High-tech air traffic control tower has no people, but it does have security concerns
It’s such a weird thing to hear, it seems counter-intuitive: London City Airport is building a new air traffic control tower that will be completely digital and manned by a group of human controllers who will be over 100 miles away.
High-definition video will be transmitted to the remote location, providing the human controllers with 360-degree video and live sound so that the controllers will feel like they’re still at the airport even though they’re far away.
The big advantage here: the high-definition visuals, provided by over a dozen different “pan-tilt-zoom” cameras, will allow controllers to see things in finer details than they could with the naked eye with a 30X zoom, like spotting rogue drones that pose a danger.
They will also have real-time information, including operational and sensory data, to build an augmented reality live view of the airfield. For example, the ability to overlay the images with weather information, on-screen labels, radar data, aircraft call signs, or to track moving objects.
It’ll be the first UK airport to use the technology, though the system has been in use at a pair of airports in Sweden.
Steve Anderson, of NATS, told the BBC, “They give the controller more information in terms of what they can see, what they can hear.”
But there are still reasons for skepticism, mostly over the digital security of the system which will deliver all of those videos and other relevant information, especially given last week’s huge ransomware attack.
Declan Collier, London City Airport chief executive, told the BBC, “we are very confident that the systems we’re putting in place here are secure, they’re safe, they’re managed very well.” An airport spokesperson also told NBC News that the system has been “stress-tested by IT security experts” and the company in charge is prepared “to guard against the latest threats.”
But no communication is completely safe.
Jason Sabin, Chief Security Officer of security solutions company DigiCert, elaborated on some of the biggest threats to a system like this in a conversation with Mashable.
“The number one threat would be default configuration. They purchase the camera from the manufacturer, they pull it out of the box, set it up and plug it in and say they’re ready to go.”
The dangers here, according to Sabin, include having default passwords and no encryption that make such internet of things (IoT) devices susceptible to attack, such as the September 2016 Mirai botnet distributed denial of service attacks (DDoS) on Krebs Security.
Mirai became even more well-known in October 2016 when it was used in the large-scale attack on domain name servers host Dyn, which led to the shut down of major sites like Twitter, Spotify and Paypal.
Encryption and authentication are also keys, says Sabin. “Encryption is very important but authentication is just as important because you want to make sure you’re corrected to the right person and that the right person is connected” to the device.
“If you’re the air traffic controller who’s supposed to have to access to this, they are going to be authenticating to the cameras and the cameras need to make sure that it is the air traffic controller and not a malicious user who’s trying to gain access to the camera network.”
Mashable has reached out to NATS for more info on the security they plan to implement in the new system.