On Sunday, January 10, 2016 at 6:58:27 PM UTC-8, Darryl Ramm wrote:
ADS-B is inherently not secure, a very bad mistake IMNSHO. Nothing is encrypted or cryptographically authenticated. Many technical folks, including experts on encryption etc. that I know also express extreme surprise with that. It is trivial to use to track aircraft which is good at times, but may be a security or physical attack risk, is easily spoofable with possibly bad consequences, including flooding/denial of service style attacks. And all that ground infrastructure, is potentially physically attackable.

That is one reason why it is good there is no way that ADS-B actually issues TCAS-II TYPE RAS (even if you have TCAS II version 7.1 with ADS-B enhancements). You could imagine what could happen with a malicious actor forcing aircraft TCAS systems to issue false RAs.

if its a low-level attack or some idiot just "messing around" then I expect the FAA to use technical means to mitigate some of the harm and to help track down the attackers. Obviously at on extreme they revert back to SSR, A serious technically sophisticated malicious attack, oh that sure worries me.

I do worry that FAA goals of eventually decommissioning a number of approach SSR systems as ADS-B is adopted is a dangerous fantasy. Proffered up by the FAA to congress to show how ADS-B would help save money. That SSR capability is needed as a complement and fallback to ADS-B in case bad things happen. The primary radar facilities are also needed so that somebody just can't turn off ADS-B Out and their transponder and cruise around with no radar coverage. The joint ARTCC/USAF ASRS-4 defense radar facilities are really impressive primary radars but you still want some backup with those local approach primary radars, even if they don't have capacities like the primary radar altitude capability that the big ARSR-4 systems have. How vulnerable that whole radar/SSR infrastructure is is another whole question.


On Sunday, January 10, 2016 at 3:28:06 PM UTC-8, SoaringXCellence wrote:
/snip/
As always I appreciate your knowledge on this and I have a serious concern, based on what several of my programmer geek friends have noted after reading the TSO.

Here is the concern: The ADS-B protocols have no encryption/security protection! I.E. we have a "network" that easily hacked or spoofed, new pseudo-planes could be added to the network with scripted GPS/Altitude data, and no one would know. The whole system is based on the assumption that everyone is playing "nice" with the data.

It that what you understand? How secure is the network?

MB

Darryl,

Thanks for your reply, I fly almost every day in the ATC system of the US and I appreciate both the volume of traffic and the fragile nature of the human element in the ATC. I have yet to get what I believe was a truly dangerous clearance from a controller, but I've also had a few too-close encounters with VFR traffic while descending out of the clouds. ADS-B would sure be nice.

I can see a scenario where a malicious entity could fly into a busy area, engage a false data feed into the ADS-B out, spoofing a track in one direction while going altogether some place else. That's scarier that VFR traffic today.

Thanks again for your knowledgeable participation in these usegroups.

MB