Aviation communications need overhaul to meet ‘zero trust’ cybersecurity standard, panel says
Hartsfield-Jackson Atlanta International Airport. Credit: Darryl Brooks via Shutterstock
AIAA AVIATION FORUM, Las Vegas — When it comes to the ongoing transition to zero-trust policy in aviation cybersecurity, communications are lagging, according to a panel of experts who spoke here Tuesday.
Since 2020, FAA has embraced and moved toward zero trust, which means any exchange of information is verified even if it comes from inside a known network, and former President Joe Biden in 2021 signed an executive order mandating zero trust policy throughout the federal government.
But communications in aviation are often based on legacy technologies that are slow to be updated, said panel member Jon Haass, a professor of cybersecurity at Embry-Riddle Aeronautical University’s campus in Prescott, Arizona.
He said two outdated areas are radio communication with air traffic controllers and ADS-B, or Automatic Dependent Surveillance-Broadcast. Aircraft regularly transmit these radio signals on open frequencies to relay their position and velocity.
“Takeoff and landing, those are the times when there is a lot of communication. Communication has to go back and forth with air traffic control, and many of these communications are done in the clear . There is no authentication, there is no digital signature,” Haass said. “And ADS-B is continuously beaming out information like, ‘I’m here, I’m here, I’m here.’ And that means everyone in the world presumably can see where you are.”
Concerns are growing that someone could imitate air traffic controllers to gain trust and sow confusion, said panel member Nick Tsamis, a chief engineer at the MITRE Corp.’s Cybersecurity Infrastructure Protection Innovation Center in Virginia.
“Artificial intelligence and deep fake voices could provide messages from spurious air traffic control that sound real, that look real, that are contextualized for air traffic,” Tsamis said. “That concerns me, it keeps me up at night, because we do not have trusted means to ensure that that message is indeed coming from ATC.”
He said such communication would need to be verified as a plane moves out of the range of various control towers during flight.
“Flight is a dynamic environment. A single trust policy that is static and is never revisited throughout a six-, eight-hour flight — there’s no way that policy is going to be appropriate anymore,” he said. “There are distinct operating conditions that change throughout a flight. Takeoff and landing are distinctly different. There are different stresses, loads, different communications that are occurring compared to cruising at altitude. So, it follows that the type of conditions that could occur from a security perspective are explicitly different during those phases.”
The solution is to change the mindset of the industry, not necessarily to adopt new technology, said Krishna Sampigethaya, another professor of cybersecurity at Embry-Riddle Prescott and the chair of the university’s Department of Cyber Intelligence and Security.
Panel members agreed that such a mindset must be implemented from the inception of a new system or novel aircraft, with the possible exception of designing software that would require legacy technology to be verified before interacting with broader systems.
