Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols
Abstract
During the past few decades, the aviation, maritime, aerospace, and search-and-rescue domains have witnessed tremendous improvement thanks to technological, digitalization and Internet of Things (IoT) advances such as Automatic Dependent Surveillance–Broadcast (ADS-B) (e.g., Aviation IoT, Airports IoT) and Automatic Identification System (AIS) (e.g., Maritime IoT). All these are high-profile examples of new digital communication protocols combined with IoT devices that make efficient use of wide-area earth and space radio communications to provide real-time, truly globally interoperable, and optimised services required by these domains. However, the protocols and technologies mentioned above, both from an architectural and implementation point of view, exhibit fundamental cybersecurity weaknesses (both at protocol and IoT device level). These weaknesses make them an easy target for potential attackers. The two fundamental flaws of these protocols are the lack of digital signatures (i.e., integrity and authenticity) and the lack of encryption (i.e., confidentiality and privacy). The risks associated with these, and other weaknesses have been over the last decade repeatedly demonstrated with ease by ethical cybersecurity researchers. In this paper, we design, propose, and discuss a single generic PKI-enabled message integrity and authenticity scheme that works seamlessly for any of the ADS-B, and AIS, with the possibility of easy extension and integration into other protocols (e.g., ACARS). Our scheme can be added as backward-compatible software upgrades (e.g., third-party library) to existing systems without requiring expensive architectural redesign, upgrades, and retrofitting. Our present work is aimed to serve as a bootstrap to securing such insecure protocols without completely replacing or redesigning the systems. It also aims to provide a discussion background of advantages and limitations of such backward-compatible securing methods.
Main Authors
Format
Conferences
Conference paper
Published
2024
Series
Subjects
Publication in research information system
Publisher
Academic Conferences International Ltd
The permanent address of the publication
https://urn.fi/URN:NBN:fi:jyu-202406275050Use this for linking
Review status
Peer reviewed
ISSN
2048-8602
DOI
https://doi.org/10.34190/eccws.23.1.2250
Conference
European Conference on Cyber Warfare and Security
Language
English
Published in
Proceedings of the European Conference on Cyber Warfare and Security
Is part of publication
Proceedings of the 23rd European Conference on Cyber Warfare and Security
Citation
- Saleem, A., Turtiainen, H., Costin, A., & Hämäläinen, T. (2024). Backward-compatible Software Upgrades for ADS-B and AIS To Support ECDSA-Secured Protocols. In M. Lehto, & M. Karjalainen (Eds.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 446-456). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2250
License
Additional information about funding
Hannu Turtiainen thanks the Finnish Cultural Foundation / Suomen Kulttuurirahasto (www.skr.fi) for supporting his Ph.D. dissertation work and research (grant decision no. 00231412).
Copyright© 2024 European Conference on Cyber Warfare and Security