Cyber Security Maturity Model Capability at The Airports

Cybersecurity is an important facilitator for essential aviation safety. The adoption rate for levels of cyber-security protocols at commercial airports is the focus of this research. Scope of this research is limited to cybersecurity maturity model capability norms covering fourteen domains. The paper presents primary data collected from several airport authorities. This survey-based study will be useful in identifying areas for improving operational procedures and developing strong cybersecurity governance at airports. This will allow airports to understand risks and respond proactively by adopting cybersecurity best practices and resilience measures. This study includes domestic, international, privately owned airports, airstrips, or aerodromes. This research found that level one of cyber-security maturity model is the most followed while proactive and advance levels i.e., level 4 and 5 are least adhered to. Most airports appear to have some resources allocated to cyber protection and resilience

Jamming Detection and Classification in OFDM-based UAVs via Feature- and Spectrogram-tailored Machine Learning

In this paper, a machine learning (ML) approach is proposed to detect and classify jamming attacks against orthogonal frequency division multiplexing (OFDM) receivers with applications to unmanned aerial vehicles (UAVs). Using software-defined radio (SDR), four types of jamming attacks; namely, barrage, protocol-aware, single-tone, and successive-pulse are launched and investigated. Each type is qualitatively evaluated considering jamming range, launch complexity, and attack severity. Then, a systematic testing procedure is established by placing an SDR in the vicinity of a UAV (i.e., drone) to extract radiometric features before and after a jamming attack is launched. Numeric features that include signal-to-noise ratio (SNR), energy threshold, and key OFDM parameters are used to develop a feature-based classification model via conventional ML algorithms. Furthermore, spectrogram images collected following the same testing procedure are exploited to build a spectrogram-based classification model via state-of-the-art deep learning algorithms (i.e., convolutional neural networks). The performance of both types of algorithms is analyzed quantitatively with metrics including detection and false alarm rates. Results show that the spectrogram-based model classifies jamming with an accuracy of 99.79% and a false-alarm of 0.03%, in comparison to 92.20% and 1.35%, respectively, with the feature-based counterpart

Air Traffic Management Blockchain Infrastructure for Security, Authentication, and Privacy

Current radar-based air traffic service providers may preserve privacy for military and corporate operations by procedurally preventing public release of selected flight plans, position, and state data. The FAA mandate for national adoption of Automatic Dependent Surveillance Broadcast (ADS-B) in 2020 does not include provisions for maintaining these same aircraft-privacy options, nor does it address the potential for spoofing, denial of service, and other well-documented risk factors. This paper presents an engineering prototype that embodies a design and method that may be applied to mitigate these ADS-B security issues. The design innovation is the use of an open source permissioned blockchain framework to enable aircraft privacy and anonymity while providing a secure and efficient method for communication with Air Traffic Services, Operations Support, or other authorized entities. This framework features certificate authority, smart contract support, and higher-bandwidth communication channels for private information that may be used for secure communication between any specific aircraft and any particular authorized member, sharing data in accordance with the terms specified in the form of smart contracts. The prototype demonstrates how this method can be economically and rapidly deployed in a scalable modular environment

ADS-B Classification using Multivariate Long Short-term Memory–fully Convolutional Networks and Data Reduction Techniques

Researchers typically increase training data to improve neural net predictive capabilities, but this method is infeasible when data or compute resources are limited. This paper extends previous research that used long short-term memory–fully convolutional networks to identify aircraft engine types from publicly available automatic dependent surveillance-broadcast (ADS-B) data. This research designs two experiments that vary the amount of training data samples and input features to determine the impact on the predictive power of the ADS-B classification model. The first experiment varies the number of training data observations from a limited feature set and results in 83.9% accuracy (within 10% of previous efforts with only 25% of the data). The findings show that feature selection and data quality lead to higher classification accuracy than data quantity. The second experiment accepted all ADS-B feature combinations and determined that airspeed, barometric pressure, and vertical speed had the most impact on aircraft engine type prediction

Dynamic Path Planning for Unmanned Aerial Vehicles under Deadline and Sector Capacity Constraints

The US National Airspace System is currently operating at a level close to its maximum potential. The limitation comes from the workload demand on the air traffic controllers. Currently, the air traffic flow management is based on the flight path requests by the airline operators, whereas the minimum separation assurance between flights is handled strategically by air traffic control personnel. In this paper, we propose a scalable framework that allows path planning for a large number of unmanned aerial vehicles (UAVs) taking into account the deadline and weather constraints. Our proposed solution has a polynomial-time computational complexity that is also verified by measuring the runtime for typical workloads. We further demonstrate that the proposed framework is able to route 80% of the workloads while not exceeding the sector capacity constraints, even under dynamic weather conditions. Due to low computational complexity, our framework is suitable for a fleet of UAVs where decentralizing the routing process limits the workload demand on the air traffic personnel

UAT ADS-B Data Anomalies and the Effect of Flight Parameters on Dropout Occurrences

An analysis of the performance of automatic dependent surveillance-broadcast (ADS-B) data received from the Grand Forks, North Dakota International Airport was carried out in this study. The purpose was to understand the vulnerabilities of the universal access transceiver (UAT) ADS-B system and recognize the effects on present and future air traffic control (ATC) operation. The Federal Aviation Administration (FAA) mandated all the general aviation aircraft to be equipped with ADS-B. The aircraft flying within United States and below the transition altitude (18,000 feet) are more likely to install a UAT ADS-B. At present, unmanned aircraft systems (UAS) and autonomous air traffic control (ATC) towers are being integrated into the aviation industry and UAT ADS-B is a basic sensor for both class 1 and class 2 detect-and-avoid (DAA) systems. As a fundamental component of future surveillance systems, the anomalies and vulnerabilities of the ADS-B system need to be identified to enable a fully-utilized airspace with enhanced situational awareness. The data received was archived in GDL-90 format, which was parsed into readable data. The anomaly detection of ADS-B messages was based on the FAA ADS-B performance assessment report. The data investigation revealed ADS-B message suffered from different anomalies including dropout, missing payload, data jump, low confidence data, and altitude discrepancy. Among those studied, the most severe was dropout and 32.49% of messages suffered from this anomaly. Dropout is an incident where ADS-B failed to update within a specified rate. Considering the potential danger being imposed, an in-depth analysis was carried out to characterize message dropout. Three flight parameters were selected to investigate their effect on dropout. Statistical analysis was carried out and the Friedman Statistical Test identified that altitude affected dropout more than any other flight parameter

Cyber physical security of avionic systems

“Cyber-physical security is a significant concern for critical infrastructures. The exponential growth of cyber-physical systems (CPSs) and the strong inter-dependency between the cyber and physical components introduces integrity issues such as vulnerability to injecting malicious data and projecting fake sensor measurements. Traditional security models partition the CPS from a security perspective into just two domains: high and low. However, this absolute partition is not adequate to address the challenges in the current CPSs as they are composed of multiple overlapping partitions. Information flow properties are one of the significant classes of cyber-physical security methods that model how inputs of a system affect its outputs across the security partition. Information flow supports traceability that helps in detecting vulnerabilities and anomalous sources, as well as helps in rendering mitigation measures. To address the challenges associated with securing CPSs, two novel approaches are introduced by representing a CPS in terms of a graph structure. The first approach is an automated graph-based information flow model introduced to identify information flow paths in the avionics system and partition them into security domains. This approach is applied to selected aspects of the avionic systems to identify the vulnerabilities in case of a system failure or an attack and provide possible mitigation measures. The second approach is based on graph neural networks (GNN) to classify the graphs into different security domains. Using these two approaches, successful partitioning of the CPS into different security domains is possible in addition to identifying their optimal coverage. These approaches enable designers and engineers to ensure the integrity of the CPS. The engineers and operators can use this process during design-time and in real-time to identify failures or attacks on the system”--Abstract, page iii

Performance Analysis Of Automatic Dependent Surveillance-Broadcast (ADS-B) And Breakdown Of Anomalies

This thesis work analyzes the performance of Automatic Dependent Surveillance-Broadcast (ADS-B) data received from Grand Forks International Airport, detects anomalies in the data and quantifies the associated potential risk. This work also assesses severity associated anomalous data in Detect and Avoid (DAA) for Unmanned Aircraft System (UAS). The received data were raw and archived in GDL-90 format. A python module is developed to parse the raw data into readable data in a .csv file. The anomaly detection algorithm is based on Federal Aviation Administration\u27s (FAA) ADS-B performance assessment report. An extensive study is carried out on two main types of anomalies, namely dropouts and altitude deviations. A dropout is considered when the update rate exceeds three seconds. Dropouts are of different durations and have a different level of risk depending on how much time ADS-B is unavailable as the surveillance system. Altitude deviation refers to the deviation between barometric and geometric altitude. Deviation ranges from 25 feet to 600 feet have been observed. As of now, barometric altitude has been used for separation and surveillance while geometric altitude can be used in cases where barometric altitude is not available. Many UAS might not have both sensors installed on board due to size and weight constrains. There might be a chance of misinterpretation of vertical separation specially while flying in National Airspace (NAS) if the ownship UAS and intruder manned aircraft use two different altitude sources for separation standard. The characteristics and agreement between two different altitudes is investigated with a regression based approach. Multiple risk matrices are established based on the severity of the DAA well clear. ADS-B is called the Backbone of FAA Next Generation Air Transportation System, NextGen. NextGen is the series of inter-linked programs, systems, and policies that implement advanced technologies and capabilities. ADS-B utilizes the Satellite based Global Positioning System (GPS) technology to provide the pilot and the Air Traffic Control (ATC) with more information which enables an efficient navigation of aircraft in increasingly congested airspace. FAA mandated all aircraft, both manned and unmanned, be equipped with ADS-B out by the year 2020 to fly within most controlled airspace. As a fundamental component of NextGen it is crucial to understand the behavior and potential risk with ADS-B Systems