Forskningsradar
← Tech & AI
Tech & AI 4.0

Researchers Expose Critical Vulnerability in Aviation's Digital Communication System

A new security framework reveals that Controller Pilot Data Link Communications—the digital system replacing voice radio in modern aircraft—can be hacked with cheap equipment, potentially allowing attackers to redirect planes or create safety hazards. The research proposes encryption and authentication fixes that could prevent catastrophic incidents affecting billions in aviation operations.

Originaltitel: A Secure Framework For Controller Pilot Data Link Communications in Aviation Network

Abstrakt

<p>Controller Pilot Data Link Communications (CPDLC) enhances air traffic communication by replacing traditional voice transmissions with digital messages over Very High Frequency (VHF) radio systems. This transition improves communication resilience by providing clear, text-based instructions that reduce misunderstandings and increase bandwidth efficiency by enabling more data to be transmitted simultaneously. It benefits congested airspace by reducing radio frequency congestion and minimizing communication errors. However, due to the plain-text nature of its messages, CPDLC faces significant security challenges, making it vulnerable to cyber-attacks such as eavesdropping, modification, injection, and man-in-the-middle (MITM) attacks. This vulnerability allows motivated attackers to intercept CPDLC messages using inexpensive devices like Software-Defined Radio (SDR), HACKRF-one, and an antenna. Such breaches can lead to fatal safety incidents, severely impacting passengers and the aviation industry. To address this, we proposed a robust security framework for securing CPDLC communication by implementing critical measures, including mutual authentication, secure key establishment, and handover. The proposed framework has been tested on hardware to verify its effectiveness in practical scenarios, ensuring it aligns with existing CPDLC standards and integrates seamlessly into current systems without impacting operational efficiency. Our findings indicate that the proposed security framework enhances CPDLC's defenses against potential cyber threats while maintaining system performance, making it feasible to protect global air traffic communications.</p>

Generera ett redaktionellt utkast på svenska