Secure positioning in aerospace; Vulnerability of ADS-B systems to false data injection.
Kalman Filters (KF) are recursive state estimation algorithms capable of combining and weighting different variables to estimate the real latent state of a system (Kalman, 1960). In this context, recursive reflects the property that not all previous data has to be kept in storage but every iteration incorporates information from previous observations and predictions (Maybeck, 1979). This made the KF widely applicable resulting in its implementation across various settings, including aerospace, submarines, and the estimation of missile trajectories (Grewal & Andrews, 2010). Given the importance and KFs across settings and systems there is growing interest from security researchers to understand the robustness of KFs under different adversarial models.
Researchers (e.g. Strohmeier, Lenders, & Martinovic, 2013) and hackers (e.g., Haines, 2012) have already identified several vulnerabilities in the ADS-B infrastructure. The main problem is the absence of encryption of ADS-B message content, resulting in the possibility that adversaries can eavesdrop on messages sent out by aircraft. Other vulnerabilities include the injection of ADS-B messages to create ghost aircraft, jam the signal to make aircraft disappear, or replace aircraft by replacing the identifier of the ADS-B message with modified data. While the technical details of the on-board aircraft position estimation in the ADS-B infrastructure are difficult to come by, integration and combination of raw satellite data to derive an accurate GPS position is likely based on the Kalman Filter. Also Kalman Filters can be used for the combination of ADS-B with radar data (Dunstone, 2014).
Given the outlined vulnerabilities of both the Kalman Filter algorithm and the ADS-B infrastructure, this study aimed to investigate the effects of false data injection in the Kalman Filter (both linear and non-linear).
Data
Original Automatic Dependent Surveillance - Broadcast (ADS-B) data were obtained through the OpenSky platform (Strohmeier, Martinovic, Fuchs, Schäfer, & Lenders, 2015). In short, OpenSky consists of various off-the-shelf sensors distributed over Europe capturing more than 40% of Europe’s commercial air traffic. Aircraft use on-board satellite navigation systems (e.g. GPS) to retrieve their own position and velocity, which is broadcasted twice per second to ATC stations on the ground and other aircraft. Exploration of the data from a subset of flights revealed that the data were already filtered upon collection as most commercial GPS systems have built in Kalman Filtering (Labbe, 2015). Filtering ADS-B output again is unlikely to be beneficial, because it violates the time-independency assumption of KFs: GPS data are time dependent as the filter bases its current estimate on the recursive estimates of all previous measurements. For this project, a representative subset of data from flight OHY925 from Antalya (Turkey) to Amsterdam (The Netherlands) were used. A subset of the ADS-B GPS data with altitude was selected that consisted of the flightpath between east Flinsberg (Germany) and Schiphol (the Netherlands).
Algorithm
The Extended Kalman Filter (EKF) is the most commonly used state estimation algorithm for non-linear processes (Nadella, 2015). Following Yang, Chang, and Yu (2013) I used the computation method described in Welch and Bishop (2006), which is largely identical to the non linear Kalman Filter in that is it still defined as a linear model but uses local linearisation to approximate the slope at the point of measurement. This local linearization occurs in the estimation of the dynamical model (see paper for mathematics).
Recommended by LinkedIn
Attacks
Mainly, the adversary tries to achieve the maximum deviation of the original measure. That is, the maximum deviation that is allowed within the anomaly detection threshold, by estimating the maximum attack vector that achieves the maximum manipulation of the received measurement from the original measurement by inserting false data (other attacks are explained in the paper).
Results
The baseline (not attacked) non-linear multidimensional model is visually presented which shows the trajectory of the aircraft, coming in at an altitude of 10 km, slowly decreasing in altitude for landing. During it's descent, there are several manoeuvres, mainly to the left (please note that the ADS-B data used here is not forwarded twice a second resulting in a pattern that is not really time-scaled). We can clearly see that in stable flight, there is a very good convergence of the predicted state and current (Kalman) estimates. When the aircraft decreases in altitude (and velocity; not in model) the predicted estimates slightly diverge, but the Kalman state estimation remains relatively close to the measured position. Especially during sudden manoeuvres, the residuals show slight model divergence, which is resolved after a 20-50 seconds, illustrating typical Kalman Filter behavior. In normal flight, the residuals remain well within the 95% Confidence Interval boundaries, but the signal crosses the boundaries during fast and unpredicted changes of longitude, latitude, and altitude of the aircraft. These kinds of deviations in multidimensional systems are well known (Labbe, 2015).
Clear divergence of the signal after data injection. Even within the boundaries of the detection system. Left = zoomed in picture linear model. Bottom = 3d plot of flight-path with model divergence clearly visible. Subtle deviations and KF divergence within detection thresholds.
Conclusion
This study reports the effects of false data injection on ADS-B derived position estimates of aircraft position. Data were injected in a linear model (Kalman Filter), investigating the change of radar-distance position, and in a non-linear model (Extended Kalman Filter) with the ADS-B GPS coordinates with simulated noise. For both models, the positive deviation attack and maximum magnitude data injection provide the worst performance of the filtered state estimation model. Whereas the negative deviation and wave based attack model have less impact on model performance.
References, definitions and other attack models in full paper can be downloaded here.