Overview

Cybersecurity is becoming a major issue for the mission of DSNA. DSNA must add a global, coordinated and coherent response to the evolution of the threat, modernisation of IT systems and the new legal environment (European NIS directive on security of network and information systems (EU/2016/1148) and its transposition into the French legal system through a law on cybersecurity, designated as CIIP, an acronym for Critical Information Infrastructures Protection).

The main objective of this IP is to provide to DSNA, in the SWIM scope, the means to control, protect, prepare and respond to a threat that is constantly evolving.
DSNA AF5 context:
Through the awarded IP 2016_141_AF5 “Deploy SWIM governance” IP (Action 2016-EU-TM-0117-M), DSNA has started to address the Common SWIM Infrastructure components. DSNA is furthermore contributing to the multi-stakeholders IP "2017_084_AF5 SWIM Common PKI and policies & procedures for establishing a Trust framework", whose purpose is to build the future European cyber-security and PKI framework (addressing Family "5.1.4 Common SWIM PKI and cyber security"). Moreover, family 5.2.2 "Stakeholders SWIM Infrastructures Components" is addressed by IP "2017_035_AF5 Deploying SWIM infrastructure at DSNA" to deploy a SWIM Yellow Profile Infrastructure at DSNA. In addition, IP "2017_039_AF5 SEPIA - Deploying SWIM based AIM services related to French Airspace" aims at implementing a first set of Aeronautical Exchanges services (related to Family 5.3.1) enabling a first operational use of the DSNA SWIM infrastructure.
This Implementing Project relates to family "5.2.3 Stakeholders SWIM PKI and cyber security". It is named SI CYBER (an acronym for “Système d’Information pour la CYBERsécurité”) and its purpose is to deploy SWIM PKI and cyber security means at DSNA.
The SI CYBER project started in the mid of 2017. The first step consisted in a cost benefit analysis. In September 2017, a global roadmap and a Work break down structure (WBS) were defined. The main objective of the SI CYBER project is to offer cybersecurity services for primary assets such as ATM services and SWIM services. The senior manager within DSNA responsible for the SI CYBER project is DSNA Chief Security Officer.
Cyber security tools will be deployed in the following 22 sites:

• All ACCs: Paris, Reims, Brest, Bordeaux and Marseille;

• The central system unit (CESNAC in Bordeaux), the AIM unit (SIA in Bordeaux), the technical branch (DTI in Toulouse);

• APP/TWR: Bordeaux, Marseille, Montpellier, Strasbourg, Orly, CDG, Clermont, Nice, Toulouse, Nantes, Bale-Mulhouse, Montpellier, Lyon, Lille.
  Costs before the start date of the Action (5/04/2018) are not eligible.

Specific objectives:
This IP specifically aims to :

• Ensure the traceability of access to IT systems, by implementing identity and access management through a PKI infrastructure,

• Detect security incidents or attempted attacks,

• Analyse and process cybersecurity incidents,

• Build a Cartography of DSNA's IT systems,

• Define cybersecurity policy in coherence with NIS directive, CIIP law and SWIM profiles

• Define and design tools, systems and infrastructure to cover global objectives

• Deploy and implement these solutions on DSNA sites

• Define the organisation linked to the operation, maintenance and monitoring of these tools and infrastructure

The SI CYBER roadmap is as follows :

• Sequence #1 Design cybersecurity tool, infrastructure and services, including local PKI, to cover global objectives with an end date 12/2018

• Sequence #2 Deployment of initial cybersecurity tool, infrastructure and services, including local PKI, on 3 pilot sites with an end date 06/2020

• Sequence #3 Nationwide deployment of cybersecurity tool, infrastructure and services including PKI, on 19 sites with an end date 12/2022

• Sequence #4 Update cybersecurity policies with an end date 12/2023

Expected Results:

• a set of cybersecurity services is available (access management based on local PKI solution, monitoring and administration for the access management, certification of local PKI infrastructure);

• SWIM services are totally under control for cybersecurity making use of national PKI infrastructure and relying upon national governance;

• SWIM services are fully compliant with cybersecurity policy, NIS directive and CIIP law;

• Cybersecurity becomes a major asset in operational systems for DSNA.

Performance Benefits:
This IP enables DSNA to enhance the level of security of its SWIM services architecture, thus preventing DSNA ATS services from unwanted disruptions due to cyber-attacks. It participates to keeping the capacity and safety performance at their best, while preventing DSNA customers to suffer from the economic consequences of service disruption.
Due to the SI CYBER project, security incidents will be detected and analysed well ahead of an operational impact. In case of acknowledged cyber-attack, the counter measures will be activated quicker (minutes instead of hours) and better suited to the context.
Furthermore, the centralized administration of the incident detection tools will alleviate the tasks of the local personnel in charge of supervising the systems on each site.