International LDACS Security Validation Activities -A Cooperation Effort between DLR and ENRI

Abstract

The L-Band Digital Aeronautical Communications System (LDACS) is a possible successor of the VHF Datalink mode 2 (VDLm2) for continental aeronautical communications. It is a cellular broadband digital data link system, foreseen for regularity-of-flight and safety-communications. As of 2023, LDACS has successfully been flight trialled numerous times, the final Standards and Recommended Practices (SARPS) have been endorsed by ICAO and LDACS has been introduced to the Internet community in the form of an informational Request For Comments (RFC). LDACS will support IPv6 based digital voice, Aeronautical Telecommunications Network (ATN)/Internet Protocol Suite (IPS) traffic and enable multiple new applications such as 4D trajectories, secure Ground Based Augmentation System (GBAS), Alternative Positioning Navigation and Timing (APNT) and secondary surveillance capabilities.Any newly developed critical infrastructures system must provide strong cybersecurity. This is especially true for system handling safety-critical data from a range of applications. As such, a dedicated cybersecurity architecture for LDACS has been developed and is part of the LDACS standard. In cooperation with the Electronic Navigation Research Institute (ENRI), the German Aerospace Center (DLR) demonstrated and evaluated the main features of the cybersecurity architecture: the Mutual Authentication and Key Establishment (MAKE) protocol and user-data protection. The objective of this paper is to provide a detailed insight into the security measures and present the LDACS security validation results based on real radio hardware.