Aviation communication infrastructure security

Abstract

In support of NextGen data communications applications, the FAA (Federal Aviation Authority) and the other ANSPs (Air Navigation Service Providers) plan to share the existing data radio currently used for supporting airline operations. Traditionally, ANSPs have operated all their communication in a relatively closed network environment. Air Traffic control data communications between the controller and the pilot; using existing Communication Service Provider (CSP) infrastructure over the existing data radio exposes the air traffic control message traffic to vulnerabilities in the network outside the ANSP domain. The use of shared radio and the ground infrastructure necessitates operation in a relatively open network environment where the ANSP network is interconnected with the CSP network which in turn is connected to airlines operations. Network hackers can probe for vulnerabilities in the network and launch a covert network attack at an appropriate time. While the air to ground communication security is subjected to collaborative standards evolution, there is a need to address the potential of distributed network attacks that may be launched from outside on the ground network. This paper explores potential vulnerabilities in the ground network, possible techniques to mitigate attacks, such as distributed denial of service attacks launched by hackers on the ground infrastructure outside the ANSP domain. The network attacks described in this paper are not restricted to data communications they are equally applicable to surveillance systems. The paper also explores the heightened possibility of penetrating the ANSP infrastructure firewall when network attacks are in progress.