Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Finds Security Holes In FAA's New Flight Control System

Posted by samzenpus on from the blue-screen-and-sky dept.

gManZboy writes "A key component of the FAA's emerging 'Next Gen' air traffic control system is fundamentally insecure and ripe for manipulation and attack, security researcher Andrei Costin said in a presentation Wednesday at Black Hat 2012. Costin outlined a series of issues related to the Automatic Dependent Surveillance-Broadcast (ADS-B) system, a replacement to the decades-old ground radar system used to guide airplanes through the sky and on the ground at airports. Among the threats to ADS-B: The system lacks a capability for message authentication. 'Any attacker can pretend to be an aircraft' by injecting a message into the system, Costin said. There's also no mechanism in ADS-B for encrypting messages. One example problem related to the lack of encryption: Costin showed a screen capture showing the location of Air Force One — or that someone had spoofed the system."

8 of 60 comments (clear)

  1. Misleading title... by Vylen · · Score: 5, Informative

    An air traffic control system is not a flight control system. Flight control systems in the aviation world relate to things that control the ailerons, elevators and rudders on an aircraft. ATC systems may provide inputs into an FCS when in autopilot but it is an external input.

    1. Re:Misleading title... by Anonymous Coward · · Score: 5, Insightful

      True, but since ATC's DO provide info to FCS's,

      No they don't. Period. ATC NEVER provides direct control to planes. PILOTS provide information to FCS, which may or may not be provided via ATC, which may or may not be at least partially based on ADS. Its also worth noting that ADS is not intended to replace radar in high traffic areas, which are in fact the areas most likely targeted for tom foolery.

    2. Re:Misleading title... by sHORTYWZ · · Score: 4, Informative

      True, but since ATC's DO provide info to FCS's

      As an Air Traffic Controller with both the Army and at one of the largest airports in the midwest, I'm sorry to say, but this post couldn't be any more distant from the truth. We provide absolutely no information to the FCS on aircraft and at no point does our hardware communicate anything to the aircraft. We receive information from aircraft and that is it.

      All navigation on the aircraft is done by completely internal equipment that the pilot can override at any point.

      Air Traffic Controllers (the people) issue instructions, which the pilots are obligated to obey, but in the case that they believe an instruction from ATC is unsafe, they have the final say (and will ultimately be liable for the choice, but that's another matter).

      Runway collisions become ever more likely the longer a compromise situation exists.

      Runway collisions? Ground control is done via visual observation from the tower by a human being. Also, the pilots have windows which they can see out of. Yes, there are radar systems on the ground to back up some areas that are harder to see on large airfields, but visual control is still the primary method of control on the ground.

  2. Solutions are there, but not being used by nten · · Score: 4, Informative

    WAM can ameliorate the injection problem the TFA mentions (they could still lie but it won't matter), but it requires more hardware and communications equipment. The US is the last to jump on board with wholescale ADS-B adoption so these problems are more than just hypothetical. You can see the passive aspect of the article at work here. Planefinder is a central repository where people with software defined radios configured to listen to ADS-B dump their output.

    --
    refactor the law, its bloated, confusing and unmaintainable.
  3. two very different concerns by Trepidity · · Score: 4, Informative

    The public being able to track planes by listening in on their communications, which may indeed have privacy implications, has been the status quo for years. You can find all sorts of online sites with those kinds of maps (example). Maybe that should or shouldn't be the case, but I think it's fair to say it's the current expected case: if you're flying in a plane, your location is public knowledge to anyone within range of your transmissions who cares to listen to them.

    Now being able to inject bogus messages, that's a completely different kind of security problem.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    1. Re:two very different concerns by capedgirardeau · · Score: 5, Insightful

      There is a reason this info is not encrypted: People need to know where airplanes are in the sky, especially other planes, including private aircraft.

      You don't really want airplanes location in the sky to be a secret or you literally run in to serious trouble.

      --
      Wax on, wax off baby!
  4. SETEC ASTRONOMY box by Joe_Dragon · · Score: 3, Interesting

    So now I don't need the SETEC ASTRONOMY box to get into the radar system.

  5. Really? by Anonymous Coward · · Score: 5, Informative

    Posting AC, I work on ATC software.

    Perhaps I'm being naive, but I'm not entirely sure where the threat is here. ATC systems work with flight plans, so if someone is spoofing an ADS-B tracks and generating multiple tracks, we're generally going associate the track that most closely matches the predicted position of the place; most likely the real one. More importantly, ATC systems factor in more than one type of surveillance source, most places with ADS-B will have RADAR coverage. Once you factor in secondary RADAR (even if it's slower and less reliable), you're going to need a whole other aircraft to spoof another one since it's looking for actual aircraft, not just messages from ground stations.

    I'm pretty new to the field, but these threats seem exactly as described, theoretical.