Thread: An ADS-B In Question
View Single Post
  #7  
Old January 11th 16, 02:58 AM posted to rec.aviation.soaring
Darryl Ramm
external usenet poster
  
Posts: 2,403
Default An ADS-B In Question
ADS-B is inherently not secure, a very bad mistake IMNSHO. Nothing is encrypted or cryptographically authenticated. Many technical folks, including experts on encryption etc. that I know also express extreme surprise with that. It is trivial to use to track aircraft which is good at times, but may be a security or physical attack risk, is easily spoofable with possibly bad consequences, including flooding/denial of service style attacks. And all that ground infrastructure, is potentially physically attackable.

That is one reason why it is good there is no way that ADS-B actually issues TCAS-II TYPE RAS (even if you have TCAS II version 7.1 with ADS-B enhancements). You could imagine what could happen with a malicious actor forcing aircraft TCAS systems to issue false RAs.

if its a low-level attack or some idiot just "messing around" then I expect the FAA to use technical means to mitigate some of the harm and to help track down the attackers. Obviously at on extreme they revert back to SSR, A serious technically sophisticated malicious attack, oh that sure worries me..

I do worry that FAA goals of eventually decommissioning a number of approach SSR systems as ADS-B is adopted is a dangerous fantasy. Proffered up by the FAA to congress to show how ADS-B would help save money. That SSR capability is needed as a complement and fallback to ADS-B in case bad things happen. The primary radar facilities are also needed so that somebody just can't turn off ADS-B Out and their transponder and cruise around with no radar coverage. The joint ARTCC/USAF ASRS-4 defense radar facilities are really impressive primary radars but you still want some backup with those local approach primary radars, even if they don't have capacities like the primary radar altitude capability that the big ARSR-4 systems have. How vulnerable that whole radar/SSR infrastructure is is another whole question.


On Sunday, January 10, 2016 at 3:28:06 PM UTC-8, SoaringXCellence wrote:
/snip/
As always I appreciate your knowledge on this and I have a serious concern, based on what several of my programmer geek friends have noted after reading the TSO.

Here is the concern: The ADS-B protocols have no encryption/security protection! I.E. we have a "network" that easily hacked or spoofed, new pseudo-planes could be added to the network with scripted GPS/Altitude data, and no one would know. The whole system is based on the assumption that everyone is playing "nice" with the data.

It that what you understand? How secure is the network?

MB