GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective
| dc.contributor.author | Turtiainen, Hannu | |
| dc.contributor.author | Costin, Andrei | |
| dc.contributor.author | Khandker, Syed | |
| dc.contributor.author | Hämäläinen, Timo | |
| dc.date.accessioned | 2022-02-16T13:33:34Z | |
| dc.date.available | 2022-02-16T13:33:34Z | |
| dc.date.issued | 2022 | |
| dc.identifier.citation | Turtiainen, H., Costin, A., Khandker, S., & Hämäläinen, T. (2022). GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective. <i>IEEE Access</i>, <i>10</i>, 21554-21562. <a href="https://doi.org/10.1109/ACCESS.2022.3150840" target="_blank">https://doi.org/10.1109/ACCESS.2022.3150840</a> | |
| dc.identifier.other | CONVID_104251707 | |
| dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/79799 | |
| dc.description.abstract | As the core part of next-generation air transportation systems, the Automatic Dependent Surveillance-Broadcast (ADS-B) is becoming very popular. However, many (if not most) ADS-B devices and implementations support and rely on Garmin’s GDL-90 protocol for data exchange and encapsulation. In this paper, we research GDL-90 protocol fuzzing options and demonstrate practical Denial-of-Service (DoS) attacks on popular Electronic Flight Bag (EFB) software operating on mobile devices. For this purpose, we specifically configured our own avionics pentesting platform. and targeted the popular Garmin’s GDL-90 protocol as the industry-leading devices operate on it. We captured legitimate traffic from ADS-B avionics devices. We ran our samples through a state-of-the-art fuzzing platform (AFL), and fed the AFL’s output to the EFB apps and GDL-90 decoding software via the network in the same manner as legitimate GDL-90 traffic is sent from ADS-B and other avionics devices. The result shows a worrying anc critical lack of security in many EFB applications where the security is directly related to aircraft’s safety navigation. Out of 16 tested configurations, our avionics pentesting platform managed to crash or otherwise impact 9 (or 56%) of those. The observed problems manifested as crashes, hangs, and abnormal behaviours of the EFB apps and GDL-90 decoders during the fuzzing test. Attacks on core sub-system availability (such as DoS) pose high risks to safety-critical and mission-critical systems such as avionics and aerospace. Our work aims at developing and proposing a systematic pentesting methodology for such devices, protocols, and software, and discovering and reporting as early as possible such vulnerabilities. | en |
| dc.format.mimetype | application/pdf | |
| dc.language.iso | eng | |
| dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | |
| dc.relation.ispartofseries | IEEE Access | |
| dc.rights | CC BY 4.0 | |
| dc.subject.other | fuzzing | |
| dc.subject.other | aerospace electronics | |
| dc.subject.other | protocols | |
| dc.subject.other | software | |
| dc.subject.other | heart beat | |
| dc.subject.other | aircraft | |
| dc.subject.other | standards | |
| dc.subject.other | GDL-90 | |
| dc.subject.other | ADS-B | |
| dc.subject.other | attacks | |
| dc.subject.other | cybersecurity | |
| dc.subject.other | pentesting | |
| dc.subject.other | resiliency | |
| dc.subject.other | DoS | |
| dc.subject.other | aviation | |
| dc.subject.other | avionics | |
| dc.subject.other | airtraffic | |
| dc.title | GDL90fuzz : Fuzzing “GDL-90 Data Interface Specification” Within Aviation Software and Avionics Devices : A Cybersecurity Pentesting Perspective | |
| dc.type | article | |
| dc.identifier.urn | URN:NBN:fi:jyu-202202161529 | |
| dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
| dc.contributor.laitos | Faculty of Information Technology | en |
| dc.contributor.oppiaine | Secure Communications Engineering and Signal Processing | fi |
| dc.contributor.oppiaine | Tietotekniikka | fi |
| dc.contributor.oppiaine | Tekniikka | fi |
| dc.contributor.oppiaine | Secure Communications Engineering and Signal Processing | en |
| dc.contributor.oppiaine | Mathematical Information Technology | en |
| dc.contributor.oppiaine | Engineering | en |
| dc.type.uri | http://purl.org/eprint/type/JournalArticle | |
| dc.type.coar | http://purl.org/coar/resource_type/c_2df8fbb1 | |
| dc.description.reviewstatus | peerReviewed | |
| dc.format.pagerange | 21554-21562 | |
| dc.relation.issn | 2169-3536 | |
| dc.relation.volume | 10 | |
| dc.type.version | publishedVersion | |
| dc.rights.copyright | © 2022 the Authors | |
| dc.rights.accesslevel | openAccess | fi |
| dc.relation.grantnumber | 783287 | |
| dc.relation.grantnumber | 783287 | |
| dc.relation.grantnumber | 304970 | |
| dc.relation.projectid | info:eu-repo/grantAgreement/EC/H2020/783287/EU//ATM-Cybersec | |
| dc.subject.yso | kyberturvallisuus | |
| dc.subject.yso | lennonjohto | |
| dc.subject.yso | testausmenetelmät | |
| dc.subject.yso | verkkohyökkäykset | |
| dc.subject.yso | lennonvarmistus | |
| dc.subject.yso | lentoliikenne | |
| dc.format.content | fulltext | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p26189 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p525 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p26360 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p27466 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p14938 | |
| jyx.subject.uri | http://www.yso.fi/onto/yso/p4262 | |
| dc.rights.url | https://creativecommons.org/licenses/by/4.0/ | |
| dc.relation.doi | 10.1109/ACCESS.2022.3150840 | |
| dc.relation.funder | European Commission | en |
| dc.relation.funder | Research Council of Finland | en |
| dc.relation.funder | Euroopan komissio | fi |
| dc.relation.funder | Suomen Akatemia | fi |
| jyx.fundingprogram | Others, H2020 | en |
| jyx.fundingprogram | Research infrastructures, AoF | en |
| jyx.fundingprogram | Muut, H2020 | fi |
| jyx.fundingprogram | Tutkimusinfrastruktuuri, SA | fi |
| jyx.fundinginformation | The authors acknowledge the grants of computer capacity from the Finnish Grid and Cloud Infrastructure (persistent identifier urn:nbn:fi:research-infras-2016072533). Major parts of this research supported by cascade funding from the Engage consortium’s Knowledge Transfer Network (KTN) project "Engage - 204 - Proof-of-concept: practical, flexible, affordable pentesting platform for ATM/avionics cybersecurity" (SESAR Joint Undertaking under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 783287). All and any results, views, and opinions presented herein are only those of the authors and do not reflect the official position of the European Union (and its organizations and projects, including Horizon 2020 program and Engage KTN). Part of this research was supported by a grant from the Decision of the Research Dean on research funding within the Faculty (07.04.2021) of the Faculty of Information Technology of University of Jyväskylä (The authors thank Dr. Andrei Costin for facilitating and managing the grant). Hannu Turtiainen also thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (https://skr.fi/en) for supporting his Ph.D. dissertation work and research (under grant decision no.00211119) and the Faculty of Information Technology of the University of Jyvaskyla (JYU), in particular, Prof. Timo Hämäläinen, for partly supporting and supervising his Ph.D. work at JYU in 2021–2022 | |
| dc.type.okm | A1 |
Aineistoon kuuluvat tiedostot
Aineisto kuuluu seuraaviin kokoelmiin
Ellei muuten mainita, aineiston lisenssi on CC BY 4.0