Equipping military aircraft such as the F-16, pictured here, with ADS-B presents security risks for the U.S. Defense Department.
U.S. Defense Department (DOD) officials are working with the FAA to develop a solution that can address security concerns associated with equipping thousands of military aircraft with ADS-B Out transponders over the next decade.
Speaking at the 2018 Air Traffic Control Association annual event, Allan Storm, who leads the civil/military integration for the U.S. Air Force, said the risks will not prevent ADS-B equipage for military aircraft. But the agency does not want to be broadcasting the position of its aircraft to anyone with an inexpensive ADS-B ground receiver. Storm said DOD certainly sees the surveillance benefits of ADS-B, including space-based, but the security risks still need to be addressed.
“When I look at it from a national mission and security viewpoint, having global awareness of military flights in the U.S. or global operations allows adversaries to use that same information to learn what we’re doing, where we’re going and how often that we go," said Storm. "So there are some risks, it’s not ADS-B, it’s not Mode S, it’s the information individuals have available right now at their fingertips to understand where an aircraft is."
This isn’t the first time DOD has dealt with such a surveillance challenge where its aircraft have to meet certain equipage requirements to fly within civilian airspace. In 2005, Storm said, U.S. military aircraft flying in controlled airspace in Europe had to become equipped with Mode S transponders.
A Mode S transponder broadcasts aircraft-specific International Civil Aviation Organization (ICAO) code, squawk code and altitude. However, ADS-B Out technology provides more detailed information including the aircraft’s registration number, longitude and latitude, dimensions and velocity. When DOD aircraft were required by European regulators to equip with Mode S, they negotiated a concept of operations to rotate the 24-bit ICAO address associated with their aircraft. That made them more difficult to track.
However, with ADS-B, that fix will not resolve the problem alone.
“Even if you rotate the aircraft 24-bit address, you also have however many ATC facilities broadcasting the ATC instructions so here it is although you’re not linking the 24-bit address to one specific aircraft you can also broadcast it over the internet,” said Storm.
Because ADS-B is unencrypted, adversaries can also attempt to jam ADS-B Out transmissions to impact air traffic controller’s ADS-B surveillance capabilities. It’s also well known by the FAA and other civil aviation regulators that adversaries can spoof ADS-B transmissions. Brad Haines, a hacker and network security consultant, first demonstrated the ability to spoof ADS-B Out with fake aircraft signals at the 2012 Def Con 20 conference.
In January 2018, the U.S. Government Accountability Office (GAO) published a report detailing these and other risks resulting from equipping military aircraft with ADS-B.
The FAA is not as concerned with issues of spoofing, though, as the agency has repeatedly stated that it has the ability to validate ADS-B data to ensure the positions populated by ADS-B on ATC screens are real.
David Gray, a program manager for the FAA’s ADS-B program was also on the ATCA panel and said that encryption at this point was not an option and would be a “decade long or maybe generation long project.” The agency is working with defense department officials and other segments of aviation that have ADS-B privacy concerns — such as the general aviation community — on a resolution that addresses these issues.
In March, FAA ADS-B program officials published a request for information (RFI) to interested vendors in an attempt to conduct a market analysis that will real-time privacy of aircraft equipped with ADS-B. The FAA titled this effort its “Rolling ICAO Codes” initiative, noting that it is considering “partnership with one or more service providers to perform the functions of assignment, management, and monitoring of the use of alternative ICAO codes by aircraft operators.” The goal is to field such a solution by December 2018, although Gray said that the agency does not currently have a timeline for making this concept a reality.
“We found a concept we think can work that you can believe will be able to allow temporary broadcast of an ICAO code that’s not the one attached to your aircraft. We’ve had an RFI that came out, we’ve gotten responses, working through our internal processes and working to incorporate them into follow on solicitation and we’re pursuing that, I don’t have a timeline I can share at this point,” said Gray.