Sometimes, products that don't appear at an airshow still dominate proceedings - the absence of the F-35 from Farnborough in 2014 was almost as much of a talking point as its appearance there two years later, for example. But if Thales manages to get Singapore discussing one major product line that it has deliberately chosen not to highlight on its stand this year, it will have made a major contribution not just to its own marketing, but perhaps to the cause of enhanced aviation safety generally.

Cyber is often described as the "fifth domain" after land, sea, air and space. Yet computer networks underlie every domain, and problems in one area can quickly spread. If the only people practicing cybersecurity and cyberdefense work in their own department, separate from the other domains, the outcomes will not be good.

Thales is taking a different tack: and this is why, at the Airshow this week, there will be no roped-off section of the company's stand detailing its cyber offerings. Instead, the company is keen to emphasize the importance of integrating cybersecurity thinking across all parts of the aviation ecosystem - civil and military, in the air or on the ground.

"Within Thales we have some organizations dedicated to cybersecurity, but the proof we don't put cyber in its own corner can be seen in my own responsibilities," says Nathalie Feyt, a cybersecurity expert who is now the company's design authority for avionics systems. "I'm working in the avionics department, on a day-to-day basis, on different new solutions and projects, and working together with engineers."

Feyt points out that with today's emphasis on using digital connectivity to enhance the passenger experience, the smooth and profitable running of airlines, and cockpit processes and procedures, every aviation entity is connecting hitherto air-gapped systems to corporate, or even sometimes public, networks. Yet every additional connection increases the enterprise's exposure to cyber risk.

This is a lesson that has been learned the hard way by entities in other sectors. Retailers, telecommunications providers and even governments have all found out the hard way that when speed and ease-of-use are given a higher priority than security, the risks are very real. Feyt argues that aviation, with its safety-first culture, has an advantage: but Thales's message is that nobody in the industry can take cybersecurity for granted.

"In [aviation cybersecurity], we are benefitting from what was existing in terms of safety," she says. "We think about the potential events that may create damage, or may create erroneous behaviour in the system. That means that the design in this industry is already including monitoring and redundancy, to keep everything robust.

"What's changed with cybersecurity," she continues, "is that cyber brings new causes of feared events. For example, in cybersecurity you have the DOS, or Denial of Service attack [where an adversary will flood a network with so many requests for responses that it overwhelms the system, causing it to fail]. If you translate that to our safety-design world, this would be a loss of a function, or unavailability of a function; and our cockpit systems and real-time critical systems have been fully designed, for years, to maintain the function and to keep on going in the event of a loss of functionality. So, in fact, cybersecurity brings new potential causes, but usually the impact of it has been already taken into account in the design."

Good news, for sure. But the price of safety - like that of liberty - is eternal vigilance, and what Thales hopes to achieve by embedding cyber thinking into everything it does is to reinforce safety and security across the aerospace and defense marketplace. Its message this week is that everyone else in aerospace should follow suit.

"We should be prudent, and not be saying, 'OK, we're safe and secure, goodbye'," Feyt says. "The main evolution in this industry is the move to continuous cybersecurity. Aviation has the capacity today to monitor small incidences that are not yet having impact on the safety of flights - it's already in our DNA to do that. Now we need to enrich that with reporting of incidents that could be caused by a cyber threat.

"We already have those types of incident-reporting committees within organisations and companies, so we are already on the track towards cyber resilience," she adds. "We need to enrich that: and that means we need cybersecurity experts in place [within every aerospace department] to understand the threat source, so we can block it and see rapidly how we can recover." 

* Thales has sponsored a paper discussing these issues and others. Written by former UK RAF officer Pete Cooper and published by the Atlantic Council, it is called Aviation Cybersecurity: Finding Lift, Minimizing Drag, and can be downloaded in PDF format at