Survey of cyber threats in air traffic control and aircraft communications systems

Abstract

Air traffic control systems based on the ADS-B standard have been widely adopted in civil aviation to the point that they are now considered the de facto standard. ADS-B provides major benefits to airports and airlines by increasing the safety of air traffic management and control and allowing more flights to travel near busy airports. However, the ADS-B technology lacks sufficient security measures. The ADS-B system is vulnerable and exposed to cyberattacks. We survey the potential known threats and attacks against ADS-B and assess the potential cybersecurity threats to air traffic management and control. The widespread use of ADS-B and the lack of security features in it, i.e., all the ADS-B messages are unauthenticated and unencrypted!, makes this necessary. As we demonstrate in the survey, ADS-B’s lack of security features allows injection of false flight data, as well as jamming the wireless communications between airplanes and control towers and preventing the detection of commercial aircrafts by ADS-B ground stations, control towers, and other aircrafts.