SECURITY SITUATION MANAGEMENT - DEVELOPING A CONCEPT OF OPERATIONS AND THREAT PREDICTION CAPABILITY

This paper addresses a collaborative security situation management capability for air navigation. In particular, we formulate the development of a threat prediction capability as a situation management problem mapping the concepts of situation awareness and information fusion. Air transportation and air navigation is undergoing a fundamental transformation. This also requires novel approaches to system security and the management of security incidents across a network of actors. The Global ATM Security Management project addresses this problem space. The work reported in this paper, conceptualizes a security function that supports the management of security incidents on a local, national, and regional level supporting the collaborative effort of classical air traffic management stakeholders and security stakeholders. The security function is based on a network of distributed nodes and capabilities. One such a capability is the threat prediction model. This component is based on a representation of the (sub-) system context as a network of supporting assets, event detection sensors, and associated security controls. Based on the description of the (sub-) system context as a sequence of situations, the threat prediction capability addresses the identification of a security incident and its potential impact as an optimization problem. This paper reflects the work of the first year of the project. In particular, it demonstrates the general feasibility of the approach and the further modelling and preparatory work for further validation activities.