Project results are expected to contribute to the following expected outcomes.
- Capacity. Project results are expected to demonstrate that capacity would not be affected by the development of new U-space services or the validation of operational and technical requirements. In addition, the development of indicators and metrics linked to U-space should help to demonstrate that there would be no negative impact on capacity.
- Cost-efficiency. Project results are expected to make a positive contribution to the cost-efficiency of the ATM system through, for example, the sharing of the same infrastructure among different ATM services, harmonised and rationalised refurbishment of legacy infrastructures, changes to route-charging and cost-recovery mechanisms.
- Operational efficiency. Project results are expected to demonstrate that the ATM workforce, such as ATCOs, ATSEPs and pilots, will maintain at least the same level of efficiency as currently, even when dealing with cyberattacks.
- Safety. Project results are expected to contribute to the improvement to the level of safety of both legacy and newly developed ATM services and systems, and to provide the necessary standardisation and regulatory framework.
- Security. Project results are expected to contribute to the improvement to the level of (cyber)security of both legacy and newly developed ATM services and systems, and to provide the necessary standardisation and regulatory framework.
The SESAR 3 JU has identified the following innovative research elements that could be used to achieve the expected outcomes. The list is not intended to be prescriptive; proposals for work on areas other than those listed below are welcome, provided they include adequate background and justification to ensure clear traceability with the R&I needs set out in the SRIA for the virtualisation and cybersecure data-sharing flagship.
- Safety versus cybersecurity. Safety and security are intricately intertwined. The research will identify use cases in which safety risk-mitigating measures and security risk-mitigating measures are in conflict and provide guidance on how to resolve such conflicts during the design phase. Examples may include time-consuming processes for systems certification (safety) versus fast processes for patch management (security), and open data exchange for surveillance, such as traffic collision avoidance systems and ADS-B (increased awareness), versus encrypted data exchange for surveillance (protection of data against abuse) (R&I need: future data-sharing service delivery model).
- New virtualisation business model. Virtualisation (i.e. decoupling the provision of ATM data services from ATSs) is expected to enable a better offer of airspace capacity through collaboration between the NM and ATSUs. New and/or different business models could be identified and investigated, along with the possibility of having emerging new ATM players, which would foster competition in the sector. Examples of questions to be addressed in this element are ‘How will virtualisation impact the way ANSPs make implementation choices?’ and ‘How will the new ATM services be provided?’ (R&I need: scalability and resilience).
- Improved platform interoperability. This research is about how to improve the sharing and exchange of ATM data via interoperable platforms to improve existing and new ATM services and processes, using both existing data exchange concepts (e.g. SWIM) and new ones. The research should consider the associated cyber-resilience aspects (R&I need: free flow of data among trusted users across borders).
- Regulatory frameworks for future ATM services. This element will assess the need for new/updated legal and regulatory frameworks for the provision of ATM services in a service-oriented architecture environment. More specifically, operating expense and lower capital expense requirements should be addressed (R&I need: regulations and standards).
- Evolution of route-charging and cost-recovery mechanisms. This element investigates how route-charging and cost-recovery mechanisms should evolve in order to move towards a service-oriented provision scheme that is supplier independent (R&I need: regulations and standards).
- Efficient application of standards. This element covers the need for the efficient application of regulations, standards, procedures and guidelines addressing safety, privacy and cyber-resilience risks, which is a key element to protect ATM information and information systems. Therefore, it is necessary to further develop cyber-resilience regulations, standards, procedures and guidelines, which should be based on ones from other domains (e.g. blockchain) (R&I need: regulations and standards).
- ML and cybersecurity. This research is aimed at investigating, from a cybersecurity perspective, issues relating to ML techniques for ATM applications, in particular what the risks are, how to perform a risk assessment and what mitigating measures could be effective (R&I need: cyber-resilience).
- Beyond state-of-the-art cybersecurity standards and methods. This element covers the development of advanced cybersecurity methods (science, technologies and processes), going beyond the state of the art and looking beyond the horizon to prepare the next generation of cybersecurity standards for aviation. The results should cover the training process for ATCOs, ATSEPs and pilots dealing with continually changing cyberthreats (R&I need: cyber-resilience).
13 October 2022
For further information: Funding & tenders