Specialists behind what is described as a world-leading airport operating system have built miniature physical models of airports to simulate the impact of cyber-attacks.
The replicas, complete with embedded digital systems, are used to demonstrate how disruption to critical infrastructure can cascade across terminals, runways and transport links.
The technology has been developed by Indian technology firm WAISL, whose Airport Predictive Operation Centre (APOC) platform, known as AeroWise, is integrated with cyber-security systems from partner GRAMAX.
Simulating chaos in real time
The scaled-down airport models include working representations of departure halls, arrivals areas, immigration desks, security checkpoints, car parks, runways, gates and rail connections.
Engineers have embedded the same types of IP and industrial control systems used in real airports. When a simulated cyber-attack is launched, trains on the model can be made to run in the wrong direction, lighting systems switch on and off unexpectedly and major operational failures are triggered.
The aim, the companies say, is to help programme logic controllers and security teams “war-game” potential attack scenarios and better understand the real-world consequences of a breach.
Cyber-attacks on transport infrastructure are a growing concern. Both the European Union Agency for Cybersecurity (ENISA) and the National Cyber Security Centre (NCSC) have warned that airports and airlines are increasingly targeted by hackers and hostile state actors.
AI-driven ‘auto-pilot for airports’
WAISL describes AeroWise as the first APOC system of its kind. It uses artificial intelligence and digital twin technology to create what the company calls an “auto-pilot for airports”.
The platform integrates landside, terminal and airside systems, feeding real-time operational data into a central control centre. The intention is to improve efficiency and capacity while strengthening resilience against cyber threats.
The combined WAISL and GRAMAX systems are currently installed at three major Indian airports: Hyderabad, New Delhi and Goa. Further deployments are planned in India and across Europe.
Andy Bordass, who is overseeing the European roll-out of AeroWise, said aviation now depends on “an expansive and tightly coupled digital ecosystem” where failures are rarely isolated.
“Across Europe, recent technology and cyber-related disruptions have demonstrated that when these systems falter, the effects are immediate, highly visible and operationally destabilising,” he said.
He added that threats were becoming faster and more adaptive, with criminals increasingly using artificial intelligence to develop ransomware, deep-fake phishing campaigns and data exfiltration techniques.
Supply chain vulnerabilities
Mr Bordass said airport operators must also consider risks across their supply chains and among third-party providers, not just their own internal systems.
“It is a 24/7 battle,” he said. “The number of cyber events that airports have to deal with is astonishing, and attacks are only going to get more sophisticated.”
The companies argue that combining digital twin modelling with physical replicas allows cyber specialists to visualise how attacks would unfold on the ground, helping them stay ahead of emerging threats.
Talks are underway with several European airports, as operators seek to bolster defences amid heightened geopolitical tensions and growing reliance on interconnected digital infrastructure.
