This Objective is dealing with the Stakeholders’ SWIM PKI and cybersecurity. It aims at implementing basic/generic public key infrastructure management at each civil or military stakeholder, in line with their own Security Management System approved by their National Supervisory Authority (NSA). The local implementation may differ depending on whether the stakeholders will become a CA (Certificate Authority) themselves or use the European Common Aviation PKI (EACP) to generate certificates.
The stakeholder’s local implementation includes two options (the options are also addressed in the description of the individual SLoAs):
• If the stakeholder decides to develop its own PKI:
o definition of local policies and procedures for authorising and mandating local organisation to do certificate management in compliance with EACP policies;
o implementation of audit programmes ensuring continuous compliance with common and local policies and standards;
o implementation of its own local PKI while benefiting from the interoperability with other PKIs by using the EACP solution;
o adaptation of systems (equipment and procedures) to use local certificates and EACP services.
• If the stakeholder decides to use the EACP solution
o Use of EACP policies and procedures for authorising and mandating local organisation to use EACP certificates and services;
o implementation of audit programmes ensuring continuous compliance with EACP policies and standards;
o adaptation of systems (equipment and procedures) to use EACP solution;
• Whatever the decision will be, the following activities must be operated:
o training of technical personnel;
o monitoring and control, e.g. establish a local or multi-stakeholders Security Operations Centre (or equivalent) to monitor and protect the IT systems against cyber-attacks.
Combining both options is a valid and acceptable approach (they are not exclusive) as:
• National regulation may impose to use a national PKI for critical infrastructure or operator of essential service or government-related organisations;
• Some stakeholders may already have a PKI that would have to be upgraded to be auditable and conform with EACP solution and they may wish to keep on using it;
• Some stakeholders may decide to implement a local PKI for internal or specific uses and use EACP for other purposes.
System requirements:
Stakeholders shall implement, on one hand a Public Key Infrastructure (PKI) and, on the other hand cyber-security monitoring and control means. To implement the PKI, stakeholders have two main options:
• To use the European Aviation Common PKI (EACP) solution. In such case, stakeholders must:
o define the local framework to use digital certificates (policies, procedures);
o implement audit programmes to ensure that their organisation and its policies & procedures are auditable and that consequently they can be trusted to use EACP certificates and thus by parties with whom information exchanges are secured using EACP digital certificates;
o adapt their systems to use the EACP solution (e.g. access to EACP certificate publication and validation services);
o train their staff to ensure that they have the required demonstrated level of competence to use EACP digital certificates and services.
• To deploy their own local PKI and to benefit from the EACP solution only to ensure the interoperability of their local PKI with other stakeholders. In such case, stakeholders must:
o define the local framework to deploy their local PKI (policies, procedures). If stakeholders want to benefit from the EACP interoperability and validation services, they will have to ensure that the policies and procedures of their local PKI is also compliant with EACP framework trust framework;
o implement audit programmes to ensure that their organisation and its policies & procedures are auditable and that consequently they can be trusted to benefit from EACP interoperability service and thus by parties with whom information exchanges are secured using EACP interoperability and validation services;
o adapt their systems to use their local PKI solution as well as EACP validation service;
o train their staff to ensure that they have the required demonstrated level of competence to use their local digital certificates and EACP interoperability and validation services.
Combining both options is a valid and acceptable approach (they are not exclusive) as:
o National Regulation may impose to use a national PKI for critical infrastructure or operator of essential service or government-related organisations;
o some stakeholders may already have a PKI that would have to be upgraded to be auditable and conform with EACP solution and they may wish to keep on using it;
o some stakeholders may decide to implement a local PKI for internal or specific uses and use EACP for other purposes.
NOTE: For a description of the EACP solution, see Family 5.1.1 of the Deployment Programme.
NOTE FOR MILITARY AUTHORITIES: It is the responsibility of each military authority to review this Objective IN ITS ENTIRETY and address each of the SLoAs that the military authority considers RELEVANT for itself. This has to be done on top and above of the review of "MIL" SLoAs which identify actions EXCLUSIVE to military authorities.
Timescales | From | By | Applicable to |
---|---|---|---|
Initial Operational Capability | 01-01-2021 | — | Applicability Area 1 + Applicability Area 2 |
Full Operational Capability / Target Date | — | 31-12-2025 | Applicability Area 1 + Applicability Area 2 |
Code | Title | IOC | FOC | Related Elements |
---|---|---|---|---|
IS-0901-A | SWIM for sharing G/G data, traffic flow management information and aeronautical information | 31-12-2023 | 31-12-2029 |
Code | Dates | |
---|---|---|
1999
99
2000
00
2001
01
2002
02
2003
03
2004
04
2005
05
2006
06
2007
07
2008
08
2009
09
2010
10
2011
11
2012
12
2013
13
2014
14
2015
15
2016
16
2017
17
2018
18
2019
19
2020
20
2021
21
2022
22
2023
23
2024
24
2025
25
|
||
|
||
INF10.2 | 20210101_20251231 | |
ASP01 |
16%
|
20210101_20251231 |
ASP02 |
6%
|
20210101_20251231 |
ASP03 |
6%
|
20210101_20251231 |
ASP04 |
10%
|
20210101_20251231 |
ASP05 |
6%
|
20210101_20251231 |
ASP06 |
15%
|
20210101_20251231 |
APO01 |
6%
|
20210101_20251231 |
APO02 |
8%
|
20210101_20251231 |
APO03 |
5%
|
20210101_20251231 |
APO04 |
4%
|
20210101_20251231 |
APO05 |
3%
|
20210101_20251231 |
APO06 |
7%
|
20210101_20251231 |
USE01 | 20210101_20251231 | |
USE02 | 20210101_20251231 | |
USE03 | 20210101_20251231 | |
USE04 | 20210101_20251231 | |
USE05 | 20210101_20251231 | |
USE06 | 20210101_20251231 | |
NM01 | 20210101_20251231 | |
NM02 | 20210101_20251231 | |
NM03 | 20210101_20251231 | |
NM04 | 20210101_20251231 | |
NM05 | 20210101_20251231 | |
NM06 | 20210101_20251231 | |
MET01 |
4%
|
20210101_20251231 |
MET02 |
4%
|
20210101_20251231 |
MET03 |
1%
|
20210101_20251231 |
MET04 |
0%
|
20210101_20251231 |
MET05 |
0%
|
20210101_20251231 |
MET06 |
1%
|
20210101_20251231 |
Title | Related SLoAs |
---|---|
SDM - Standardisation and Regulation support to CP1 deployment 2021, Deliverable D1.1.1 07/2021 https://www.sesardeploymentmanager.eu/publications/deployment-programme |
APO01, APO02, APO03, APO04, APO05, APO06, ASP01, ASP02, ASP03, ASP04, ASP05, ASP06, MET01, MET02, MET03, MET04, MET05, MET06, NM01, NM02, NM03, NM04, NM05, NM06, USE01, USE02, USE03, USE04, USE05, USE06 |