720 likes | 943 Views
Design of A Cyber Security Framework for ADS-B Based Surveillance Systems. Sahar Amin Tyler Clark Rennix Offutt Kate Serenko. Agenda. Context Analysis Stakeholder Analysis Problem Statement & Needs Statement Mission Requirements Design Alternatives Preliminary Simulation Design
E N D
Design of A Cyber Security Framework for ADS-B Based Surveillance Systems Sahar Amin Tyler Clark Rennix Offutt Kate Serenko
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Context Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Context Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Number of People Flying Each Year in US Forecast * Source: U.S. Department of Transportation. Form 41 and 298C Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
United States Air Carriers Fleet Forecast Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
US Airspace Congestion Radar and ADS-B coverage Only ADS-B coverage Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Context Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Surveillance What: Surveillance is close observation and monitoring of changing information. Why: Surveillance in air transportation is needed to track and monitor flights to maximize efficiency and safety in airspace. Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Primary Surveillance • Primary Surveillance Radar • Created to provide continuous surveillance of air traffic disposition • Uses a rotating antenna to transmit electromagnetic waves that reflect from aircraft surface up to 60 miles from radar • Problems: could only provide object’s location; does not identify object type; does not provide coverage over oceanic regions Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Secondary Surveillance Radar • Secondary Surveillance Radar • Initially developed as a wartime radar system, called Identification Friend or Foe (IFF) • Attached to primary radar; relies on aircraft transponders to transmit and receive aircraft data • Problems: expensive; does not provide surveillance coverage over oceanic regions Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Context Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Next Generation (Next Gen) • Next Generation (Next Gen) • New airspace for US to be implemented between 2012-2025 • New framework for flight tracking and monitoring • Ground/radar-based tracking system satellite-based tracking system • Major Component of NextGen: Automatic Dependent Surveillance-Broadcast (ADS-B) Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Automatic Dependent Surveillance-Broadcast (ADS-B) • Automatic – does not require interrogation • Dependent – depends on location information from GPS • Surveillance – provides situational awareness for ADS-B equipped aircraft and ARTCC • Broadcast – constant broadcasting of flight navigation information Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
How ADS-B Works Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
ADS-B Advantages • Increased situational awareness for both pilots and ARTCC • Provides surveillance coverage in areas without radar coverage • Less expensive than traditional radar • Information is broadcasted in real time • Can decrease separation distance between aircraft Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Decreased Separation Distance Without ADS-B Coverage One In, One Out 20 NM With ADS-B Coverage Separation distance decreased to 5 NM 5 NM 5 NM 5 NM 5 NM Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
ADS-B Messages AA: Individual Aircraft Address ADS-B Data: Aircraft type, Altitude, Latitude, Longitude, Airborne Velocity DF: Downlink Format CA: Capability PI: Parity Information (Error Detection Code) Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Cyber Security in Aviation • Aviation has gone Cyber • ADS-B transmits digital signals to ground servers and nearby aircraft • New threat vector in aviation • Signals are unencrypted signals can be spoofed or jammed by adversaries Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Threats • Spoofing • False Source • False Content • Jamming • Ghost Plane Flooding • Ground Station Flooding 1090MHz 1090MHz 1090MHz Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Scope Definition • Oceanic area between two land masses covered by ARTCC • No radar coverage – Only ADS-B surveillance • Commercial aviation – en route flights • Spoofing attacks only - concentrating on prevention of attacks • Jamming is out of our scope because it cannot be prevented Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Stakeholder Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Primary Stakeholders Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Secondary Stakeholders Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Stakeholder Tensions Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Gap Analysis Gap * Source: FAA Aerospace Forecast Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Problem Statement Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Win-Win Analysis Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Needs Statement There is a need for a system that prevents spoofing attacks on ADS-B signals sent from aircraft to ARTCC and between aircrafts. Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Mission Requirements 1.0 The system shall increase the capacity of airspace by 32% in the areas without radar coverage. 1.1 The system shall decrease the separation distance between aircraft to 3 nautical miles. 1.1.1 ADS-B messages shall be resistant to spoofing attacks Y% of times. 1.1.2 A spoofing attack shall not overload the capacity of the airspace. 2.0 The system shall maintain or decrease accident rate of 0.291* accidents per 100,000 departures. 3.0 The system shall be ready to be implemented by 2020. *Source: Bureau of Transportation Statistics Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Design Alternatives Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
1. Hashing • What Is It? • Goal – Confirming the source of a message • Digital Signature/Hash created by sender – aircraft • Attached at the end of the message • Verified by receiver - ARTCC Fusion System Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Hashing Demo Hash – attaching at the end of the message Original Text Text with Hash SHA-2 Algorithm Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
2. Symmetric Encryption • What Is It? • Encryption – converting data into code • Symmetric – each entity has one private key • Message encrypted with key has to be decrypted with the same key Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
3. Asymmetric Encryption • What Is It? • Two keys – Public and Private • Longer keys – stronger security Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Encryption Demo Original Text Encrypted Text Key: CyberSecurity Encrypt Decrypt Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Design Alternatives Evaluation Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Value Hierarchy Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Agenda • Context Analysis • Stakeholder Analysis • Problem Statement & Needs Statement • Mission Requirements • Design Alternatives • Preliminary Simulation Design • Project Management Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Design of Experiment • Goal – show how securing ADS-B signals can increase airspace capacity • Verify the ability of the system to prevent cyber attacks and maintain current safety level under diverse/dangerous conditions. • Simulation Design: • 1. Signal Simulation • 2. Airspace Capacity Simulation Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Simulation Design 1 2 ADS-B Messages Signal Simulation Design Alternatives Airspace capacity Airspace Capacity Simulation Reliability of Design Alternatives Spoofed Messages Collision Rate Separation Distance Departure Streams Arrival Capacities Speed of Aircraft Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
1. Signal Simulation • Purpose of simulation: evaluate reliability of design alternatives • Simulating signals with and without signal security design alternatives • Output (reliability of signal security methods) of signal simulation will be used as input to airspace capacity simulation • Signal simulation will be programed in Matlab Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
2. Airspace Capacity Simulation • Purpose of simulation: verify ability of system to maximize airspace capacity and maintain safety levels • Find the optimal separation distance for flights to operate in the airspace allows for increase in airspace capacity • Simulation will abide by FAA regulations • En route flights over oceanic area relying solely on ADS-B data • Flight paths modeled after popular Gulf of Mexico flights • Airspace capacity will be modeled in Arena Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Airspace Simulation (Continued) Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Arena Simulation Model Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013
Single Cell Decision • Planned/preferred path is in red • If capacity of cell 1 (Level 0 Preference) is full: • Level 1 Preference: Cells 2 or 4 (blue) • Shortest path to 1 (2 iterations) • Level 2 Preference: Cells 3,6 or 7 (green) • 3 iterations • Level 3 Preference: Cell 9 (orange) • 4 iterations • Will choose the highest ranked level with free capacity Department of Systems Engineering and Operations Research Design of A Cyber Security Framework for ADS-B Based Surveillance Systems • SYST 490 - 2013