DEF CON 32 - Analyzing the Security of Satellite Based Air Traffic Control -Martin Strohmeier

DEFCONConference
16 Oct 202424:06

Summary

TLDRIn his talk, Martin Schomer discusses the security vulnerabilities in satellite-based air traffic control systems, specifically focusing on satellite ADS-B and ADS-C technologies. He explains how these systems, crucial for monitoring aircraft in remote areas, lack security measures such as authentication, making them susceptible to various attacks. Schomer highlights passive (eavesdropping) and active (spoofing, denial of service) attack methods, demonstrating how easily they can be carried out using low-cost equipment. Despite their benefits in enhancing airspace efficiency, these vulnerabilities raise significant concerns for aviation safety and privacy, urging the need for improved security in satellite communications.

Takeaways

  • πŸ˜€ Satellite-based air traffic control systems, like satellite ADS-B and ADS-C, are crucial for improving airspace monitoring, especially in remote areas.
  • πŸ˜€ Satellite ADS-B systems relay aircraft data from low Earth orbit satellites to air traffic control providers, improving coverage where terrestrial systems are unavailable.
  • πŸ˜€ ADS-C (Automatic Dependent Surveillance-Contract) offers continuous aircraft tracking by transmitting data to ground stations, reducing reliance on voice communication and improving airspace efficiency.
  • πŸ˜€ Both satellite ADS-B and ADS-C systems suffer from security vulnerabilities, particularly the lack of authentication, making them susceptible to attacks.
  • πŸ˜€ Passive attacks, like eavesdropping, allow attackers to track aircraft positions and metadata, which can lead to privacy violations and reconnaissance.
  • πŸ˜€ Active attacks on satellite communication systems can include spoofing aircraft data, sending fake positions to ground stations, or launching Denial of Service (DoS) attacks to disrupt communication.
  • πŸ˜€ Satellite-based air traffic control systems are not inherently secure; attackers can use software-defined radios (SDRs) to inject false data or spoof aircraft positions.
  • πŸ˜€ Successful spoofing of ADS-C data can mislead air traffic controllers into believing they are receiving real-time data from an aircraft when it is fabricated.
  • πŸ˜€ The process of injecting ghost aircraft positions and causing chaos through DoS attacks in ADS-C and ADS-B systems is relatively simple, requiring minimal resources for execution.
  • πŸ˜€ Practical experiments show that transmitting fake signals into satellite-based systems is not only possible but also easy to execute with low-cost equipment like SDRs.
  • πŸ˜€ Schomer emphasizes that while satellite systems like ADS-B and ADS-C are useful for tracking aircraft over oceans or in remote areas, security should have been a priority from the start to prevent malicious interference.

Q & A

  • What is the main focus of Martin Schomer's talk?

    -The main focus of Martin Schomer's talk is analyzing the security of satellite-based air traffic control systems, particularly satellite ADS-B and ADS-C technologies.

  • What are ADS-B and ADS-C, and how are they used in air traffic control?

    -ADS-B (Automatic Dependent Surveillance-Broadcast) and ADS-C (Automatic Dependent Surveillance-Contract) are technologies used for tracking aircraft. ADS-B allows aircraft to broadcast their position to ground stations or other aircraft, while ADS-C enables periodic or event-based position updates via satellite communication, particularly useful in remote areas.

  • How does satellite ADS-B differ from traditional ADS-B?

    -Satellite ADS-B extends the coverage of traditional ADS-B by using satellites to pick up signals from aircraft, providing air traffic control in areas without terrestrial receivers, such as over oceans and mountainous regions.

  • What is the security concern with satellite-based air traffic control?

    -The main security concern is the lack of authentication and encryption in satellite-based air traffic control protocols. This makes the system vulnerable to passive attacks (eavesdropping) and active attacks (data injection and denial of service).

  • Can passive attackers exploit satellite ADS-B or ADS-C systems?

    -Yes, passive attackers can easily intercept satellite signals using relatively simple equipment like software-defined radios (SDRs), allowing them to track aircraft positions and potentially violate privacy or gather intelligence for future attacks.

  • What are the potential risks of active attacks on satellite-based air traffic control systems?

    -Active attackers can spoof aircraft positions, inject false data, or disrupt communication between aircraft and ground stations. These attacks could cause confusion, disrupt air traffic control, and potentially lead to safety risks, although the immediate impact might not always be catastrophic.

  • How can attackers perform a denial of service (DoS) attack on satellite-based air traffic control systems?

    -Attackers can perform a denial of service attack by blocking or disrupting the connection between aircraft and satellites, preventing aircraft from establishing or maintaining communication with air traffic control systems.

  • What kind of spoofing is possible in the downlink of satellite ADS-C systems?

    -In the downlink, attackers can spoof aircraft positions by injecting false location data into the communication stream between the satellite and the ground station. This could mislead air traffic controllers into believing an aircraft is in a different location.

  • What are the limitations of injecting ghost aircraft using ADS-C?

    -Injecting ghost aircraft into the system is not possible because the air traffic controller always initiates the communication with a known aircraft. Any unsolicited response from a non-initiated aircraft would be discarded and ignored by the system.

  • How can software-defined radios (SDRs) be used in attacking satellite-based air traffic control systems?

    -SDRs can be used to both receive and transmit satellite signals. Attackers can listen to satellite communications to track aircraft or inject false ADS-C messages to spoof aircraft positions or flood the system with fake emergency data.

  • What steps did Martin Schomer's team take to demonstrate vulnerabilities in satellite air traffic control?

    -Martin Schomer's team used SDRs to intercept and inject satellite ADS-C messages into the system. They built their own ground station and successfully tested transmitting arbitrary messages, demonstrating how easily attackers can spoof aircraft data and disrupt air traffic control.

Outlines

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Mindmap

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Keywords

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Highlights

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now

Transcripts

plate

This section is available to paid users only. Please upgrade to access this part.

Upgrade Now
Rate This
β˜…
β˜…
β˜…
β˜…
β˜…

5.0 / 5 (0 votes)

Related Tags
Satellite SecurityAir Traffic ControlCybersecurityAviation TechnologyADS-BADS-CSpace-based ATCCyber AttacksSoftware Defined RadioSecurity VulnerabilitiesRemote Monitoring