Security Management for Contingency
Security Management for Contingency
Security management is essential to meet primary requirements both under normal and contingency operations. The need to use fallback facilities or to call on letters of agreement make it imperative that service providers consider the achieved level of security during all phases of the contingency lifecycle. Air Traffic Management (ATM) Security covers 2 major areas:
- Self-protection of the ATM system against threats aiming at the ATM system and its facilities (including network, personnel and information/data).
- Collaborative security support to relevant civil and military authorities responsible for countering aviation security incidents, crisis and emergency situations.
Security management will:
- Assess sources and classes of risks and the management of these risks in the identified business process (e.g. safety, contingency, security, etc.).
- Identify links and interdependencies ensuring that the chosen measures are consistent and do not interfere/negatively impact other measures ('systemwide consistency).
- Ensure a stringent lessons learnt regime is in place as part of the post-event analysis.
General Security levels should not be compromised under emergency, degraded modes of operations, service continuity or any other abnormal situations. That means the reference level of Security should be the level when working under normal operations. Regulation (EU) No 373/2017 sets requirement on security of facilities, personal and operational data. This requires air navigation service providers (ANSPs) to implement a Security Management System (Sec MS). The development of contingency provision should be coordinated with the overall ATM security strategy for the organisation. The decision on how Contingency Planning and ATM Security are managed is a local (ANSP) decision. Nevertheless it is recommended that as a minimum the following principles should apply:
- Security issues should be considered during planning, procurement, deployment and maintenance of ATM systems including Contingency operations.
- Under degraded modes of operation (contingency) it is necessary to ensure that the loss of key system functionality has not invalidated any of the assumptions that secure normal operations.
- Contingency plans might also consider the additional constraints that particular threats might place upon service continuity operations following the loss of an air navigation services (ANS) facility. (E.g. terrorist attacks on ATM infrastructures may not only lead to the loss of those infrastructures, they can also introduce additional restrictions similar to those that were put in place in the weeks and months following the attacks on the United States during 2001).
Levels of security are achieved through a mix of measures/controls (i.e. security in depth, layered security). On this basis an equivalent level of security can be achieved by applying a different mix/set of measures. Accordingly, the same level of Security does not necessarily imply the same controls. Contingency planning and measures should be included as a vital element of local Security Management Systems (SecMS).
Self-protection of the ATM system against threats aiming at the ATM system and its facilities (including network, personnel and information/data). The initial objective of Self Protection is the availability and integrity of ATM services resulting in a safe, economic, efficient and orderly flow of air traffic.
Collaborative security support is relevant to civil and military authorities responsible for countering aviation security incidents, crisis and emergency situations. The objective of Collaborative Support is the availability of support services under the umbrella of airspace security/national defence and/or security requirements. In that context, the role of State authorities is prominent with a view to defining requirements in terms of minimum Security service levels during ATM contingency modes of operations (e.g. timing and restoration (recovery) of normal operations.). This may also include contingency measures aiming at an early restoration of the service levels making use of alternate (civil and/or military) facilities through relocation of key personnel or the transfer of operations to adjacent units.
Security Management: Security management can be based around the processes established in the EUROCONTROL ATM Security Risk Assessment Methodology (SecRAM). This focuses on traditional risk management principles with the aim of improving an organisation's resilience to identified hazards and threats.
- Policy on Contingency
- Operational Concept for Contingency
- Legal Aspects of Contingency
- Military Aspects of Contingency
- Safety Management for Contingency
- For further information on Contingency Planning see the EUROCONTROL, Guidelines for Contingency Planning for Air Navigation Services (including Service Continuity). In particular, there are extensive sections on security management on page 30, Section 3.3.2 (General Introduction), Chapter 8 page 60 (Security under Emergency and Degraded Modes) as well as page 64 (Security Assessment of Service Continuity) and page 164 (frequently asked questions).