U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

NCJ Number
189781
Date Published
May 1998
Length
18 pages
Annotation
This document addresses the issue of airline computer security and safety.
Abstract
The Federal Aviation Administration’s (FAA) air traffic control (ATC) computer system provides information to air traffic controllers and aircraft flight crews to ensure safe and expeditious movement of aircraft. Failure to adequately protect these systems, as well as the facilities that house them, could cause nationwide disruption of air traffic or even loss of life due to collisions. Since malicious attacks on computer systems are an increasing threat, it is essential that the FAA ensures the integrity and availability of ATC information, and protects it from unauthorized users. The Committee on Governmental Affairs was asked to determine (1) whether the FAA is effectively managing physical security at ATC facilities and systems security for its current operational systems, (2) whether the FAA is effectively managing systems security for future ATC modernization systems, and (3) the effectiveness of the FAA’s management structure and implementation of policy for computer security. It was concluded that the FAA is ineffective in all critical areas included in the computer security review. Recommendations include developing and executing a plan to inspect the 187 ATC facilities that have not been inspected in over 4 years and correct any weaknesses identified. Also, the FAA must assess, certify, and accredit all ATC systems as expeditiously as possible. Another recommendation is to establish an effective management structure for developing, implementing, and enforcing ATC computer security policy. 15 notes.