Security analysis of airplane datalink apps: "spoof-and-jam" attacks on plane communication systems (CPDLC and ADS-C). π‘ αα||α πβοΈ
Academic researchers from Boston - Harshad Sathaye, Guevara Noubir, and Aanjhan Ranganathan - shared their work on airplane datalink applications, specifically Controller-Pilot Datalink Communications (CPDLC) and Automatic Dependent Surveillance-Contract (ADS-C). These systems are heavily used to manage air traffic nowadays.
The authors analyzed ways to cause a pilot to make false decisions by providing incorrect information or no information at all. With 98.85% success, they were able to interfere with the communication in one way or another.
The paper is from 2022, but from a technical perspective, it is still accurate and up to date - aside from some possible proprietary updates released recently.
Please donβt try this at home - but do share it. And if you or your peers work in the aviation security industry, maybe itβs time for an upgrade.
Stay safe!
More details:
On the Implications of Spoofing and Jamming Aviation Datalink Applications [PDF]: https://aanjhan.com/assets/sathaye22_acsac.pdf
