Guidance Material


iStock-615719240.jpgICAO continues to develop guidance material to further support States and stakeholders address cybersecurity in civil aviation and implement their obligations in ICAO Standards and Recommended Practices related to aviation cybersecurity.


To date, the following guidance material has been published by ICAO:


  1. Chapter 18 in the ICAO Aviation Security Manual (Doc 8973 – Restricted): The chapter provides guidance to States in implementing their obligations related to Standard 4.9.1 in Annex 17 – Aviation Security.


  2. Relevant material in the Air Traffic Management Security Manual (Doc 9985 – Restricted): The ATM Security Manual provides a holistic approach to security in the ATM environment, combining guidance on physical security and cybersecurity elements.


  3. Guidance on Traffic Light Protocol: The document provides guidance on using Traffic Light Protocol (TLP) to facilitate cybersecurity information sharing. The TLP provides a simple and intuitive means for an information source to specify the limitations on recipients' ability to further share that information, thus minimizing human error to mistakenly share sensitive information beyond its intended recipients.


  4. Cybersecurity Policy Guidance: This guidance material addresses the protection and resilience of international civil aviation's critical infrastructure against cyber threats, and the multilateral collaboration requirement within civil aviation as well as with external authorities such as military, cybersecurity, and national security authorities. The material further contains a template to support the development of an aviation cybersecurity policy on the national level.


  5. Cybersecurity Culture in Civil Aviation: This guidance material builds on civil aviation's track record in implementing successful and effective aviation safety and aviation security cultures, combines relevant elements from both cultures, and augments them with aviation cybersecurity specific elements, with the aim to support the design and implementation of a robust organizational cybersecurity culture in civil aviation.

Connect with us: