Abstract
The air traffic control (ATC) systems have been modernizing and standardizing the automation platforms in recent years in order to control increased number of flights. In 2004, FAA started transforming the nation’s ground-based ATC system to a system which uses satellite-based navigation and other advanced technology, called NextGen. The NextGen system deploys Internet Protocol based network to communicate and heavily relies on computerized information system and digital data, which may introduce new vulnerabilities for exploitations. Many vulnerabilities of NextGen stem from the increased interconnection of systems through wireless networks. For instance, a critical part of the NextGen, Automatic Dependent Surveillance – Broadcast, which transfers essential information via wireless network without encryption, is an easy target for attackers. There have been some deployments of security measures but still lack in critical system. In this study, we present the potential vulnerabilities of the NextGen ATC systems and their possible solutions.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords:
References
Homeland Security: Transportation systems sector-specific plan, an annex to the national infrastructre protection plan (2010). http://www.dhs.gov/transportation-systems-sector (accessed September 15, 2015)
Federal Aviation Administration: FAA historical chronology, 1926–1996 (2011). https://www.faa.gov/about/history/chronolog_history/ (accessed October 3, 2015)
Federal Aviation Administration: Navigation programs – history (2015). https://www.faa.gov/about/office_org/headquarters_offices/ato/service_units/techops/navservices/history/ (accessed October 3, 2015)
Federal Aviation Administration: FAA long-range aerospace forecasts, fiscal years 2020, 2025 and 2030 (2007). http://www.faa.gov/data_research/aviation/long-range_forecasts/media/long07.pdf (accessed October 3, 2015)
United States Government Accountability Office: Air Trafic Contorl, FAA needs a more comprehensive approach to address cybersecurity as agency transition to NextGen, Report to Congressional Requesters, GAO-15-370 (2015)
Bradford, S.: NextGen progress and ICAO. In: Integrated Communications, Navigation and Surveillance Conference (ICNS 2014), pp. 1–22, April 8–10, 2014
Office of Inspector General: Review of web applications security and intrusion detection in air traffic control systems, 2009. Audit Report, Report ID: FI-2009-049, p. 23 (2009)
Sternstein, A.: Exclusive: FAA computer systems hit by cyberattack earlier this year. In: Nextgov (2015). http://www.nextgov.com/cybersecurity/2015/04/faa-computer-systems-hit-cyberattack-earlier-year/109384/ (accessed October 3, 2015)
Federal Aviation Administration: NextGen implementation plane (2015). https://www.faa.gov/nextgen/media/NextGen_Implementation_Plan-2015.pdf (accessed October 3, 2015)
Danev, B., Zenetti, D., Capkun, S.: On physical-layer identification of wireless devices. ACM Computer Surveys 45(1), 1–29 (2012)
Strohmeier, M., Lenders V., Martinovic, I.: Security of ADS-B: state of the art and beyond. arXiv preprint arXiv:1307.3664 (2013)
Schӓfer, M., Lenders, V., Martinovic, I. (eds.): Experimental analysis of attacks on next generation air traffic communication. In: 11th International Conference on Applied Cryptography and Network Security. Lecture Note in Computer Sciences, pp. 253–271 (2013)
McCallie, D., Butts, J., Mill, R.: Security analysis of the ADS-B implementation in the next generation air transportation system. International Journal of Critical Infrastructure Protection 4(2), 78–87 (2011)
Amin, S., Clark, T., Offutt, R., Serenko, K.: Design of a cyber security framework for ADS-B based surveillance systems. In: Systems and Information Engineering Design Symposium (SIEDS 2014), pp. 304–309, April 25, 2014
Strohmeier, M., Lenders, V., Martinovic, I.: On the security of the automatic dependent surveillance-broadcast protocol. IEEE Communications Surveys & Tutorials 17(2), 1066–1087 (2015). Secondquarter 2015
Viggiano, M., Valovage, E., Samuelson, K., Hall, D.: Secure ADS-B authentication system and method, U.S. Patent 7730307 B2, June 1, 2010
Hableel, E., Baek, J., Byon, Y., Wong, D.S.: How to protect ADS-B: confidentiality framework for future air traffic communication. In: IEEE Conference of on Computer Communications Workshops (INFOCOM WKSHPS), April 26–May 1, 2015, pp. 155–160 (2015)
Nijsure, Y., Kaddoum, G., Gagnon, G., Gagnon, F., Yuen C., Mahapatra, R.: Adaptive air-to-ground secure communication system based on ADS-B and wide area multilateration. IEEE Transactions on Vehicular Technology 99, 1. doi:10.1109/TVT.2015.2438171
da Silva, J.L.R., Brancalion, J.F.B., Fernandes, D.: Data fusion techniques applied to scenarios including ADS-B and radar sensors for air traffic control. In: 12th International Conference on Information Fusion, Fusion 2009, pp. 1481–1488, July 6–9, 2009
iPad Pilot News: Which ADS-B reciever should I buy? (2015). http://ipadpilotnews.com/2015/10/ads-b-receiver-buy-2/ (accessed November 10, 2015)
Flightrader24: Live Air Traffic. Available from http://www.flightradar24.com/
Sharan, R., West, N.: The comprehensive GNU radio archieve network. http://www.cgran.org/ (accessed November 10, 2015)
Storck, P.E.: Benefits of commercial data link security. In: Integrated Communications, Navigation and Surveillance Conference (ICNS 2013), pp. 1–6, April 22–25, 2013
Jaatun, M.G., Faegri, T.E.: Sink or SWIM: information security requirements in the sky. In: Eighth International Conference on Availability, Reliability and Security (ARES 2013), pp. 794–801, September 2–6, 2013
National Air Traffic Controllers Association: NextGen now. Quaterly E-Publication 1(4) (2015). http://www.natca.org/safety.aspx?zone=Safety%20and%20Technology&pID=4586 (accessed October 25, 2015)
Zeng, K., Govindan, K., Mohapatra, P.: Non-cryptographic authentication and identification in wireless networks [security and privacy in emerging wireless networks]. IEEE Wireless Communications 17(5), 56–62 (2010)
Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and Implementation of PUF-Based “Unclonable” RFID ICs for anti-counterfeiting and security applications. In: 2008 IEEE International Conference on RFID, pp. 58–64, April 16–17, 2008
Chengzhi, L., Huaiyu, D., Liang, X., Peng, N.: Analysis and optimization on jamming-resistant collaborative broadcast in large-scale networks. In: 2010 Conference Record of the Forty Fourth Asilomar Conference on Signals, Systems and Computers (ASILOMAR), pp. 1859–1863, November 7–10, 2010
Kwon, T., Hong, J.: Secure and efficient broadcast authentication in wireless sensor networks. IEEE Transactions Computer 59(8), 1120–1133 (2010)
Stephens, B.: Security architecture for system wide information management. In: The 24th DASC 2005 Digital Avionics Systems Conference, vol. 2, p. 10, October 30–November 3, 2005
Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos network authentication service (V5), RFC4120 (July 2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Sueki, S., Kim, Y. (2016). Vulnerabilities and Mitigation Methods in the NextGen Air Traffic Control System. In: Latifi, S. (eds) Information Technology: New Generations. Advances in Intelligent Systems and Computing, vol 448. Springer, Cham. https://doi.org/10.1007/978-3-319-32467-8_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-32467-8_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32466-1
Online ISBN: 978-3-319-32467-8
eBook Packages: EngineeringEngineering (R0)