Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Is CPDLC Secure and Can Identity-Defined Networking help?Andrei Gurtov
Introduction: Prof. Andrei Gurtov
• Department of Computer and Information Sciences, LiU, Sweden
• Cybersecurity, wireless networks, IoT, IETF
• ACM Distinguished Scientist, IEEE Distinguished Lecturer
• https://gurtov.com
2019-06-26 2
Outline• Controller Pilot Data Link Communication (CPDLC)
in practice
• Security analysis
• Passive monitoring for intrusion detection
• Key exchange for active protection
• Joint work with T. Polishchuk, M. Wernberg, A. Lehto, I. Sestorp
2019-06-26 3CPDLC Security/Andrei Gurtov
CPDLC• ATN-B1
implementation
• Very High Frequency Digital Link Mode 2 (VDL2)
• Log in
• Handover
• Message format
• Security
2019-06-26CPDLC Security/Andrei Gurtov 4
Motivation
Growing air traffic● 3000 daily departures● Estimated double at 2037● UAVs● Offload voice VHF channels to CPDLC
Software-defined radio● Cheap, readily available, open-source tools● VDL2 decoder public January 2019
Common attacks to Cyberphysical systems
2019-06-26 5CPDLC Security/Andrei Gurtov
State of The Art• In Aviation the focus is on safety rather than security
• Known vulnerabilities in ADS-B
– Security in NG ATM (Strohmeier, 2016)
– Holistic Air Protection (Braeken, 2019)
• CPDLC
– Simulated attack (Marco, 2016)
– Security analysis (Gurtov, 2018)
• DEFCON demos ’17 ’20 ’21
– E.g. “All Your RFz Are Belong to Me”
• ARINC 823P1: DATALINK SECURITY (2007)
2019-06-26 6CPDLC Security/Andrei Gurtov
Controller-Pilot Data Link Communications (CPDLC)● Standard data flight communication● Air Traffic Network (ATN)
○ Flight Controller ○ Airplane
● Uses datalink mode VDL2● Non-critical communication● Mostly pre-formatted messages● ATN-B1 and FANS-1/A standard● Vs ACARS (aircraft communications addressing and
reporting system)
2019-06-26 7CPDLC Security/Andrei Gurtov
ATN-B1 Deployment
2019-06-26 8CPDLC Security/Andrei Gurtov
Handover● CDA (Current Data
Authority)● NDA (Next Data
Authority)● Contact
(request/response/complete)○ CONTACT
● Termination (request/confirmation)○ WILCO
2019-06-26 9CPDLC Security/Andrei Gurtov
CDA NDA
CDA
Experiment in Arlanda• Recording ACARS/CPDLC traffic for an hour
• April 5th, 2019 10-11 am
• Collecting and decoding radio traffic on frequencies 136,725, 136,975, 136,955, 136,775 and 136,975 MHz.
2019-06-26 10CPDLC Security/Andrei Gurtov
Software Defined Radio
2019-06-26 11CPDLC Security/Andrei Gurtov
Dumpvdl2● GitHub (Tomasz Lemiech)● Decoding● Eavesdroping● Filtrering● Logging
CPDLC/ACARS Messages in an Hour
2019-06-26 12CPDLC Security/Andrei Gurtov
Sample Aircraft
2019-06-26 13CPDLC Security/Andrei Gurtov
Login
2019-06-26 14CPDLC Security/Andrei Gurtov
● Aircraft identificationSAS571
● Aircraft registration and/or address Part of TSAP
● Departure and destination aerodromes ESSA - ArlandaLFPG - Paris-Charles-de-Gaulle
Handover
2019-06-26 15CPDLC Security/Andrei Gurtov
ESMM - Malmö● NDA is ESMM ● VHF frequency to ESMM● CDA becomes ESMM
Clearance to Proceed to a Point
2019-06-26 16CPDLC Security/Andrei Gurtov
Timestamps of Sent Messages
2019-06-26 17CPDLC Security/Andrei Gurtov
Attack Prevention
Cyclic Redundancy Check (CRC)● Application Message Integrity Check (AMIC)
Potential attacks● Eavesdropping● Jamming● Flooding● Injection ● Replay● Masquerading
2019-06-26 18CPDLC Security/Andrei Gurtov
CPDLC Insecurity• Confidentiality
– All data in plain text, maybe soon broadcasted over Internet like VHF voice
• Integrity
– Modification and insertion attacks are possible since CRC is trivial to recompute
• Availability
– Jamming or connection resets are possible
2019-06-26 19CPDLC Security/Andrei Gurtov
Passive Monitoring• Intrusion Detection System IDS
– Internet Examples: Snort, Bro
– Need to write open-source modules for CPDLC traffic
• Deploy in control towers to alert Controllers of inconsistencies, fake messages
2019-06-26 20CPDLC Security/Andrei Gurtov
Public Keys and Diffie-Hellman Exchange
2019-06-26 21CPDLC Security/Andrei Gurtov
Public/Private key 2
Public/Private key 1
Public/Private key 3
Encryption using symmetric key 1
Encryption using symmetric key 2
Trust Anchor for Airplane (SHA-1, 160 bits)
2019-06-26 22CPDLC Security/Andrei Gurtov
U/43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8:b4:78:c6:da
Trust Anchor for Aerodromes• IAIP – ESSA STOCKHOLM/Arlanda• IAIP->AIP->AD->AD 2->ESSA
• https://aro.lfv.se/Editorial/View/5930/ES_AD_2_ESSA_en
• ESSA 2.17 ATS AIRSPACE
• 6. Remarks
• Add ”Public key fingerprint”
2019-06-26 23CPDLC Security/Andrei Gurtov
SHA1("The quick brown fox jumps over the lazy dog")gives hexadecimal: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12 gives Base64 binary to ASCII text encoding: L9ThxnotKPzthJ7hu3bnORuT6xI=
Potential Issues– Overload of CPDLC capacity due to large messages
– Use of modern efficient cryptography based on Elliptic Curves (ECC)
– Modern fingerprints require long hashes of at least 256 bits – usability problem for entry
– Cannot communicate if key is incorrect due to human error
• Fall back to insecure mode or voice VHF
2019-06-26 24CPDLC Security/Andrei Gurtov
Identity-Defined Networking for Security
2019-06-26 25CPDLC Security/Andrei Gurtov
Advice for ATM/ANSP• Treat ADS-B as advisory info only
– Use primary&secondary radar for verification
• Make sure CPDLC is non-critical
– Max load handled with voice VHF
• Perform drills with fake ADS-B reports and CPDLC spam
– E.g. ATM screen filled with bogus planes
• Make sure pilots are not dependent on electronics
– Have paper maps and non-GPS navigation
• Demand security from future versions of ADS/CPDLC
2019-06-26 26CPDLC Security/Andrei Gurtov
www.liu.se
Thanks for Attention! Questions?
Future Work• Model maximum capacity of CDPLC/ACARS
messages in a given location
– Medium Access Control efficiency
• Produce active attacks to CPDLC in a safe isolated environment
– Need for real Control Display Unit (CDU)
• Test key exchange over CPDLC
• Side channel authentication
2019-06-26 28CPDLC Security/Andrei Gurtov
Identity-Defined Networking (IDN) at a Glance
Current Data Authority: ESOS Arlanda
2019-06-26 30CPDLC Security/Andrei Gurtov
Data Link Initiation Capability (DLIC)
● CMLogonRequest○ Aircraft identification (7)○ Aircraft registration and/or
address (18) part of CMLongTSAP
○ Departure and destination aerodromes (13 & 16)
● CMLogonResponse○ Status of the response
2019-06-26 31CPDLC Security/Andrei Gurtov
Re-Use Existing Security Protocols• Designing new protocols takes years and error prone
• IEEE 802.15.9 Key Management Protocols
– IEEE 802.15.4 link properties similar to VLD2
• In-turn based on IETF protocols
– Host Identity Protocol
– Internet Key Exchange IKEv2, 802.1X
– No classical TCP/IP present
• 6lowpan, COAP, ROFL
2019-06-26 32CPDLC Security/Andrei Gurtov
Base Exchange of Host Identity Protocol
2019-06-26 33CPDLC Security/Andrei Gurtov
Encryption is Easy, Trust is hard• Establish a common symmetric key between the Controller and
Airplane for encryption and authentication
• Option 1: Use certificates to proof aerodrome and airplane Ids
– Similar system like DNSSEC with Certificate Authorities, Certificate Revocation Lists, Transparency Logs, etc
• Option 2: Reuse current infrastructure with FlightPlan and AIP for carrying Trust Anchors (public key finger print)
2019-06-26 34CPDLC Security/Andrei Gurtov
Pre-coded CPDLC Messages
2019-06-26 35CPDLC Security/Andrei Gurtov
Message Message Identification Number (MIN)
Message Reference Number (MRN)
DM 6 REQUEST FL350 8 0
UM 1 STANDBY 12 8
UM 20 CLIMB TO FL350or CLIMB TO AND MAINTAIN FL350
UM 129 REPORT MAINTAINING[level]or REPORT LEVEL FL350
13 8
DM 0 WILCO 9 13
DM 37 MAINTAINING FL350 or LEVEL FL350 10 -
Very High Frequency Digital Link Mode 2 (VDL2)118 - 136,975 MHz
Lager 1 – Physical layer● Frequency control● Encoding for bit errors
Lager 2 – Datalink layer● Send data● Framing● Status● Error detection
Lager 3 – Network layer
● Data-packet flow
2019-06-26 36CPDLC Security/Andrei Gurtov
Transmission Capability• HackRF One/Universal Software Radio Peripheral
(USRP) + analog VHF radio?
2019-06-26 37CPDLC Security/Andrei Gurtov