Security analysis of the ADS-B implementation in the next generation air transportation system

Abstract

The US Federal Aviation Administration’s Next Generation (NextGen) upgrade proposes a fundamental transformation that is intended to increase the capacity and safety of the air transportation system. A key component of the upgrade is the Automatic Dependent Surveillance Broadcast (ADS-B) system. ADS-B provides continual broadcast of aircraft position, identity, velocity and other information over unencrypted data links to generate a precise air picture for air traffic management. The Federal Aviation Administration claims that operational requirements necessitate the use of unencrypted data links and maintains that there is a low likelihood of malicious exploitation. This paper analyzes the security vulnerabilities associated with the ADS-B implementation. It describes a taxonomy of attacks and examines the potential impact that the attacks may have on air transportation operations. The taxonomy helps provide a comprehensive understanding of the threats associated with the ADS-B implementation, thereby supporting risk analysis and risk management efforts. The paper also provides recommendations that could enhance security if integrated into the ADS-B implementation plan.