Show simple item record

dc.contributor.authorTurtiainen, Hannu
dc.contributor.authorCostin, Andrei
dc.contributor.authorKhandker, Syed
dc.contributor.authorHämäläinen, Timo
dc.date.accessioned2022-02-16T13:33:34Z
dc.date.available2022-02-16T13:33:34Z
dc.date.issued2022
dc.identifier.citationTurtiainen, H., Costin, A., Khandker, S., & Hämäläinen, T. (2022). GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective. <i>IEEE Access</i>, <i>10</i>, 21554-21562. <a href="https://doi.org/10.1109/ACCESS.2022.3150840" target="_blank">https://doi.org/10.1109/ACCESS.2022.3150840</a>
dc.identifier.otherCONVID_104251707
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/79799
dc.description.abstractAs the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from ADS-B avionics devices. We ran our samples through a state-of-the-art fuzzing platform (AFL), and fed the AFL’s output to the EFB apps and GDL-90 decoding software via the network in the same manner as legitimate GDL-90 traffic is sent from ADS-B and other avionics devices. The result shows a worrying anc critical lack of security in many EFB applications where the security is directly related to aircraft’s safety navigation. Out of 16 tested configurations, our avionics pentesting platform managed to crash or otherwise impact 9 (or 56%) of those. The observed problems manifested as crashes, hangs, and abnormal behaviours of the EFB apps and GDL-90 decoders during the fuzzing test. Attacks on core sub-system availability (such as DoS) pose high risks to safety-critical and mission-critical systems such as avionics and aerospace. Our work aims at developing and proposing a systematic pentesting methodology for such devices, protocols, and software, and discovering and reporting as early as possible such vulnerabilities.en
dc.format.mimetypeapplication/pdf
dc.language.isoeng
dc.publisherInstitute of Electrical and Electronics Engineers (IEEE)
dc.relation.ispartofseriesIEEE Access
dc.rightsCC BY 4.0
dc.subject.otherfuzzing
dc.subject.otheraerospace electronics
dc.subject.otherprotocols
dc.subject.othersoftware
dc.subject.otherheart beat
dc.subject.otheraircraft
dc.subject.otherstandards
dc.subject.otherGDL-90
dc.subject.otherADS-B
dc.subject.otherattacks
dc.subject.othercybersecurity
dc.subject.otherpentesting
dc.subject.otherresiliency
dc.subject.otherDoS
dc.subject.otheraviation
dc.subject.otheravionics
dc.subject.otherairtraffic
dc.titleGDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective
dc.typearticle
dc.identifier.urnURN:NBN:fi:jyu-202202161529
dc.contributor.laitosInformaatioteknologian tiedekuntafi
dc.contributor.laitosFaculty of Information Technologyen
dc.contributor.oppiaineSecure Communications Engineering and Signal Processingfi
dc.contributor.oppiaineTietotekniikkafi
dc.contributor.oppiaineTekniikkafi
dc.contributor.oppiaineSecure Communications Engineering and Signal Processingen
dc.contributor.oppiaineMathematical Information Technologyen
dc.contributor.oppiaineEngineeringen
dc.type.urihttp://purl.org/eprint/type/JournalArticle
dc.type.coarhttp://purl.org/coar/resource_type/c_2df8fbb1
dc.description.reviewstatuspeerReviewed
dc.format.pagerange21554-21562
dc.relation.issn2169-3536
dc.relation.volume10
dc.type.versionpublishedVersion
dc.rights.copyright© 2022 the Authors
dc.rights.accesslevelopenAccessfi
dc.relation.grantnumber783287
dc.relation.grantnumber783287
dc.relation.grantnumber304970
dc.relation.projectidinfo:eu-repo/grantAgreement/EC/H2020/783287/EU//ATM-Cybersec
dc.subject.ysokyberturvallisuus
dc.subject.ysolennonjohto
dc.subject.ysotestausmenetelmät
dc.subject.ysoverkkohyökkäykset
dc.subject.ysolennonvarmistus
dc.subject.ysolentoliikenne
dc.format.contentfulltext
jyx.subject.urihttp://www.yso.fi/onto/yso/p26189
jyx.subject.urihttp://www.yso.fi/onto/yso/p525
jyx.subject.urihttp://www.yso.fi/onto/yso/p26360
jyx.subject.urihttp://www.yso.fi/onto/yso/p27466
jyx.subject.urihttp://www.yso.fi/onto/yso/p14938
jyx.subject.urihttp://www.yso.fi/onto/yso/p4262
dc.rights.urlhttps://creativecommons.org/licenses/by/4.0/
dc.relation.doi10.1109/ACCESS.2022.3150840
dc.relation.funderEuropean Commissionen
dc.relation.funderResearch Council of Finlanden
dc.relation.funderEuroopan komissiofi
dc.relation.funderSuomen Akatemiafi
jyx.fundingprogramOthers, H2020en
jyx.fundingprogramResearch infrastructures, AoFen
jyx.fundingprogramMuut, H2020fi
jyx.fundingprogramTutkimusinfrastruktuuri, SAfi
jyx.fundinginformationThe authors acknowledge the grants of computer capacity from the Finnish Grid and Cloud Infrastructure (persistent identifier urn:nbn:fi:research-infras-2016072533). Major parts of this research supported by cascade funding from the Engage consortium’s Knowledge Transfer Network (KTN) project "Engage - 204 - Proof-of-concept: practical, flexible, affordable pentesting platform for ATM/avionics cybersecurity" (SESAR Joint Undertaking under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 783287). All and any results, views, and opinions presented herein are only those of the authors and do not reflect the official position of the European Union (and its organizations and projects, including Horizon 2020 program and Engage KTN). Part of this research was supported by a grant from the Decision of the Research Dean on research funding within the Faculty (07.04.2021) of the Faculty of Information Technology of University of Jyväskylä (The authors thank Dr. Andrei Costin for facilitating and managing the grant). Hannu Turtiainen also thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (https://skr.fi/en) for supporting his Ph.D. dissertation work and research (under grant decision no.00211119) and the Faculty of Information Technology of the University of Jyvaskyla (JYU), in particular, Prof. Timo Hämäläinen, for partly supporting and supervising his Ph.D. work at JYU in 2021–2022
dc.type.okmA1


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

CC BY 4.0
Except where otherwise noted, this item's license is described as CC BY 4.0