1. Introduction
The ADS-B system broadcasts an aircraft’s identification, position, velocity, and intent to other aircraft and ground stations. However, the introduction of these new technologies in the aviation industry has introduced new network weaknesses linked to their internet connection and the compatibility between systems [
1].
Certain technological advancements, particularly the introduction of Software-Defined Radio (SDR) systems, enable attackers to utilize low-cost RF transmission and receiving. ADS-B transmits data in an open, unencrypted format to allow other aircraft to be informed of the sender’s location. On the other hand, accessibility had been a safety requirement. Therefore, it lacks protection features, rendering it susceptible to a variety of assaults [
2]. Researchers have shown that existing hardware and software can easily undermine the security of ADS-B systems [
3].
Table 1 summarizes ADS-B’s possible attack types, methods, and severity levels, and the requirements they impact most severely [
4]. Therefore, the conventional ADS-B’s data confidentiality, authenticity and integrity can be impacted by possible attacks. This problem might lead to severe consequences [
4]. Although a number of solutions are offered to overcome the issue, either they were led to increase the ADS-B message length and reduce ADS-B air-traffic capacity, or the proposals were not implemented and examined in operational environments. Furthermore, some of the solutions impacted ADS-B performance, such as the degradation of ADS-B sensitivity. Additionally, cipher key exchange was not properly addressed. The proposed solutions are an imposed extra load to ADS-B messages by adding an authentication procedure, peer-to-peer communication, or a key data payload. These approaches lead to the reduction of ADS-B capacity and increased the system complexity and load.
Very recent research was undertaken to deal with ADS-B security concerns, as referenced below:
Blockchain based ADS-B: The proposed model’s objective was to deploy a blockchain model and benefit from its advantages to secure sensitive data [
5,
6,
7,
8];
Machine learning model: Various types of neural networks were offered to tackle message injection attacks [
9,
10]; and
Holistic framework: The solution used a cryptographic module based on a keyed-Hash Message Authentication Code (HMAC) to protect data integrity and authenticity [
11];
Detailed information of each method is provided in the literature review section.
This research covers the design and implementation of a secured ADS-B (SADS-B) system using a software-defined radio (SDR) architecture. It explores the hardware architecture and configuration, presents a format-preserving encryption (FPE) scheme, and shows how blockchain technology can be used for leveraging ADS-B security and how BladeRF functions as a transceiver. The results achieved using this secured system are compatibility, achievability, and high security. Given the current, un-secured ADS-B systems, this work is motivated by the following issues:
Most of the recommended solutions are still in the experimental stage, being tested in controlled settings, and have yet to be implemented [
4];
Deploying FPE algorithms offers certified encryption for the protection of ADS-B messages without any changes in the message’s length;
While the use of FPE algorithms has been proposed as a security solution to benefit from its advantages [
12], it has not yet been implemented and has not been challenged in operational environments such as implementation in SDR and experimentation in flight tests; and
A permissioned blockchain system helps the operational environment not only to exchange the encryption key among nodes (ADS-B systems), but also to store important information.
In this study, FPE algorithms’ advantages are described and then implemented in both MATLAB Simulink and C++. Their evaluation was assessed under real flight data to obtain a comprehensive observation of the algorithm as well as of the ADS-B performance. A private permissioned blockchain was used to distribute keys among SADS-B systems and to store sensitive positioning data. The system’s computational load and performance are compared with a certified ADS-B technology. The results of these experiments show that the proposed scheme offers high-level security and compatibility, and reveal that it is easy to implement.
2. Literature Review
ADS-B security issues have been a hot research topic for at least the past 10 years. Several encryption techniques have been proposed for the protection of ADS-B data [
4]. These encryption schemes are classified as symmetric or asymmetric encryption based on the similarity and dissimilarity of the encryption and the decryption keys.
A digital signature is a mathematical scheme for verifying the authenticity and the inverse function of public-key cryptography. The data is encrypted with a private key by the sender, and can then be decrypted with a public key by the receiver. A lightweight identity-based batch verification (IBV) signature scheme is suggested by Zhou et al. [
13] to establish security via batch message identification. This IBV system has considerable resistance to replay attacks. According to their results, the method has a low computational load and a low transmission overhead. However, Zhou et al.’s proposal was not put into practice. In a broader work, Wesson et al. [
14] examined the merits and drawbacks of both symmetric and asymmetric encryptions, digital signatures, and related key management. Their study concluded that symmetric encryption key management is difficult to control, and that the only feasible encryption technique is asymmetric encryption. Specifically, they determined that the Elliptic Curve Digital Signature Algorithm (ECDSA) signature length is the smallest length that should be applied. The ECDSA signature length is 448 bits, which makes the overall message length 560 bits. In the proposed approach, the message is divided into nine segments; the first segment has 112 bits, followed by eight 56-bit segments. Next, the signature is offered to be broadcast, either by other flight radio channels to support ADS-B, or via the distance measuring equipment (DME) channel that can be utilized to transmit ADS-B signed data. Both approaches reduced the delay of the transmitted message, but the message’s length was still too long. These approaches are not recommended.
Contrary to symmetric encryption, peer-to-peer communication is not needed for the key exchange in the public-key encryption approach. A message authentication procedure built on elliptic curve cryptography (ECC) and the X.509 certificate was proposed by Strohmeier et al. [
15] and Ziliang et al. [
16]. Their proposal exploits the ECSDA technique to produce signatures for ADS-B messages. This approach offers ADS-B data integrity and non-repudiation. Although this solution is not costly, it is less scalable than the existing ADS-B system. Baek [
17] introduced a phased hybrid encryption method to fix the symmetric encryption key exchange limitation and to enhance encryption performance. This method applies encryption in two stages: key encryption and data encryption. Key encryption utilizes identity-based encryption, and therefore certificate management is not required. Data encryption employs symmetric encryption to optimize its advantages. Data encryption can thus be performed quicker and more effectively than public-key encryption. In practice, the sender needs to have prior knowledge of the ground stations or other airplanes, and data can be sent to only one receiver at a time, which is not appropriate.
The Message Authentication Code (MAC) encryption technique was proposed by Samuelson et al. [
18] to protect ADS-B messages. In MAC, all of the nodes perform authentication by appending the authentication code to the plain ADS-B data to produce an authentication identity for every node; irrespective of the verification result, all nodes can receive the data. Therefore, this approach maintains the openness feature of the ADS-B system. Taking into consideration that the ADS-B ciphertext with public key encryption has a 1024-bit length, and Universal Access Transceiver (UAT) data has only a 272-bit length, Samuelson et al. [
18] conclude that encryption of the data by applying the public key is a viable alternative. After investigating the possibility of encrypting the ADS-B data, Jochum et al. [
19] also suggested the same encryption scheme, but both proposals only provided a high-level encryption structure; no detailed encryption schemes were offered.
In 2018, LASSENA’s researchers presented an approach to secured ADS-B by utilizing the combination of phase shift keying (PSK) modulation with the Pulse Position Modulation (PPM) of legacy ADS-B [
20]. The aim was to increase the payload efficiency of the standard ADS-B. PSK modulation provides extra payloads to address the digital signature data requirement. Although the system keeps the openness feature of standard ADS-B, this scheme’s PSK modulation is less robust than PPM modulation, and so the system may be more vulnerable under high-traffic.
In the article [
9], machine learning algorithms such as Support Vector Machine (SVM) are proposed in order to detect three types of message injection attack: path modification, ghost aircraft injection, and velocity drift. The OpenSky network dataset is used to train and validate the proposed model performance [
21]. According to the results, the model accuracy for detecting attacks is over 95%. Another new study is that referred to in [
22], which had the objective of protecting against message injection attacks. The technique is based on physical layer signal analysis, which involves estimating the range and direction of the signal source. A multi-channel receiver on ADS-B is part of the proposed system architecture, along with a directional slotted antenna system. The results are presented as the probability of detection versus the signal’s direction of arrival (DoA).
In [
10], a supervised deep learning approach was used to identify injection attacks that changed the ADS-B messages’ positioning and velocity elements. The OpenSky dataset is used to train and evaluate the Long Short-Term model for prediction of any error in flight path data. However, a simulation result shows about 99 percent of accuracy; this approach can be used to detect message injection threats.
Recently, a holistic framework was proposed to overcome the security concerns of ADS-B [
11]. The solution used a cryptographic module based on a keyed-Hash Message Authentication Code (HMAC) to protect data integrity and authenticity. In addition, the cryptographic keys exchange mechanism is defined to share the key to the ADS-B nodes. However, the proposed model tries to address security issues, and it imposes an extra load on the ADS-B traffic, which causes capacity degradation.
To address the limited payload capacity (112 bits) of the legacy ADS-B, and because ciphering messages that use a conventional encryption algorithm lead to longer cipher texts, Finke et al. [
12] proposed a format-preserving encryption (FPE) method to encrypt ADS-B data and to reduce ciphertext length. Fixed-length messages and confidential fixed-length data such as credit card numbers and social insurance numbers do not fit into the standard block size (64 and 128 bits), and so the FPE method is primarily deployed to encrypt data without changing the data format [
23]. Contrary to traditional packet ciphering, the reserved format encryption does not expand the data. The ciphertext keeps the format encryption in the same format as the plaintext, and thus this method minimizes encryption impact on the ciphertext length. Unlike the Finke et al. [
12] method that encrypts all of the ADS-B data, Yang et al. [
24] exploit the FPE scheme to encrypt only the ICAO24 Aircraft Address (AA) field of the ADS-B message. Thus, this method not only preserves the openness of the ADS-B system, but it also secures the aircraft’s identity data against unauthorized users. It also protects aircraft against reconnaissance attacks. This approach provides confidentiality to some extent, as not all data is encrypted. Agbeyibor [
25] conducted a survey on the applicability of several types of FPE algorithms to apply ADS-B message encryption and examined their security and performance. Our research investigates the FPE method’s security and performance based on real flight data, and it proposes a solution for how to apply the FPE scheme in a software-defined radio platform.
There has been a strong trend recently among researchers and developers to use blockchain to increase avionics security. Blockchain has been exploited in several ways to address ADS-B security requirements. ATMChain is a blockchain-based framework presented by Xin Lu and Zhijun Wu [
5] for the security of cyber-physical systems (CPS) in the Air Traffic Management (ATM) system. Their proposed model is based on an ATM-focused approach, in which the distributed blockchain network is used to construct the ATM-CPS security framework. ADS-B sensors compose one of the different modules, accompanied by satellites, radar units, and other devices. Farah Hasin et al. suggest using the Hyperledger Fabric platform to deal with the security risks related to data link transmissions over ADS-B [
8]. Their proposed ATM system consists of participants, such as various types of aircraft, which are divided into Zones A and B and are connected by a consensus blockchain network. However, the study is limited to the theoretical aspect.
Another approach utilizing blockchain was investigated by Arushi Arora et al. [
6]. They propose a solution according to the aircraft’s registration and their connection to the ground station. Their algorithm consists of three steps: first, a registered aircraft is considered as one transaction in the ledger that is authorized by ATC, then the aircraft is authenticated when the first GS sees it, and finally, control is transferred from one GS to another to perform the handover.
Reisman et al. describe a blockchain-based public key infrastructure (PKI) solution to address ADS-B vulnerabilities [
7]. Their proposed aviation blockchain infrastructure (ABI) serves as a link between technologies that are used in the air and those used on the ground. However, the limitations of real-time processing and the management of high numbers of transactions is not highlighted in PKI-based blockchain.
These papers reveal the possibilities for using blockchain technology in ADS-B systems and provide direction and guidelines for our work. Although blockchain-related articles have proposed high-level security architectures for the entire ATM system or among nodes, they have not provided detailed information on how to implement it in operational environments.
4. Experimental Results
Detailed experiments were performed to evaluate system performance and to measure security levels. These experiments assessed the following four aspects:
Entropy and security complexity: In cryptography, entropy is frequently used to measure a bit string’s level of uncertainty. In addition, serial correlation and plain and encrypted data correlation are key indicators for security measurement.
Sensitivity: The minimum trigger level (MTL) of an ADS-B receiver processing signals within the frequency span of 1089 to 1091 MHz must respect the MTL constraint, which is −84 dBm for ADS-B class “A3” [
26].
Computational time: Encryption increases the time required for message transmission and reception at both ends. Therefore, it is essential to verify the impact of such increased processing time on both ADS-B Out/In.
Waveform comparison: Undoubtedly, applying the FFX algorithm alters the bit sequence in time, so it is wise to observe the spectrum accordingly.
Entropy measurements were performed on both plain data and encrypted data of real flight tests according to ADS-B Out logs. This flight test was performed in a light aircraft (Cessna C-172) flying from Saint-Hubert (CYHU) Airport to Mirabel (CYMX) Airport, as shown in
Figure 7 [
30].
It is worth noting that the entropy is only computed for the “odd” and “even” CPR position messages. In addition, the entropy of messages is measured in bits per byte. The entropy or information content is computed according to Formula (1).
Figure 8 illustrates plain and cipher data entropy for various scenarios. For the 14-byte experiment, the cipher data produced an entropy of 7.9985 bits per byte, whereas the plain text messages had an entropy of 6.7036 bits per byte. These results are similar to the experimental results found by Finke et al. [
12]. Moreover, as the cipher data length decreases, the entropy value decreases accordingly. A low entropy value signifies that encrypted data is more vulnerable to possible attacks.
Apart from entropy, the serial correlation of plain and cipher data and the correlation between plain and cipher data are extracted from ADS-B Out flight information, both of which are presented in
Figure 9. As revealed in
Figure 9, there is a strong serial correlation among the plain data, while the cipher data serial correlation value has an inverse relation with the length of the cipher data. More specifically, the cipher data’s serial correlation value with longer data length is less than its correlation with shorter data size. As expected, plain and cipher data correlation follows the same trend as cipher data serial correlation. Therefore, a higher correlation value, particularly in the case of ICAO encryption, is more vulnerable to codebook attacks.
The second experiment was performed to evaluate both standard ADS-B In and SADS-B In signal sensitivity.
Figure 10a is a diagram of the test bench designed to evaluate signal sensitivity [
30]. As the block diagram illustrates, the ADS-B Out generates ADS-B signals, which are then weakened by a variable attenuator. Next, a splitter provides two signal outputs with the same signal strength, Out1 and Out2. Out1 is used as the input of ADS-B In and Out2 is used as the spectrum analyzer input for signal power measurements. The same test is done for SADS-B. The graph in
Figure 10b shows that there are no changes in either standard ADS-B’s or SADS-B’s sensitivity criteria. The Accuracy is calculated based on the following formula:
A third experiment was conducted to measure the computation time for both standard ADS-B and SADS-B.
Table 2 lists the mean values of the computational time for both systems in MATLAB Simulink and C++. As expected, the SADS-B processing time is higher than the standard time. However, this does not lead to any drawback in SADS-B Out, since the processing time (0.084 milliseconds) is far less than the minimum transmission rate (0.5 s). The SADS-B In performance does not show any degradation during this test, and its processing time is less than 120 microseconds. However, executing SADS-B SDAM along with other SDAMs leads to longer processing times, and its performance might be affected by a high volume of ADS-B traffic. This performance issue must be addressed.
Spectrum verification was done to compare the time domain and frequency domain signals simultaneously. As
Figure 11 illustrates, there is no harmony or strong signal out of the ADS-B band. Thus, SADS-B has not produced interference.
To sum up, the result of entropy and serial correlation proves that the proposed algorithm offers a sufficient level for both factors. The higher entropy and the lower serial correlation, the more security of the data. Therefore, the ADS-B message integrity and confidentiality will be guaranteed. The proposed blockchain scheme is not only used for exchanging the key, but is also utilized as a database to store ADS-B Out data. The ADS-B In after receiving the data can verify and validate with the stored database. Therefore, the authentication of each node can be performed indirectly without adding an extra payload to ADS-B messages.
5. Discussion
The goal of this research was to address ADS-B threats based on FPE methodology and to design and implement SADS-B by deploying SDR. Blockchain features were utilized to manage key exchanges for encryption purposes within ADS-B nodes. System performance and major key requirements were compared with standard ADS-B.
FFX was used here for encryption purposes, as it is a NIST standard algorithm, particularly FF1 and FF3-1. It has already been used for the exchange of sensitive information, including credit card numbers, ID numbers, and social insurance numbers. In addition, criteria for the measurement of the security complexity of FFX algorithms are defined for ADS-B for security level evaluation. For this purpose, the entropy of ADS-B information is computed for both standard ADS-B and SADS-B for various scenarios. The results indicate that the encryption of longer ADS-B data leads to higher entropy and higher security. In addition, after considering other factors such as serial correlation and plain and cipher data correlation, the optimal approach is to encrypt either 13- or 14-byte data sizes.
Apart from security concerns, a sensitivity experiment was conducted to assess system performance and to compare the results with standard ADS-B. No changes in system sensitivity were observed; therefore, the FFX-integrated system is capable of detecting poor signals such as that of standard ADS-B.
Perhaps the most cited advantages of the FAA’s switch to ADS-B surveillance are the quick transmission rate and the related controller scope refresh rate. As mentioned in
Figure 3 and
Figure 4, FFX adds an extra block of encryption and decryption subfunction to ADS-B In and ADS-B Out, respectively. The encryption increases the time required for message transmission and reception at both ends.
Since the message generation time in SADS-B Out is far less than the transmission rate, adding an encryption block does not affect the SADS-B operation. However, the performance of SADS-B In might be challenged when there are many SADS-B signals. The computational time takes longer in SADS-B because ADS-B is based on cascading blocks. In other words, each block operation depends on the previous block. This issue could be addressed by applying a threading feature to the FFX algorithm.
Blockchain is deployed to provide a secured channel for key exchanges among the ADS-B nodes. Since Hyperledger fabric satisfies the requirements of ADS-B and has been deployed in known cases, it is selected here for key exchange and for sensitive information storage. The key could be scheduled to update periodically.
Table 3 offers a comparison of the different types of solutions in terms of their implementation possibility (Achievability), security level, sensitivity degradation, and compatibility. Based on this comparison, FPE of size 14 and 13 bytes qualifies as the most achievable, as it is easy to implement, offers a high level of security without any drawback in sensitivity, and is compatible with standard ADS-B and only needs to be added to the software.
Table 4 represents a comparison of the different types of solutions in terms of their security requirements, including data integrity, location integrity, confidentiality, and authentication. Based on the comparison, the paper solution qualifies to achieve all requirements without adding any extra payload to ADS-B data.
On the one hand, implementation of the FFX algorithm secured the confidentiality and the integrity of ADS-B messages. Therefore, only the authorized nodes are capable of decoding the encrypted ADS-B data. The transmitted data is encrypted by a standard methodology, and it has high entropy to be decoded, thus attackers are not able to decode the data and manipulate it. The solution guarantees the integrity of the ADS-B data. On the other hand, the proposed permissioned blockchain model is used to share the encryption key among nodes (ADS-B systems), and the frequency of the key updating will secure the system confidentiality and integrity. In addition, the blockchain system provides a data repository in order to update information for each ADS-B Out data, and the receiver can verify the received data from the air with blockchain data and perform authentication. Therefore, the proposed model addresses the confidentiality, integrity, and authenticity concerns.
6. Conclusions
Deploying secure ADS-B leads to the improved protection of data and information against potential threats to ADS-B, including eavesdropping, message injection, and deletion. This paper assesses the FFX algorithm’s features and the possibility of its implementation in both Simulink and C++ with SDR BladeRF for both ADS-B Out/In systems. Real flight data entropy, serial correlation, and plain and cipher data correlation were selected as metrics with which to evaluate the system security level for various scenarios. The FFX algorithm provides sufficient diffusion and confusion to protect sensitive information in ADS-B data. Moreover, the ADS-B system capacity is not reduced, as message data length is preserved. In addition, the effects of SADS-B on standard ADS-B performance were explored. Although the SADS-B sensitivity performance was not altered, its computational time was increased. As explained in the discussion section, SADS-B Out’s performance is not impacted by this computational time increment. The SADSB In computational time could be enhanced by applying a threading feature on the FFX algorithm to alleviate processing time issues due to cascading blocks.
The novelty of this work is summarized as follows:
Investigating the FFX algorithms’ impact on ADS-B messages and how its utilization brings about security advantages to ADS-B sensitive data.
Designing and implementing FFX algorithms in an SDR system (BladeRF) which is compatible with the standard ADS-B for both the transmitter and receiver.
Offering a new solution for the key exchange for encryption via the blockchain scheme
Experimenting with lab and flight tests without any degradation in standard ADS-B performance and key requirements.
It might be argued that, by applying FPE encryption, ADS-B’s desirable openness feature will be lost, and this is mostly true. However, aviation authorities can implement the FFX algorithm as a contingency response during active attack circumstances. This would protect ADS-B systems from any serious consequences due to attacks.
Although the work examined SADS-B Out/In in an operational environment, performing experimental tests on a large scale with a high number of various aircraft to validate its performance is required to convince the aviation industry to utilize the advantages of SADS-B. In addition, it is suggested to establish the experimental procedure for examining the proposed system behaviour against the various threats and attacks.