2013 International Conference on Availability, Reliability and Security (2013)
Regensburg, Germany Germany
Sept. 2, 2013 to Sept. 6, 2013
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2013.108
The SESAR ATM Security Risk Assessment Methodology (SecRAM) aims at providing a methodology to be applied by the SESAR Operational Focus Areas (OFAs). To give effectiveness to the evaluation of SecRAM, Air Traffic Management (ATM) operative scenarios are greatly required. In this paper we leverage a Cloud-based approach to build up a virtualized replica of a real Air Control Centre (ACC) in order to realize a vulnerability analysis and to find some possible points of attacks. Then we applied the SecRAM methodology on our test-bed and we built a real threat scenario for which a risk treatment is properly designed.
risk mitigation, SESAR SecRAM, ATM testbed, Cloud Computing, quality assessment
A. Marotta, G. Carrozza, L. Battaglia, P. Montefusco and V. Manetti, "Applying the SecRAM Methodology in a CLOUD-Based ATM Environment," 2013 International Conference on Availability, Reliability and Security(ARES), Regensburg, Germany Germany, 2013, pp. 807-813.