
Providers
Suppliers
Manufacturers
MROs- FBOs Industry
Associations

Urgent

alerts & indicators

Intelligence reports
Best practices
Mitigation strategies

Aviation ISAC Proprietary. All rights reserved.

TLP

Other
Industries
& Sectors
Other Info
Sharing
Orgs - NCI

NCCIC
ADIAC
Other Govt

A-ISAC
Anonymized

Open
Sources

Intelligence
Incident reporting
Trends & analysis

VOLUNTARY
TLP

Anonymized

Aviation

expertise
Indicators
Analyzes, aggregates, fuses information Incident reports
Mitigation actions
Filters & selects for Aviation relevance
Protects member info & attribution (TLP)
Creates alerts & analysis for members
38
Coordinates response & recovery
January 2015
Interfaces with Gov / other sectors

Traffic Light Protocol

When should it be used?
Sources may use TLP: RED when
information cannot be effectively acted
upon by additional parties, and could
lead to impacts on a partys privacy,

TLP Color

RED

How may it be shared?

Recipients may not share TLP: RED
information with any parties outside of the
specific exchange, meeting or
conversation in which it is originally

reputation, or operations if misused.

disclosed.

Sources may use TLP: AMBER when

information requires support to be
effectively acted upon, but carries risks
to privacy, reputation, or operations if
shared outside of the organizations

Recipients may only share TLP: AMBER

information with members of their own
organization, and only as widely as

AMBER

necessary to act on that information.

involved.
Sources may use TLP: GREEN when
information is useful for the awareness
of all participating organizations as well
as with peers within the broader

GREEN

Recipients may share TLP: GREEN

information with peers and partner
organizations within their sector or
community, but not via publicly accessible

community or sector.

channels.

Sources may use TLP: WHITE when

information carries minimal or no risk of
misuse, in accordance with applicable

TLP: WHITE information may be

distributed without restriction, subject to

rules and procedures for public release

WHITE

copyright controls