On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Abstract: Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.

• The paper comprehensively analyzes ADS-B protocol security flaws, demonstrating its susceptibility to RF attacks like jamming and spoofing due to a lack of inherent security measures.
• The paper proposes various countermeasures, including physical layer techniques, public key infrastructure, time-based authentication, multilateration, and data fusion for secure broadcast authentication and location verification.
• This research highlights the need for real-time detection and mitigation strategies and provides a framework for evaluating security measures, crucial for future cryptographically secure air traffic management systems.

An Evaluation of the Security Challenges and Countermeasures for ADS-B

The paper "On the Security of the Automatic Dependent Surveillance-Broadcast Protocol" by Martin Strohmeier, Vincent Lenders, and Ivan Martinovic provides a comprehensive analysis of the security vulnerabilities inherent in the Automatic Dependent Surveillance-Broadcast (ADS-B) protocol, which is a cornerstone of the next generation of air traffic control systems. The paper not only highlights the known susceptibility to radio frequency (RF) attacks due to a lack of inherent security measures but also presents a taxonomy of these vulnerabilities and proposes potential countermeasures drawn from related wireless network fields such as vehicular ad hoc networks (VANETs).

The authors meticulously outline various attack vectors, ranging from eavesdropping and signal jamming to message injection and spoofing, emphasizing the ease with which these can be executed using commercially available hardware. They provide a detailed assessment of both theoretical and practical countermeasures that have been considered or can be adapted from similar systems.

ADS-B Security Challenges

ADS-B's vulnerabilities are extensively detailed and classified into different severity levels. They discuss attacks with increasing complexity, such as:

• Eavesdropping: A straightforward, passive attack facilitated by the lack of any encryption or authentication mechanism.
• Jamming: An attack that can incapacitate individual nodes or entire areas, complicating the situation further due to deliberate RF interference.
• Message Injection: Exploiting the absence of authentication to introduce false aircraft data that could disrupt air traffic management.
• Message Deletion and Modification: Advanced attacks involving destructive interference to erase legitimate messages or replace parts of transmission to introduce misleading information.

Proposed Countermeasures

The paper explores various strategies for securing ADS-B, categorized broadly into Secure Broadcast Authentication and Secure Location Verification:

• Secure Broadcast Authentication: Proposed methods include physical layer techniques, uncoordinated frequency hopping, public key infrastructure (PKI), and time-based authentication such as μTESLA. Notably, the assessment of these methods is rigorous considering the constraints of the aviation environment, and the potential overhead and feasibility are critically analyzed.
• Secure Location Verification: The evaluation of multilateration, distance bounding, and Kalman filtering is insightful, with a focus on enhancing position verification through a combination of redundant systems such as primary radar and advanced algorithms to detect anomalies.
• Data Fusion and Trust Management: The authors also recognize the importance of integrating multisource data verification and trust management systems to enhance reliability and detect tampering by cross-verifying ADS-B data with other systems.

Implications and Future Directions

From a practical perspective, the paper urges a reconsideration of the currently deployed ADS-B system to incorporate real-time detection and mitigation strategies without substantial infrastructural overhaul. While acknowledging the significant role of multilateration and data fusion methods in the current ATC ecosystem, the paper posits that a holistic approach will be paramount for any future air traffic surveillance system.

This work underscores the necessity of an incremental yet forward-thinking approach towards a cryptographically secure air traffic protocol that can meet the ever-evolving security challenges without compromising the operational efficiency of air traffic management.

In conclusion, the research presented in this paper forms a crucial basis for ongoing and future work in securing ADS-B protocols, setting the stage for integrating innovative technological solutions for securing global ATM systems against sophisticated cyber threats. The methodology in selecting and evaluating security measures provides an invaluable framework for researchers focusing on similar challenges in other wireless or dependent surveillance systems.