[内容简介]

Filling a critical gap in aviation engineering literature, this unique and timely resource provides a thorough introduction to aviation systems security. This book enables professionals to understand the challenges the industry faces and how they are being addressed. This book is an excellent source of information for researchers, students, and security professionals, helping them to understand the structure and limitations of modern aviation security. This authoritative book offers readers:

A broad analysis of current aviation security legislation/regulation and standards, including ICAO Annex 17, ARINC 811, the ED-200 series, and the draft SC-216;

An appreciation for the diverse collection of security stakeholders within the aviation industry;

Detailed coverage of new methods used to design security controls that not only meet the individual interests of a stakeholder, but also work towards the holistic securing of the entire industry;

Discussions on new areas of aviation security research and more effective approaches;

Techniques for solving today's most challenging problems, such as security attack identification and response.

[目录]

Preface xv

Forewords xix

I Security and Aviation 1

Chapter 1 Aviation Security Engineering 3

1.1 Introduction 3

1.2 What is Security? 4

1.2.1 Security as a State 5

1.2.2 Security as a Process 5

1.2.3 Security as a Trade-Off 6

1.2.4 Security Risk Based Approach and Utility Theory 7

1.2.5 Summary 9

1.3 Aviation-Aviation Security 9

1.3.1 Aviation-A Complex Supply Chain 9

1.3.2 Aviation Security 11

1.4 An Emerging Discipline 13

1.4.1 Aviation Security Engineering-An Emerging Discipline 13

1.4.2 Paradigm Changes 13

1.4.3 Overt Approach 14

1.4.4 "Fighting-The-Last-War" Phenomenon 16

1.5 Conclusions 17

Questions 19

References 20

Chapter 2 Security: An Introduction and Tutorial 21

2.1 Introduction 21

2.1.1 An Example 22

2.2 What is Security? 23

2.3 Terminology 24

2.3.1 Asset-Centric Versus Attacker-Centric 25

2.3.2 Fundamental Concepts and Definitions 26

2.4 Security Risk Management 28

2.4.1 Risk Management Cycle 29

2.4.2 Residual Risk and Risk Appetite 31

2.4.3 Undertaking Security Risk Management 31

2.5 Controls and Control Philosophies 33

2.5.1 Incident Response Cycle 35

2.6 Security Meets Reality-Trust 36

2.7 Aviation Security 37

2.7.1 Annex 17 37

2.7.2 The Evolving Nature of Aviation Security 38

2.7.3 Aviation Information Assets 39

2.7.4 Who Is In Charge of Aviation Security? 40

2.8 Holistic Security Approach 43

2.9 Relevant Standards 44

2.9.1 ICAO Annex 17 45

2.9.2 ARINC Report 811 45

2.9.3 ED-200 46

2.9.4 SC-216 46

2.9.5 NIST SP-800 and ISO 27000 Series 47

2.10 Conclusions 47

Questions 49

References 50

Chapter 3 Aviation as a System: Air Transportation System 51

3.1 Introduction 51

3.2 Aviation Terminology 52

3.3 High-Level View on Air Transportation 54

3.3.1 Transportation Systems 54

3.3.2 Air Transportation-Multiple Stakeholders and Multiple Objectives 56

3.3.3 Growth and Challenges 56

3.4 Air Transportation System Model 59

3.4.1 System and Systems Theory 59

3.4.2 System Terminology 60

3.4.3 System Model 63

3.5 System-of-Systems-Air Transportation Subsystems 64

3.5.1 Airport Subsystem 68

3.5.2 Aircraft Subsystem-Airspace User Operations 68

3.5.3 Air Traffic Management/Communication, Navigation, and Surveillance Subsystem 75

3.5.4 Airspace/Network Subsystem 78

3.6 Performance Framework-Security Performance 81

3.7 Conclusions 84

Questions 85

References 86

II Where We Stand Today 87

Chapter 4 Traditional Approach to Aviation Security 91

4.1 Introduction 91

4.2 Understanding Today-By Looking Back 92

4.2.1 Historic Overview of Aviation Security 92

4.2.2 Attack Methods and Threat Conditions 93

4.3 Where Are We Today-Responses to Defining Moments 98

4.3.1 Incremental Change 98

4.3.2 International Coordination 99

4.3.3 Reactive Nature 103

4.4 Today's Paradigm-Layered Approach-Focus on Prevention 104

4.4.1 Layered Security 104

4.4.2 Example Approach 106

4.4.3 Today's Approach and Focus 108

4.4.4 A Growing Concern-Air Cargo 110

4.4.5 Summary 111

4.5 Lessons Learned From 9/11-Paradigm Shift-Prevention Can Fail 112

4.6 Emerging Concerns 113

4.6.1 Attacks Against Airports 113

4.6.2 Attacks Against CNS Infrastructures 114

4.6.3 The Next Challenge-Cyber Security 115

4.7 Conclusions 116

Questions 118

References 119

Chapter 5 Aviation Regulations and Standards 121

5.1 Introduction 121

5.2 Aviation and Regulation 123

5.2.1 Total Aviation System 123

5.2.2 Principles of Administrative Law-Laws and Regulation 125

5.2.3 Summary of Principles of Aviation Regulation 126

5.3 International Air Law and National Regulation 126

5.3.1 Chicago Convention-Source of International Air Law 126

5.3.2 Principles of Air Law 128

5.3.3 National Regulation 130

5.3.4 Summary 130

5.4 Interface Between Regulation and Industry Standards 131

5.4.1 Hard Law and Soft Law 131

5.4.2 Industry Standards 133

5.4.3 System Engineering Approach to Certification and Operation 136

5.5 Notable Rules and Actors 138

5.5.1 International Level-ICAO-SARPs 139

5.5.2 Regional Level-European Union 141

5.5.3 Regional/National Level-United States of America 145

5.5.4 Standards Level-Use Case 146

5.6 New Challenges-Industry Standards 149

5.6.1 Aviation Undergoing a Transformation 149

5.6.2 Industry Responses to Emerging Security Needs 151

5.7 Conclusions 155

Questions 157

References 158

Chapter 6 Implementing Security Controls 159

6.1 Introduction 159

6.2 Implementing Security Versus Safety 161

6.3 Security Certification 163

6.4 A Lifecycle Approach to Security 166

6.5 Effective Incident Response 169

6.6 Groundworthiness 172

6.7 Formalized Trust Models 173

6.8 Security Automation 175

6.9 Conclusions 177

Questions 179

References 180

III Moving Forward 181

Chapter 7 Reaction to Threats: Time-Critical Decision-Making and Natural Decision-Making 185

7.1 Introduction 185

7.2 Decision-Making-TCDM Versus DM 186

7.3 NDM and RPD-Solving Known Problems 190

7.4 Issues and Limitations 193

7.5 Operational Issues 196

7.6 Solution in an Aeronautical Environment 201

7.7 Summary and Conclusions 205

Questions 207

References 208

Chapter 8 Aircraft Security 209

8.1 Introduction 209

8.2 The Problem of Aircraft Security 210

8.3 Ground Attacks 212

8.4 The Use of Imagery 213

8.5 Preventing Attacks by Crew 218

8.6 Preventing Passenger Attacks 225

8.7 Conclusions 230

Questions 232

References 233

Chapter 9 Airport Security 235

9.1 Introduction 235

9.2 Current Concerns 237

9.3 Current Approaches 240

9.4 Solutions 241

9.4.1 Overview 241

9.4.2 Landside-Terminal Security 243

9.4.3 Behavior Assessment 245

9.4.4 Profiles 247

9.4.5 Screening 250

9.5 Airside-Supply Chain Considerations 252

9.6 Airside Operations Considerations 253

9.7 Conclusions 255

Questions 257

References 258

Chapter 10 Communication, Navigation, and Surveillance System 259

10.1 Introduction 259

10.2 Communication, Navigation, and Surveillance Subsystems 262

10.2.1 Navigation 262

10.2.2 Surveillance 263

10.2.3 Communication 265

10.2.4 Aeronautical Telecommunication Network 267

10.3 Future of CNS 268

10.3.1 SESAR/NextGen-SWIM System-Wide Information Management 271

10.3.2 Summary 273

10.4 Attack Spaces 274

10.4.1 Physical Attacks 275

10.4.2 Electromagnetic Attacks 279

10.4.3 Data-Level Attacks 279

10.5 The CNS System in Response to an Attack 287

10.5.1 SWIM Integration 289

10.5.2 Transponder Utilization 290

10.5.3 Research Projects 291

10.6 Conclusions 292

Questions 294

References 295

Chapter 11 Airspace Security 297

11.1 Introduction 297

11.2 State Authority-Homeland Security and National Defense 298

11.2.1 Sovereignty-Aviation Security 298

11.2.2 Homeland Security and National Defense 299

11.2.3 Summary 300

11.3 Problem-Securing the Airspace 300

11.4 Interception 301

11.5 Ground Interventions 303

11.6 Recent Research 305

11.7 Conclusions 306

Questions 307

References 308

Chapter 12 Conclusions: Holistic Approach to Aviation Security 309

12.1 Introduction 309

12.2 Stepping Stones 310

12.2.1 Part I-Security and Aviation 310

12.2.2 Part II-Where We Stand Today 311

12.2.3 Part III-Moving Forward 312

12.3 Aviation Security Engineering 313

12.3.1 Paradigm Shift-Holistic Approach 314

12.3.2 Engineering Practical Solutions 315

12.4 Final Words-Are We Going in the Right Direction? 318

About the Authors 321

Index 323