ENGINEERING
and TECHNOLOGY RESEARCH

The aim of this manuscript is to present the status of cyber security challenges in the surveillance data processing system “ARTAS†. The cyber security is a rising concern of the current ATC systems. Moreover, it is mandated by European Union law as well as the national law. Therefore, EUROCONTROL as the supplier of the ARTAS application had conducted a comprehensive security assessment. The goal was to identify security vulnerabilities of the systems. For this purpose, EUROCONTROL’s security experts carried out the “grey-box†type of penetration testing. Numerous weaknesses found exists because of the development and design decisions taken in early 90's, when ARTAS system was created. Presently, all weakness are mitigated by the means that ARTAS systems shall be operated in isolated and restricted environment. Considering the continuing advanced persistent threads this is not sufficient anymore and the next version of ARTAS system is addressing the most critical issues.

cyber security, surveillance, ARTAS, tracker, ASTERIX