Risk-Adaptive Engine for Secure ADS-B Broadcasts

Automatic Dependent Surveillance Broadcast (ADS-B) [1] is a technology that can be viewed either as a complement or as an alternative to current radar-based surveillance techniques. Despite its many benefits, this technology suffers from the security flaw of having its messages sent as clear text broadcasts, which makes it vulnerable to several kinds of attacks affecting the authenticity and integrity of ADS-b messages - a problem we addressed with a security framework presented in previous work [2]. In this paper, we propose to enhance that initial work by using keyed-hash message authentication code [3] (HMAC) to ensure the authenticity and integrity of ADS-B messages. The proposed improvements include changing the structure of the security-related data and, more importantly, adding a cognitive risk adaptive module. These improvements resulted in four main contributions. First, the new structure of the security-related data is more resilient to messages being lost or scrambled. Second, the risk-adaptive cognitive engine facilitates the physical risk assessment of the ADS-B attacks, based on the collected data describing the aircraft and its surrounding environment. Third, air traffic controllers using the framework have better support for optimizing the use of the air space and minimizing disruptions. Fourth, the framework improves adaptability of ATC surveillance operations by leveraging the collected physical data from the aircraft.