The Department for Transport (DfT) works closely with the UK CAA, international partners (including the Federal Aviation Administration and European Aviation Safety Agency(EASA)) and industry experts to assess the risk to civil aviation from a range of security threats, including cyber-attacks.
The growing complexity, connectivity and interdependence of aviation systems means that cyber security is increasingly becoming a factor in the design and operation of aircraft and air traffic control systems. As with all potential security risks, we keep this situation under regular review to ensure we and industry understand the nature and size of the problem and can put in place appropriate security measures and practices.
The CAA monitors in service reports on safety issues, including cyber threats, and works closely with DfT and EASA to determine the appropriate responses and actions. The CAA, in conjunction with other authorities, also monitors the design of aircraft and aircraft systems for robustness against cyber threats and, where necessary, specific certification requirements related to cyber security are levied on aircraft designers and manufacturers.
DfT also participates in the National Cyber Security Programme, led by Cabinet Office, which includes a range of activities with industry aimed at improving the protection of critical infrastructure – including aviation. This work involves the Centre for the Protection of National Infrastructure (CPNI) and other relevant parts of government.