SWIM deployment: aiming for cyber-resilience
Air traffic management is being modernised, and organisations are becoming increasingly interconnected and dependent on information communication technologies (ICT), so increasing their vulnerability to cyber-attacks.
System Wide Information Management (SWIM) is an important aspect of ATM modernisation, enabling the efficient, secure and reliable exchange of information between ATM stakeholders, based on interoperability standards, mainstream technologies and widely adopted best practices.
With the deployment of SWIM, organisations will need to address cybersecurity, which requires addressing a wide range of system security aspects. In order to facilitate the overall understanding of how to address cybersecurity in SWIM, EUROCONTROL has just released a brochure with a set of practical guidelines for secure SWIM implementation.
The brochure makes reference to existing standards and best practices, giving SWIM implementers an overview of the most important security aspects to consider. It is intended for use as guidance for self-assessment only: it is not a means of compliance or a substitute for an exhaustive security methodology.
It covers various areas, such as:
- service risk assessment,
- service development,
- service access management,
- service level agreements,
- information classification,
- ICT system protection,
- data protection,
- authentication issues,
- operational management.
The SWIM cybersecurity brochure is available below: