Aviation, Civil 5 MIN Read

Aviation Communications: Securing and Protecting Critical Infrastructure for the FAA

May 2nd, 2022

OUR INDUSTRIES

Learn more about GDIT's Aviation expertise.

A commercial airline pilot flies a plane at cruising speed between 500-600 miles per hour with hundreds of passengers on board. While preparing to land at an airport, safety risk significantly increases as speed is reduced, number of maneuvers increases, and there is less time to react. During this time, the communications link between the pilot and air traffic control on the ground is critical. The air traffic controller relies on real-time flight path data on screen to guide the pilot safely, and for those minutes, the safety of every person onboard and many more on the ground depends on this connection.

This communication between a pilot and air traffic controller is repeated many times for each flight, multiplied over the 45,000 flights per day in the skies domestically. The security of the connection between each plane and air traffic controllers, as well as the accuracy and security of the data used by the air traffic controller, are critical to ensuring flight safety.

The safety and security of the Nation’s airspace relies on the expertise of countless professionals and the performance of a network of systems. As a young network engineer, I learned and lived that safety culture and importance of test and design working at the FAA William J. Hughes Technical Center in New Jersey. For each of the domains of communications, navigation, surveillance and weather systems, the reliability of the telecommunications that interconnect those systems was, and continues to remain, mission critical.

Security-first design promotes safety and availability of communications

After nearly 25 years in technical, management, and executive roles in telecommunications and network services, I’ve thought a lot about the future of this critical communications role and the importance of security in this infrastructure.

There is no greater example of the threats that could impact the nation’s critical aviation infrastructure than 9/11. On that day, I was the federal program manager for the FAA’s Leased Interfacility National Airspace System Communications System. The attacks on the World Trade Center with the damage to the surrounding buildings severed commercial telecommunications, and yet that critical pilot-to-air-traffic-controller link remained intact due to designed-in network diversity.

With the FAA focusing on essential and integrated technology capabilities across its portfolio, we’re seeing even more commitment to securing our national communications infrastructure first outlined in an Executive Order issued 60 years ago and reinforced in the recent 2021 Executive Order on Cybersecurity to include cyber concerns.

And so are we at GDIT. For more than 50 years, we’ve been both a thought partner and a technical expert to the FAA as it works to continually secure its critical communications infrastructure.

There are five focus areas to ensure safety and availability of critical aviation communications:

  • Security-first design approach: implementing new technologies and approaches to security that constantly enhance the safety of FAA communications systems.
  • Cybersecurity at the forefront: ensuring the FAA’s industrial control system similarly applies processes and procedures with cybersecurity in mind.
  • Implement Zero Trust architecture: GDIT’s Zero Trust expertise is being applied to realize the security promise of this approach being implemented at the FAA.
  • Strengthen ICAM capabilities: the agency’s identity credential and access management (ICAM) capabilities will strengthen its security posture and drive availability through resilient infrastructures.
  • Incorporate automation, artificial intelligence and machine learning: By automating rules-driven processes and procedures, alongside inference-based tasks that models can be trained to handle, the focus can be shifted to higher value-order tasks, while enhancing the overall cybersecurity posture.

Safer skies, from takeoff to touchdown

The criticality of keeping FAA teams securely connected to aircraft in our skies is a mission we take very seriously and one for which we apply an enormous amount of expertise to get right.

In addition to a security-first approach, we partner with the FAA to keep our domestic airspace safe. Software built for the National Airspace System is relied upon every day by the FAA to calculate and recommend standard maneuvers like arrivals, departures, and rerouting, and Traffic Flow Management uses intelligent automation to assist in all phases of flight.

Mission-critical and safety-essential FAA network services, like the FAA’s Administrative Voice Enterprise Service (FAVES), rely on the deployment and sustainment of the latest networking services, legacy protocol support, and cyberthreat detection. GDIT provides telecommunications Voice over IP systems to more than 1,000 FAA facilities for seamless, secure, always-on communications.

Finally, we secure the FAA’s gateway to the cloud and critical applications including FAA DroneZone, the registration platform for public and commercial unmanned aircraft, and the UAS data exchange Low Altitude Authorization and Notification Capability (LAANC) flight planning tool.

In my current role at GDIT, I see our cyber professionals’ skills put to the test every day to secure operations for the FAA’s IT infrastructure, cloud services, and VoIP communications. Their understanding and commitment to the safety, security and protection of this critical infrastructure ensures the vital link between pilots, air traffic controllers, airway facilities specialists, and every aviation professional is never compromised.


Mariano Alicea has nearly 25 years’ experience supporting the National Airspace System (NAS) and air traffic control systems and over 10 years supporting telecommunications network services. As GDIT Vice President for Transportation and Infrastructure, he manages a business area with over 400 employees nationwide and oversees large customer programs including FAA Cloud Services (FCS), FAA Administrative Voice Enterprise Services (FAVES), and Traffic Flow Management System. He formerly held positions with the FAA as a program manager where he was responsible for the FAA’s complex communications network during 9/11 and oversight of the post-9/11 security environment. Connect with Mariano on LinkedIn.

0