A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems (2022)

Khandker, S., Turtiainen, H., Costin, A., & Hämäläinen, T. (2022). On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems. IEEE Access, 10, 37718-37730. https://doi.org/10.1109/ACCESS.2022.3164704

JYU-tekijät tai -toimittajat

Khandker, Syed
Turtiainen, Hannu
Costin, Andrei
Hämäläinen, Timo

Julkaisun tiedot

Julkaisun kaikki tekijät tai toimittajat: Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo

Lehti tai sarja: IEEE Access

eISSN: 2169-3536

Julkaisuvuosi: 2022

Ilmestymispäivä: 04.04.2022

Volyymi: 10

Artikkelin sivunumerot: 37718-37730

Kustantaja: Institute of Electrical and Electronics Engineers (IEEE)

Julkaisumaa: Yhdysvallat (USA)

Julkaisun kieli: englanti

DOI: https://doi.org/10.1109/ACCESS.2022.3164704

Julkaisun avoin saatavuus: Avoimesti saatavilla

Julkaisukanavan avoin saatavuus: Kokonaan avoin julkaisukanava

Julkaisu on rinnakkaistallennettu (JYX): https://jyx.jyu.fi/handle/123456789/80743

Tiivistelmä

Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology and improves airborne traffic situational awareness. Many types of mobile cockpit information systems (MCISs) are based on ADS-B technology. MCIS gives pilots the flight and traffic-related information they need. MCIS has two parts: an ADS-B transceiver and an electronic flight bag (EFB) application. The ADS-B transceivers transmit and receive the ADS-B radio signals while the EFB applications hosted on mobile phones display the data. Because they are cheap, lightweight, and easy to install, MCISs became very popular. However, because it lacks basic security measures, ADS-B technology is vulnerable to cyberattacks, which makes the MCIS inherently exposed to attacks. This is even more likely because they are power, memory, and computationally constrained. This study explores the cybersecurity posture of various MCIS setups for both types of ADS-B technology: 1090ES and UAT978. Total six portable MCIS devices and 21 EFB applications were tested against radio-link- based attacks by transmission-capable software-defined radio (SDR). Packet-level denial of service (DoS) attacks affected approximately 63% and 37% of 1090ES and UAT978 setups, respectively, while many of them experienced a system crash. Our experiments show that DoS attacks on the reception could meaningfully reduce transmission capacity. Our coordinated attack and fuzz tests also reported worrying issues on the MCIS. The consistency of our results on a very broad range of hardware and software configurations indicate the reliability of our proposed methodology as well as the effectiveness and efficiency of our platform.

YSO-asiasanat: lentoliikenne; lentokoneet; lennonvarmistus; lennonjohto; tietojärjestelmät; kyberturvallisuus; verkkohyökkäykset

Vapaat asiasanat: aircraft; aircraft navigation; transceivers; codes; computer crashes; aerospace electronics; surveillance; cybersecurity; attacks; ADS-B; ATC; ATM; UAT978; 1090ES; availability; DoS;

Tieteenalat:

Liittyvät organisaatiot

JYU-yksiköt:

Informaatioteknologian tiedekunta

Hankkeet, joissa julkaisu on tehty

Suomen Hila- ja Pilvilaskenta (FGCI), Vaihe 2: datatieteen mahdollistaminen
- - Häkkinen, Hannu
- Suomen Akatemia
01.01.2018-31.12.2019

OKM-raportointi: Kyllä

VIRTA-lähetysvuosi: 2022

JUFO-taso: 2