On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure

Detecting ADS-B Spoofing Attacks using Deep Neural Networks

The Automatic Dependent Surveillance-Broadcast (ADS-B) system is a key component of the Next Generation Air Transportation System (NextGen) that manages the increasingly congested airspace. It provides accurate aircraft localization and efficient air traffic management and also improves the safety of billions of current and future passengers. While the benefits of ADS-B are well known, the lack of basic security measures like encryption and authentication introduces various exploitable security vulnerabilities. One practical threat is the ADS-B spoofing attack that targets the ADS-B ground station, in which the ground-based or aircraft-based attacker manipulates the International Civil Aviation Organization (ICAO) address (a unique identifier for each aircraft) in the ADS-B messages to fake the appearance of non-existent aircraft or masquerade as a trusted aircraft. As a result, this attack can confuse the pilots or the air traffic control personnel and cause dangerous maneuvers. In this paper, we introduce SODA - a two-stage Deep Neural Network (DNN)-based spoofing detector for ADS-B that consists of a message classifier and an aircraft classifier. It allows a ground station to examine each incoming message based on the PHY-layer features (e.g., IQ samples and phases) and flag suspicious messages. Our experimental results show that SODA detects ground-based spoofing attacks with a probability of 99.34%, while having a very small false alarm rate (i.e., 0.43%). It outperforms other machine learning techniques such as XGBoost, Logistic Regression, and Support Vector Machine. It further identifies individual aircraft with an average F-score of 96.68% and an accuracy of 96.66%, with a significant improvement over the state-of-the-art detector.Comment: Accepted to IEEE CNS 201

LoVe is in the Air -- Location Verification of ADS-B Signals using Distributed Public Sensors

The Automatic Dependant Surveillance-Broadcast (ADS-B) message scheme was designed without any authentication or encryption of messages in place. It is therefore easily possible to attack it, e.g., by injecting spoofed messages or modifying the transmitted Global Navigation Satellite System (GNSS) coordinates. In order to verify the integrity of the received information, various methods have been suggested, such as multilateration, the use of Kalman filters, group certification, and many others. However, solutions based on modifications of the standard may be difficult and too slow to be implemented due to legal and regulatory issues. A vantage far less explored is the location verification using public sensor data. In this paper, we propose LoVe, a lightweight message verification approach that uses a geospatial indexing scheme to evaluate the trustworthiness of publicly deployed sensors and the ADS-B messages they receive. With LoVe, new messages can be evaluated with respect to the plausibility of their reported coordinates in a location privacy-preserving manner, while using a data-driven and lightweight approach. By testing our approach on two open datasets, we show that LoVe achieves very low false positive rates (between 0 and 0.00106) and very low false negative rates (between 0.00065 and 0.00334) while providing a real-time compatible approach that scales well even with a large sensor set. Compared to currently existing approaches, LoVe neither requires a large number of sensors, nor for messages to be recorded by as many sensors as possible simultaneously in order to verify location claims. Furthermore, it can be directly applied to currently deployed systems thus being backward compatible

Air Traffic Management Blockchain Infrastructure for Security, Authentication, and Privacy

Current radar-based air traffic service providers may preserve privacy for military and corporate operations by procedurally preventing public release of selected flight plans, position, and state data. The FAA mandate for national adoption of Automatic Dependent Surveillance Broadcast (ADS-B) in 2020 does not include provisions for maintaining these same aircraft-privacy options, nor does it address the potential for spoofing, denial of service, and other well-documented risk factors. This paper presents an engineering prototype that embodies a design and method that may be applied to mitigate these ADS-B security issues. The design innovation is the use of an open source permissioned blockchain framework to enable aircraft privacy and anonymity while providing a secure and efficient method for communication with Air Traffic Services, Operations Support, or other authorized entities. This framework features certificate authority, smart contract support, and higher-bandwidth communication channels for private information that may be used for secure communication between any specific aircraft and any particular authorized member, sharing data in accordance with the terms specified in the form of smart contracts. The prototype demonstrates how this method can be economically and rapidly deployed in a scalable modular environment

Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks

The benefits of autonomous vehicles (AVs) are widely acknowledged, but there are concerns about the extent of these benefits and AV risks and unintended consequences. In this article, we first examine AVs and different categories of the technological risks associated with them. We then explore strategies that can be adopted to address these risks, and explore emerging responses by governments for addressing AV risks. Our analyses reveal that, thus far, governments have in most instances avoided stringent measures in order to promote AV developments and the majority of responses are non-binding and focus on creating councils or working groups to better explore AV implications. The US has been active in introducing legislations to address issues related to privacy and cybersecurity. The UK and Germany, in particular, have enacted laws to address liability issues, other countries mostly acknowledge these issues, but have yet to implement specific strategies. To address privacy and cybersecurity risks strategies ranging from introduction or amendment of non-AV specific legislation to creating working groups have been adopted. Much less attention has been paid to issues such as environmental and employment risks, although a few governments have begun programmes to retrain workers who might be negatively affected.Comment: Transport Reviews, 201

Establishing and optimising unmanned airborne relay networks in urban environments

This thesis assesses the use of a group of small, low-altitude, low-power (in terms of communication equipment), xed-wing unmanned aerial vehicles (UAVs) as a mobile communication relay nodes to facilitate reliable communication between ground nodes in urban environments. This work focuses on enhancing existing models for optimal trajectory planning and enabling UAV relay implementation in realistic urban scenarios. The performance of the proposed UAV relay algorithms was demonstrated and proved through an indoor simulated urban environment, the rst experiment of its kind.The objective of enabling UAV relay deployment in realistic urban environments is addressed through relaxing the constraints on the assumptions of communication prediction models assumptions, reducing knowledge requirements and improving prediction efficiency. This thesis explores assumptions for urban environment knowledge at three different levels: (i) full knowledge about the urban environment, (ii) partially known urban environments, and (iii) no knowledge about the urban environment. The work starts with exploring models that assume the city size, layout and its effects on wireless communication strength are known, representing full knowledge about the urban environment. [Continues.]</div

Framework de planeamento de missões para frotas de drones interligados

The usage of aerial drones has become more popular as they also become more accessible, both in economic and usability terms. Nowadays, these vehicles can present reduced dimensions and a good cost-benefit ratio, which makes it possible for several services and applications supported by aerial drone networks to emerge. Some scenarios that benefit from the use of aerial drones are the monitoring of emergency situations and natural disasters, the patrolling of urban areas and support to police forces, and tourist applications such as the real-time video transmission of points of interest. It is common for the control of the drone to be dependent on human intervention in these situations, which requires professionals specialized in its control. However, in recent years, several solutions have emerged that enable the autonomous flight of these vehicles, minimizing manual interference. Taking into account the enormous diversity of use cases, many of the existing solutions for autonomous control focus on specific scenarios. Generic mission planning platforms also exist, but most of them only allow missions consisting of linear waypoints to be traversed. These situations translate into a mission support that is not very flexible. In this dissertation, we propose a modular infrastructure that can be used in various scenarios, enabling the autonomous control and monitoring of a fleet of aerial drones in a mission context. This platform has two main components, one integrated into the onboard computer of the vehicle, and the other one in the ground control. The former allows the communication with the flight controller so that it can collect telemetry data and send movement instructions to the drone. The latter allows to monitor this data and send the commands remotely, also enabling robust mission planning with multiple drones. A mission can be described in a script that the ground module interprets, sending the commands to the assigned vehicles. These missions can describe different paths, modifying the behaviour of the drones according to external factors, such as a sensor reading. It is also possible to define plugins to be reused in various missions, for example, by integrating an algorithm that ensures that all drones maintain connectivity. The solution was evaluated in scenarios with a single drone and with the collaboration of multiple drones. The tests were performed in a simulated environment and also in an environment with real drones. The observed behaviour is similar in both scenarios.A utilização de drones aéreos tem-se vindo a popularizar à medida que estes se tornam mais acessíveis, quer em termos económicos quer em usabilidade. Atualmente, estes veículos são capazes de apresentar dimensões reduzidas e uma boa relação de custo-benefício, o que potencia que diversos serviços e aplicações suportados por redes de drones aéreos estejam a emergir. Alguns cenários que beneficiam da utilização de drones aéreos são a monitorização de situações de emergência e catástrofes naturais, a patrulha de áreas urbanas e apoio às forças policiais e aplicações turísticas como a transmissão de vídeo em tempo real de pontos de interesse. É comum que o controlo do drone esteja dependente de intervenção humana nestas situações, o que requer profissionais especializados no seu controlo. No entanto, nos últimos anos têm surgido diversas soluções que possibilitam o vôo autónomo destes veículos, minimizando a interferência manual. Perante a enorme diversidade de casos de aplicação, muitas das soluções existentes para o controlo autónomo focam-se em cenários específicos de intervenção. Existem também plataformas de planeamento genérico de missões, mas que na sua maioria apenas permitem missões constituídas por conjuntos lineares de pontos a ser percorridos. Estas situações traduzem-se num suporte a missões que é pouco flexível. Nesta dissertação propomos uma infraestrutura modular passível de ser utilizada em cenários variados, possibilitando o controlo autónomo de uma frota de drones aéreos num contexto de missão e a sua monitorização. Esta plataforma tem dois componentes principais, um integrado no computador a bordo do veículo e o outro no controlo terrestre. O primeiro permite a comunicação com o controlador de vôo para que se possa recolher diversos dados de telemetria e enviar instruções de movimento para o drone. O segundo permite monitorizar esses dados e enviar os comandos remotamente, possibilitando também um planeamento robusto de missões com múltiplos drones. Uma missão pode ser descrita num script que o módulo terrestre interpreta, enviando os comandos para os veículos atribuídos. Estas missões podem descrever diversos caminhos, modificando o comportamento dos drones de acordo com factores externos, como a leitura de um sensor. Também é possível definir plugins para serem reutilizados em várias missões, como por exemplo, integrando um algoritmo que garante que todos os drones mantêm a conectividade. A solução foi avaliada em cenários com um único drone e com a colaboração de múltiplos drones. Os testes foram executados em ambiente simulado e também num ambiente com drones reais. O comportamento observado nas missões é semelhante em ambos os cenários.Mestrado em Engenharia de Computadores e Telemátic

Advances in Human Robot Interaction for Cloud Robotics applications

In this thesis are analyzed different and innovative techniques for Human Robot Interaction. The focus of this thesis is on the interaction with flying robots. The first part is a preliminary description of the state of the art interactions techniques. Then the first project is Fly4SmartCity, where it is analyzed the interaction between humans (the citizen and the operator) and drones mediated by a cloud robotics platform. Then there is an application of the sliding autonomy paradigm and the analysis of different degrees of autonomy supported by a cloud robotics platform. The last part is dedicated to the most innovative technique for human-drone interaction in the User’s Flying Organizer project (UFO project). This project wants to develop a flying robot able to project information into the environment exploiting concepts of Spatial Augmented Realit

Standardization Roadmap for Unmanned Aircraft Systems, Version 2.0

This Standardization Roadmap for Unmanned Aircraft Systems, Version 2.0 (“roadmap”) is an update to version 1.0 of this document published in December 2018. It identifies existing standards and standards in development, assesses gaps, and makes recommendations for priority areas where there is a perceived need for additional standardization and/or pre-standardization R&D. The roadmap has examined 78 issue areas, identified a total of 71 open gaps and corresponding recommendations across the topical areas of airworthiness; flight operations (both general concerns and application-specific ones including critical infrastructure inspections, commercial services, and public safety operations); and personnel training, qualifications, and certification. Of that total, 47 gaps/recommendations have been identified as high priority, 21 as medium priority, and 3 as low priority. A “gap” means no published standard or specification exists that covers the particular issue in question. In 53 cases, additional R&D is needed. As with the earlier version of this document, the hope is that the roadmap will be broadly adopted by the standards community and that it will facilitate a more coherent and coordinated approach to the future development of standards for UAS. To that end, it is envisioned that the roadmap will continue to be promoted in the coming year. It is also envisioned that a mechanism may be established to assess progress on its implementation