Modelling and analysing cascading effects of cyberattacks to ATM systems

Digitalisation offers many benefits to Air Traffic Management (ATM), such as increased safety and airspace capacity, fewer delays and reduced fuel consumption. Yet, with
technological innovations come challenges in managing new cyber security threats and risks. This paper presents an approach for modelling and analysing the effect of cascading effects of cyberattacks. The purpose is to allow security risk practitioners and system architects to better understand how cyber threats to their systems may impact other systems in the ATM ecosystem, and even in other sectors. The approach facilitates implementation of appropriate security measures and trust relationships in the ATM systems and underlying supply chains. The introduction of the Dependency Risk of Attack (DRoA) metric allows for a more nuanced assessment of risks, revealing that traditional risk management approaches may underestimate the true extent of vulnerabilities. The approach is demonstrated through an example in which cyber risk
dependencies in three different systems are modelled and analysed, and we discuss some of the challenges that must be overcome in practice. The next steps include empirical validation through exercises with ATM stakeholders