Return to search

Establishment of a Cyber-Physical Systems (CPS) Test Bed to Explore Traffic Collision Avoidance System (TCAS) Vulnerabilities to Cyber Attacks

Traffic Collision Avoidance Systems (TCAS) are safety-critical, unauthenticated, ranging systems required in commercial aircraft. Previous work has proposed TCAS vulnerabilities to attacks from malicious actors with low cost software defined radios (SDR) and inexpensive open-source software (GNU radio) where spoofing TCAS radio signals in now possible. This paper outlines a proposed threat model for several TCAS vulnerabilities from an adversarial perspective. Periodic and aperiodic attack models are explored as possible low latency solutions to spoof TCAS range estimation. A TCAS test bed is established with commercial avionics to demonstrate the efficacy of proposed vulnerabilities. SDRs and Vector Waveform Generators (VWGs) are used to achieve desired latency. Sensor inputs to the TCAS system are spoofed with micro-controllers. These include Radar Altimeter, Barometric Altimeter, and Air Data Computer (ADC) heading and attitude information transmitted by Aeronautical Radio INC (ARINC) 429 encoding protocol. TCAS spoofing is attempted against the test bed and analysis conducted on the timing results and test bed performance indicators. The threat model is analyzed qualitatively and quantitatively. / Master of Science / Traffic Collision Avoidance Systems (TCAS), or Airborne Collision Avoidance Systems ACAS), are safety-critical systems required by the Federal Aviation Administration (FAA) in commercial aircraft. They work by sending queries to surrounding aircraft in the form of radio transmission. Aircraft in the who receive these transmissions send replies. Information in these replies allow the TCAS system to determine if a nearby aircraft may travel too close to itself. TCAS can then determine help both pilots avoid a mid-air collision. Information in the messages can be faked by a malicious actor. To explore these vulnerabilities a test bed is built with commercial grade TCAS equipment. Several types of attacks are evaluated.

Identiferoai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/104624
Date10 August 2021
CreatorsGraziano, Timothy Michael
ContributorsElectrical and Computer Engineering, Gerdes, Ryan M., Diehl, William J., Dietrich, Carl B.
PublisherVirginia Tech
Source SetsVirginia Tech Theses and Dissertation
Detected LanguageEnglish
TypeThesis
FormatETD, application/pdf
RightsIn Copyright, http://rightsstatements.org/vocab/InC/1.0/

Page generated in 0.0021 seconds