GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective
Turtiainen, H., Costin, A., Khandker, S., & Hämäläinen, T. (2022). GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective. IEEE Access, 10, 21554-21562. https://doi.org/10.1109/ACCESS.2022.3150840
Julkaistu sarjassa
IEEE AccessPäivämäärä
2022Oppiaine
Secure Communications Engineering and Signal ProcessingTietotekniikkaTekniikkaSecure Communications Engineering and Signal ProcessingMathematical Information TechnologyEngineeringTekijänoikeudet
© 2022 the Authors
As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from ADS-B avionics devices. We ran our samples through a state-of-the-art fuzzing platform (AFL), and fed the AFL’s output to the EFB apps and GDL-90 decoding software via the network in the same manner as legitimate GDL-90 traffic is sent from ADS-B and other avionics devices. The result shows a worrying anc critical lack of security in many EFB applications where the security is directly related to aircraft’s safety navigation. Out of 16 tested configurations, our avionics pentesting platform managed to crash or otherwise impact 9 (or 56%) of those. The observed problems manifested as crashes, hangs, and abnormal behaviours of the EFB apps and GDL-90 decoders during the fuzzing test. Attacks on core sub-system availability (such as DoS) pose high risks to safety-critical and mission-critical systems such as avionics and aerospace. Our work aims at developing and proposing a systematic pentesting methodology for such devices, protocols, and software, and discovering and reporting as early as possible such vulnerabilities.
...
Julkaisija
Institute of Electrical and Electronics Engineers (IEEE)ISSN Hae Julkaisufoorumista
2169-3536Asiasanat
Julkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/104251707
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Rahoittaja(t)
Euroopan komissio; Suomen AkatemiaRahoitusohjelmat(t)
Muut, H2020; Tutkimusinfrastruktuuri, SA
The content of the publication reflects only the author’s view. The funder is not responsible for any use that may be made of the information it contains.
Lisätietoja rahoituksesta
The authors acknowledge the grants of computer capacity from the Finnish Grid and Cloud Infrastructure (persistent identifier urn:nbn:fi:research-infras-2016072533). Major parts of this research supported by cascade funding from the Engage consortium’s Knowledge Transfer Network (KTN) project "Engage - 204 - Proof-of-concept: practical, flexible, affordable pentesting platform for ATM/avionics cybersecurity" (SESAR Joint Undertaking under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 783287). All and any results, views, and opinions presented herein are only those of the authors and do not reflect the official position of the European Union (and its organizations and projects, including Horizon 2020 program and Engage KTN). Part of this research was supported by a grant from the Decision of the Research Dean on research funding within the Faculty (07.04.2021) of the Faculty of Information Technology of University of Jyväskylä (The authors thank Dr. Andrei Costin for facilitating and managing the grant). Hannu Turtiainen also thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (https://skr.fi/en) for supporting his Ph.D. dissertation work and research (under grant decision no.00211119) and the Faculty of Information Technology of the University of Jyvaskyla (JYU), in particular, Prof. Timo Hämäläinen, for partly supporting and supervising his Ph.D. work at JYU in 2021–2022 ...Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology ... -
Cybersecurity attacks on software logic and error handling within ADS-B implementations : systematic testing of resilience and countermeasures
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Automatic Dependent Surveillance-Broadcast (ADS-B) is a cornerstone of the next-generation digital sky and is now mandated in several countries. However, there have been many reports of serious security vulnerabilities in ... -
Cybersecurity Attacks on Software Logic and Error Handling within AIS Implementations : A Systematic Testing of Resilience
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)To increase situational awareness of maritime vessels and other entities and to enable their exchange of various information, the International Maritime Organization mandated the use of the Automatic Identification System ... -
On Apache Log4j2 Exploitation in Aeronautical, Maritime, and Aerospace Communication
Juvonen, Artturi; Costin, Andrei; Turtiainen, Hannu; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Apache Log4j2 is a prevalent logging library for Java-based applications. In December 2021, several critical and high-impact software vulnerabilities, including CVE-2021-44228, were publicly disclosed, enabling remote code ... -
Position : On Potential Malware & New Attack Vectors for Internet-of-Brains (IoB)
Lahtinen, Tuomo; Costin, Andrei; Suarez-Tangil, Guillermo (IEEE, 2024)The Internet of Brains (IoB) is a relatively recent and still emerging computing paradigm connecting different Brain-Computer Interface (BCI) devices to networks, smartphones, cloud, software, and machine-learning models. ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.