Integration of Cyber Security Policy and Risk Management in the Air Traffic Control System in the Indonesian FIR

Authors

  • Hafidz K. Jati Indonesian Aviation Polytechnic Curug
  • Surya Tri Saputra Indonesian Aviation Polytechnic Curug
  • Martha Saulina Indonesian Aviation Polytechnic Curug

DOI:

https://doi.org/10.55227/ijhess.v5i4.2081

Abstract

The increasing reliance of air traffic control systems on digital technology poses cyber threats that have the potential to disrupt national aviation safety. The integration of cyber security policies and risk management has become an urgent need to maintain the reliability of the Air Traffic Control (ATC) system in the Indonesian Flight Information Region (FIR). This study aims to examine the synergy between national cyber security policies as regulated in Presidential Regulation Number 47 of 2023 on the National Cyber Security Strategy and the implementation of the Safety Management System (SMS) in accordance with ICAO standards. The method used is a qualitative-descriptive approach through a literature study of regulations, policy documents, and related research findings. The study results indicate that the cybersecurity policy framework has not yet been fully integrated into the aviation safety management system. Inter-agency coordination, human resource readiness, and digital infrastructure modernization are key factors in strengthening cyber resilience. This research recommends the establishment of a dedicated aviation cybersecurity oversight unit, integration of cyber threat databases across agencies, and enhanced training for ATC personnel. Policy integration and risk management not only strengthen digital resilience but also protect passenger lives and the stability of national airspace

References

Anggraini. (2025). Analisis Kebijakan Strategi Keamanan Siber Nasional. Https://Jurnal.Syntaxliterate.Co.Id

Astuty, R., Sinaga, M., & Mardianis, R. (2023). Safety Management In Air Traffic Operation. Journal Of Aviation Safety.

Astuty, W., Sinaga, M., & Mardianis, R. (2023). Implementation Of Safety Risk Management According To ICAO Doc 9859. Jurnal Unived.

Bada, M., & Nurse, J. R. C. (2019). Developing Cybersecurity Awareness Programmes For Critical Infrastructure. Computers & Security, 87, 101568. Https://Doi.Org/10.1016/J.Cose.2019.101568

Bowcut, S. (2025). Digital Safeguards: Navigating Cybersecurity In Transportation. Cybersecurity Guide. Https://Cybersecurityguide.Org/Industries/Transportation/

Badan Siber dan Sandi Negara (BSSN). (2024). Laporan Tahunan Keamanan Siber Nasional 2024. Jakarta: BSSN.

Chen, L., Et Al. (2020). Risk-Based Approach For Aviation Cybersecurity Assessment. Journal Of Risk Analysis, 40(6).

Cremer, M., Et Al. (2022). Economic Impact Of Cybercrime And Risk Awareness. Pubmed. Https://Pubmed.Ncbi.Nlm.Nih.Gov/35194352

European Union Aviation Safety Agency (EASA). (2024). CYBER - Aviation resilience – cybersecurity threat landscape. https://www.easa.europa.eu/en/research-projects/cyber

Geotimes.id. (2025). Integrating cyber safety into Indonesia's Aviation Safety Management System. https://geotimes.id/opini/integrating-cyber-safety-into-indonesias-aviation-safety-management-system/

ICAO. (2023). Aviation Cybersecurity Strategy. Montreal: International Civil Aviation Organization.

Kovacs, E. (2021). GPS Spoofing And Air Traffic Vulnerability. Aerospace Review, 12(3).

Kott, A., Linkov, I., & Alberts, D. (2021). Cyber Resilience Of Critical Infrastructure Systems. IEEE Security & Privacy Journal.

Mathew, S. (2019). Airport cyber security & cyber resilience controls. arXiv preprint arXiv:1908.09894. https://arxiv.org/pdf/1908.09894.pdf

Melissa, D. (2017). Human Competency And Safety Management System In Air Traffic Control. International Journal Of Aviation Studies, 5(2).

Membrane Technology. (2024). Multi-layer cybersecurity risk assessment for civil aviation systems. https://membranetechnology.org/index.php/journal/article/download/418/279

Mustikasari, D., Dohamid, R., & Cempaka, I. (2025). Keamanan Siber Infrastruktur Kritis Indonesia. Rayyan Jurnal. Https://Rayyanjurnal.Com

Ningrum, D., & Sari, W. (2016). Risk Management In Airside Operation. UNDIP E-Journal. Https://Ejournal3.Undip.Ac.Id/Index.Php/Teknik

Nurse, J. R. C., & Bada, M. (2018). The Human Factor In Cybersecurity For Air Navigation Services. Cybersecurity Review, 4(1).

Roy, K., & Sridhar, S. (2016). Cyber Threat Impact Assessment On Air Traffic Management. AIAA. Https://Arc.Aiaa.Org/Doi/10.2514/6.2016-4354

Zhao, Y., & Leung, C. (2020). Zero Trust Architecture In Air Traffic Networks. IEEE Access, 8.

Downloads

Published

2026-02-15

How to Cite

K. Jati, H., Surya Tri Saputra, & Martha Saulina. (2026). Integration of Cyber Security Policy and Risk Management in the Air Traffic Control System in the Indonesian FIR. International Journal Of Humanities Education and Social Sciences (IJHESS), 5(4). https://doi.org/10.55227/ijhess.v5i4.2081

Issue

Vol. 5 No. 4 (2026): IJHESS FEBRUARY 2026

Section

Social Science

License

Copyright (c) 2026 Hafidz K. Jati, Surya Tri Saputra, Martha Saulina

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.