Dozens of airplanes flying across an air traffic controller’s monitoring screen. Some are real. Others not. There’s no way for a controller to know the difference.
That’s the hacking scenario many aviation experts warn could become a reality with adoption of a new method of tracking air traffic control.
Called NextGen, it is a system of tracking and guiding airplanes using satellite based technology much like the GPS used in automobiles on the roads today.
As part of the NextGen system, the Federal Aviation Administration (FAA) plans to transition away from of using ground-based radar imaging to monitor air traffic and replace it with the GPS satellite based technology known as ADS-B.
ADS-B stands for Automatic Dependent Surveillance which uses a large radio frequency bandwidth that supports bi-directional datalinks, (ADS-B “in” and ADS-B “out”).
The FAA says this use ADS-B “in” and “out” as part of the NextGen system will save travelers time, improve safety, and make flying more efficient.
It has set a deadline of the year 2020 for all airplanes and airports to adopt NextGen technology full time.
However, some experts within the aviation community warn that the ASD-B technology behind NextGen is not secure and vulnerable to attacks from computer hackers.
And those experts say those attacks could potentially have a disruptive impact on airports and airspace across the country.
Computer hacker Nick Foster is one of those critics who claims to have exposed how ADS-B’s unencrypted signals can present a security concern, absent any other safeguards.
“We can prove without actually flying planes into the air traffic control system that it is actually possible to create these signals,” Foster told NBC Bay Area.
Foster designed a simulation to demonstrate how easy it would be for a hacker to spoof ADS-B signals and inject ghost planes into real time air traffic monitors.
“I am far from the only one out there who has the skills, so in that sense it is very concerning, because I am one of the good guys, because I think it is fun to do this stuff. If I can do it somebody else can,” Foster said.
NextGen technology is already being used on a trial basis in the San Francisco Bay Area.
In March, FAA Acting Administrator Michael Huerta promoted the advantages of the NextGen technology at Oakland International Airport’s air traffic control tower.
“What we really want people to understand is NextGen is right now. There are things that we are doing that are improving the use of the airspace that will result a lot of benefit right away,” Huerta said.
The goal of NextGen, according to the FAA, is to create a more modern, precise tracing system where air traffic control will operate more safely and efficiently throughout the United States.
Despite outside concerns, the agency maintains that the risk to national airspace due to spoofing or injecting ghost flights would be no greater than the risk with the use of radar systems that are employed today.
Still, critics of NextGen would like the FAA to reveal what specific security measures the agency plans to employ that will protect against ghost flights.
Canadian computer hacker Brad Haines began looking into ADS-B security as a hobby and found similar security flaws to the ones found by other hackers such as Nick Foster.
In fact, Haines and Foster teamed up to present their findings at a recent underground computer hacking conference in Las Vegas.
“Just to make myself feel safe, I started doing this research to try to prove to myself that it is safe and so far I have failed miserably,” Haines told NBC Bay Area via Skype.
Haines says that he and Foster publicly demonstrated their hack of the ADS-B tracking system in order to call attention to what a potential terrorist could do if the problem is not fixed before NextGen becomes fully operational.
“As a hacker ‘unauthenticated’ and ‘unencrypted’ are two very bad words to use on something as important as air traffic control,” said Haines. They are both words used often in the public literature surrounding NextGen’s technology.
“This is where it (NextGen’s current system) starts getting concerning,” said Haines, “because if 50 extra flights pop up on the air traffic controllers’ display, what are they going to do?”
And it isn’t just the computer hackers who are concerned. Several studies conducted by independent researchers appear to validate Haines and Foster’s claims.
A recent article published in the fall 2012 issue of the Journal of Aviation and Aerospace Perspectives demonstrates in startling detail how someone could alter live data from air traffic control towers or inject dozens of ghost airplanes in the skies all over the country.
Air Force Major Donald McCallie authored a thesis paper at the Department of Air Force’s Air University outlining similar security concerns. In his study, McCallie described how terrorists sitting in vans near major airports could disrupt the entire nation’s air traffic and even jeopardize air passenger safety by inserting ghost planes into the system.
There are other academic and scientific studies on this issue, all raising almost identical security concerns.
These concerns have also gotten the attention of those who hold the purse strings on Capitol Hill.
Republican congressman John Mica of Orlando, is the Chairman of the House Transportation Committee, which oversees the FAA and its implementation of NextGen.
“Our committee evaluates the progress and we would have to give it a D minus,” Mica told NBC Bay Area.
Congressman Mica has been closely monitoring the progress of NextGen and admits that he is not pleased with the fact that the plan is four years behind schedule, billions of dollars over budget and still is surrounded by questions over its security.
“Every day is a new adventure in this because of hackers and people who are trying to enter our system through cyber security breaches,” said Chairman Mica. “It is a constant evolutionary process that you’ve always got to be one step ahead of the bad guys on. So that is a threat (to NextGen).”
FAA officials would not discuss this issue on camera with NBC Bay Area.
However spokesman Ian Gregor told NBC Bay Area in a statement that the agency is aware of these and other potential risks.
The FAA has a thorough process in place to ensure the safety and security of the ADS-B system by identifying and mitigating possible risks, such as intentional jamming. The agency conducts ongoing assessments of potential ADS-B signal vulnerabilities and we require continual, independent validation of the accuracy and reliability of ADS-B and aircraft avionics signals. The air traffic system is based on redundancies to ensure safe and secure operations. The FAA plans to maintain about half of the current network of secondary radars as a backup to ADS-B in the unlikely event it is needed.
Every critic we spoke with and every research paper we found asked the same question: How is the FAA going to guard against such an attack on NextGen? How can the public be assured that the system can’t be compromised without publicly publishing authentication procedures and systems?
Thus far, the FAA has not given detailed answers that satisfies their concerns to those issues.