Security Vulnerabilities in Flight Systems

Faculty Mentor Name

Krishna Sampigethaya

Document Type

Presentation

Location

Jim and Linda Lee Planetarium

Start Date

4-10-2019 2:00 PM

End Date

4-10-2019 2:10 PM

Abstract

The Automatic Dependant Surveillance Broadcast system (ADS-B) is a flight navigation protocol that allows for better communication and routing of aircraft. The purpose of this research was to evaluate potential security vulnerabilities in the existing ADS-B protocol and hypothesize potential solutions to be tested, refined, and implemented in an upcoming Senior Capstone at Embry Riddle Aeronautical University.

Our research concluded that ADS-B has several notable flaws that could be exploited by an external attacker to cause a malfunction in the aircraft’s Take Corrective Action System (TCAS). The key to this vulnerability rests in the lack of verification done by aircraft upon receiving ADS-B broadcasts. Due to this lack of verification, aircraft TCAS systems will respond to any ADS-B messages regardless of their validity. Thus, a malicious actor could broadcast “spoofed” ADS-B signals in order to cause the TCAS system to react to an aircraft that doesn’t exist.

We propose two separate means of increasing security in the ADS-B protocol. By using beamforming and direction finding techniques, aircraft can determine the location of the broadcast to verify if the broadcast source matches the location of the broadcast position. Furthermore, existing ground tracking stations can use existing tracking methods such as radar as a method of verification against unusual ADS-B broadcasts.

Share

COinS
 
Oct 4th, 2:00 PM Oct 4th, 2:10 PM

Security Vulnerabilities in Flight Systems

Jim and Linda Lee Planetarium

The Automatic Dependant Surveillance Broadcast system (ADS-B) is a flight navigation protocol that allows for better communication and routing of aircraft. The purpose of this research was to evaluate potential security vulnerabilities in the existing ADS-B protocol and hypothesize potential solutions to be tested, refined, and implemented in an upcoming Senior Capstone at Embry Riddle Aeronautical University.

Our research concluded that ADS-B has several notable flaws that could be exploited by an external attacker to cause a malfunction in the aircraft’s Take Corrective Action System (TCAS). The key to this vulnerability rests in the lack of verification done by aircraft upon receiving ADS-B broadcasts. Due to this lack of verification, aircraft TCAS systems will respond to any ADS-B messages regardless of their validity. Thus, a malicious actor could broadcast “spoofed” ADS-B signals in order to cause the TCAS system to react to an aircraft that doesn’t exist.

We propose two separate means of increasing security in the ADS-B protocol. By using beamforming and direction finding techniques, aircraft can determine the location of the broadcast to verify if the broadcast source matches the location of the broadcast position. Furthermore, existing ground tracking stations can use existing tracking methods such as radar as a method of verification against unusual ADS-B broadcasts.