Simulating ADS-B attacks in air traffic management : By the help of an ATM simulator

Abstract: In Air Traffic Management (ATM) training, simulations of real air traffic control (ATC) scenarios are a key part of practical teaching. On the internet one may find multiple different ATM simulators available to the public with open source code. Today most aircraft transmit data about position, altitude, and speed into the atmosphere that essentially are unencrypted data points, available to the public. This means that potential attackers could project "fake" ADS-B data and spoof existing data to the air traffic controllers (ATCO) if the right equipment is used. We see this as a security flaw and we want to prepare ATCO for cyberattacks by modifying an ATM simulator with cyberattacks. First, openScope was chosen as the ATM simulator to be modified. Subsequently, three types of attacks were chosen for the simulator to be equipped with, based on ADS-B weaknesses from existing literature: aircraft that do not respond to commands, aircraft with altering positional data, and aircraft with incorrect speed and altitude data. The recorded parameters were the written command lines and corresponding aircraft type it was applied to. Using this modified simulator, ATCO can now be evaluated against cyberattacks.