On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Architecture and Information Requirements to Assess and Predict Flight Safety Risks During Highly Autonomous Urban Flight Operations

As aviation adopts new and increasingly complex operational paradigms, vehicle types, and technologies to broaden airspace capability and efficiency, maintaining a safe system will require recognition and timely mitigation of new safety issues as they emerge and before significant consequences occur. A shift toward a more predictive risk mitigation capability becomes critical to meet this challenge. In-time safety assurance comprises monitoring, assessment, and mitigation functions that proactively reduce risk in complex operational environments where the interplay of hazards may not be known (and therefore not accounted for) during design. These functions can also help to understand and predict emergent effects caused by the increased use of automation or autonomous functions that may exhibit unexpected non-deterministic behaviors. The envisioned monitoring and assessment functions can look for precursors, anomalies, and trends (PATs) by applying model-based and data-driven methods. Outputs would then drive downstream mitigation(s) if needed to reduce risk. These mitigations may be accomplished using traditional design revision processes or via operational (and sometimes automated) mechanisms. The latter refers to the in-time aspect of the system concept. This report comprises architecture and information requirements and considerations toward enabling such a capability within the domain of low altitude highly autonomous urban flight operations. This domain may span, for example, public-use surveillance missions flown by small unmanned aircraft (e.g., infrastructure inspection, facility management, emergency response, law enforcement, and/or security) to transportation missions flown by larger aircraft that may carry passengers or deliver products. Caveat: Any stated requirements in this report should be considered initial requirements that are intended to drive research and development (R&D). These initial requirements are likely to evolve based on R&D findings, refinement of operational concepts, industry advances, and new industry or regulatory policies or standards related to safety assurance

Probabilistic Reachability Analysis for Large Scale Stochastic Hybrid Systems

This paper studies probabilistic reachability analysis for large scale stochastic hybrid systems (SHS) as a problem of rare event estimation. In literature, advanced rare event estimation theory has recently been embedded within a stochastic analysis framework, and this has led to significant novel results in rare event estimation for a diffusion process using sequential MC simulation. This paper presents this rare event estimation theory directly in terms of probabilistic reachability analysis of an SHS, and develops novel theory which allows to extend the novel results for application to a large scale SHS where a very huge number of rare discrete modes may contribute significantly to the reach probability. Essentially, the approach taken is to introduce an aggregation of the discrete modes, and to develop importance sampling relative to the rare switching between the aggregation modes. The practical working of this approach is demonstrated for the safety verification of an advanced air traffic control example

Workshop on Verification and Theorem Proving for Continuous Systems (NetCA Workshop 2005)

Oxford, UK, 26 August 200

Towards Autonomous Aviation Operations: What Can We Learn from Other Areas of Automation?

Rapid advances in automation has disrupted and transformed several industries in the past 25 years. Automation has evolved from regulation and control of simple systems like controlling the temperature in a room to the autonomous control of complex systems involving network of systems. The reason for automation varies from industry to industry depending on the complexity and benefits resulting from increased levels of automation. Automation may be needed to either reduce costs or deal with hazardous environment or make real-time decisions without the availability of humans. Space autonomy, Internet, robotic vehicles, intelligent systems, wireless networks and power systems provide successful examples of various levels of automation. NASA is conducting research in autonomy and developing plans to increase the levels of automation in aviation operations. This paper provides a brief review of levels of automation, previous efforts to increase levels of automation in aviation operations and current level of automation in the various tasks involved in aviation operations. It develops a methodology to assess the research and development in modeling, sensing and actuation needed to advance the level of automation and the benefits associated with higher levels of automation. Section II describes provides an overview of automation and previous attempts at automation in aviation. Section III provides the role of automation and lessons learned in Space Autonomy. Section IV describes the success of automation in Intelligent Transportation Systems. Section V provides a comparison between the development of automation in other areas and the needs of aviation. Section VI provides an approach to achieve increased automation in aviation operations based on the progress in other areas. The final paper will provide a detailed analysis of the benefits of increased automation for the Traffic Flow Management (TFM) function in aviation operations

Urban Air Mobility Market Study

The Booz Allen Team explored market size and potential barriers to Urban Air Mobility (UAM) by focusing on three potential markets – Airport Shuttle, Air Taxi, and Air Ambulance. We found that the Airport Shuttle and Air Taxi markets are viable, with a significant total available market value in the U.S. of $500 billion, for a fully unconstrained scenario. In this unconstrained best-case scenario, passengers would have the ability to access and fly a UAM at any time, from any location to any destination, without being hindered by constraints such as weather, infrastructure, or traffic volume. Significant legal and regulatory, weather, certification, public perception, and infrastructure constraints exist, which reduce the market potential for these applications to only about 0.5$2.5 billion, in the near term. However, we determined that these constraints can be addressed through ongoing intra-governmental partnerships, government and industry collaboration, strong industry commitment, and existing legal and regulatory enablers. We found that the Air Ambulance market is not a viable market if served by electric vertical takeoff and landing (eVTOL) vehicles due to technology constraints but may potentially be viable if a hybrid VTOL aircraft are utilized

Aeronautical engineering: A continuing bibliography with indexes, supplement 100

This bibliography lists 295 reports, articles, and other documents introduced into the NASA Scientific and Technical Information System in August 1978

Threats Management Throughout the Software Service Life-Cycle

Software services are inevitably exposed to a fluctuating threat picture. Unfortunately, not all threats can be handled only with preventive measures during design and development, but also require adaptive mitigations at runtime. In this paper we describe an approach where we model composite services and threats together, which allows us to create preventive measures at design-time. At runtime, our specification also allows the service runtime environment (SRE) to receive alerts about active threats that we have not handled, and react to these automatically through adaptation of the composite service. A goal-oriented security requirements modelling tool is used to model business-level threats and analyse how they may impact goals. A process flow modelling tool, utilising Business Process Model and Notation (BPMN) and standard error boundary events, allows us to define how threats should be responded to during service execution on a technical level. Throughout the software life-cycle, we maintain threats in a centralised threat repository. Re-use of these threats extends further into monitoring alerts being distributed through a cloud-based messaging service. To demonstrate our approach in practice, we have developed a proof-of-concept service for the Air Traffic Management (ATM) domain. In addition to the design-time activities, we show how this composite service duly adapts itself when a service component is exposed to a threat at runtime.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

Nowcasting Thunderstorms for Munich Airport

The successful demonstration and assessment of the DLR thunderstorm nowcasting algorithms at Munich Airport during two campaigns in the summers of 2010 and 2011 are described. The algorithms Cb-TRAM and Rad-TRAM, that detect, monitor, and forecast up to one hour (nowcast) thunderstorm cells from satellite and radar data, run in real time and provided new thunderstorm products for users at the airport. The products were presented on displays the users were already familiar with as well as on webpages designed by DLR. On the webpages, also additional information like measurements with DLR’s polarimetric radar and model forecasts was shown. Moreover, thunderstorm warnings were is-sued and sent via email to the users whenever a thunderstorm was detected in the terminal manoeu-vring area of the airport of Munich. The nowcasting skills of Rad-TRAM and Cb-TRAM are encouraging, especially for lead times up to 30 minutes, and the user feedback on the DLR thunderstorm products was very positive. The Rad-TRAM and Cb-TRAM products provide a good overview on the situation and its future development, and the thunderstorm warnings were very helpful for the collaborative decision making at the airport. However, some suggestions for improvements were made like the demand for nowcasts beyond one hour. This will be considered within the integrated weather forecast system, WxFUSION, which has been further developed during the campaigns