A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective (2022)
Turtiainen, H., Costin, A., Khandker, S., & Hämäläinen, T. (2022). GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective. IEEE Access, 10, 21554-21562. https://doi.org/10.1109/ACCESS.2022.3150840
JYU-tekijät tai -toimittajat
Julkaisun tiedot
Julkaisun kaikki tekijät tai toimittajat: Turtiainen, Hannu; Costin, Andrei; Khandker, Syed; Hämäläinen, Timo
Lehti tai sarja: IEEE Access
eISSN: 2169-3536
Julkaisuvuosi: 2022
Volyymi: 10
Artikkelin sivunumerot: 21554-21562
Kustantaja: Institute of Electrical and Electronics Engineers (IEEE)
Julkaisumaa: Yhdysvallat (USA)
Julkaisun kieli: englanti
DOI: https://doi.org/10.1109/ACCESS.2022.3150840
Julkaisun avoin saatavuus: Avoimesti saatavilla
Julkaisukanavan avoin saatavuus: Kokonaan avoin julkaisukanava
Julkaisu on rinnakkaistallennettu (JYX): https://jyx.jyu.fi/handle/123456789/79799
Tiivistelmä
As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from ADS-B avionics devices. We ran our samples through a state-of-the-art fuzzing platform (AFL), and fed the AFL’s output to the EFB apps and GDL-90 decoding software via the network in the same manner as legitimate GDL-90 traffic is sent from ADS-B and other avionics devices. The result shows a worrying anc critical lack of security in many EFB applications where the security is directly related to aircraft’s safety navigation. Out of 16 tested configurations, our avionics pentesting platform managed to crash or otherwise impact 9 (or 56%) of those. The observed problems manifested as crashes, hangs, and abnormal behaviours of the EFB apps and GDL-90 decoders during the fuzzing test. Attacks on core sub-system availability (such as DoS) pose high risks to safety-critical and mission-critical systems such as avionics and aerospace. Our work aims at developing and proposing a systematic pentesting methodology for such devices, protocols, and software, and discovering and reporting as early as possible such vulnerabilities.
YSO-asiasanat: lentoliikenne; lennonjohto; lennonvarmistus; kyberturvallisuus; verkkohyökkäykset; testausmenetelmät
Vapaat asiasanat: fuzzing; aerospace electronics; protocols; software; heart beat; aircraft; standards; GDL-90; ADS-B; attacks; cybersecurity; pentesting; resiliency; DoS; aviation; avionics; airtraffic
Liittyvät organisaatiot
Hankkeet, joissa julkaisu on tehty
- Suomen Hila- ja Pilvilaskenta (FGCI), Vaihe 2: datatieteen mahdollistaminen
- Häkkinen, Hannu
- Suomen Akatemia
- Proof-of-concept: practical, flexible, affordable pentesting platform for ATM/avionics cybersecurity
- Costin, Andrei
- Euroopan komissio
OKM-raportointi: Kyllä
VIRTA-lähetysvuosi: 2022
JUFO-taso: 2
