Vulnerabilities and mitigation methods in the NextGen air traffic control system

Abstract

The air traffic control (ATC) systems have been modernizing and standardizing the automation platforms in recent years in order to control increased number of flights. In 2004, FAA started transforming the nation’s ground-based ATC system to a system which uses satellite-based navigation and other advanced technology, called NextGen. The NextGen system deploys Internet Protocol based network to communicate and heavily relies on computerized information system and digital data, which may introduce new vulnerabilities for exploitations. Many vulnerabilities of NextGen stem from the increased interconnection of systems through wireless networks. For instance, a critical part of the NextGen, Automatic Dependent Surveillance – Broadcast, which transfers essential information via wireless network without encryption, is an easy target for attackers. There have been some deployments of security measures but still lack in critical system. In this study, we present the potential vulnerabilities of the NextGen ATC systems and their possible solutions.