Controller Pilot Data Link Communications (CPDLC) enhances air traffic communication by replacing traditional voice transmissions with digital messages over Very High Frequency (VHF) radio systems. This transition improves communication resilience by providing clear, text-based instructions that reduce misunderstandings and increase bandwidth efficiency by enabling more data to be transmitted simultaneously. It benefits congested airspace by reducing radio frequency congestion and minimizing communication errors. However, due to the plain-text nature of its messages, CPDLC faces significant security challenges, making it vulnerable to cyber-attacks such as eavesdropping, modification, injection, and man-in-the-middle (MITM) attacks. This vulnerability allows motivated attackers to intercept CPDLC messages using inexpensive devices like Software-Defined Radio (SDR), HACKRF-one, and an antenna. Such breaches can lead to fatal safety incidents, severely impacting passengers and the aviation industry. To address this, we proposed a robust security framework for securing CPDLC communication by implementing critical measures, including mutual authentication, secure key establishment, and handover. The proposed framework has been tested on hardware to verify its effectiveness in practical scenarios, ensuring it aligns with existing CPDLC standards and integrates seamlessly into current systems without impacting operational efficiency. Our findings indicate that the proposed security framework enhances CPDLC's defenses against potential cyber threats while maintaining system performance, making it feasible to protect global air traffic communications.

The worldwide implementation of Remote Identification (RID) regulations mandates unmanned aircraft systems (UAS), or drones, to openly transmit their identity and real-time location as plain text on the wireless channel. This mandate serves the purpose of accounting for and monitoring drone operations effectively. However, the current RID standard's plain-text transmission exposes it to cyberattacks, including eavesdropping, injection, and impersonation. The Drone Remote Identification Protocol (DRIP) has been proposed to enhance the security of RID. The DRIP ensures information secrecy and confidentiality by using unique session keys while guaranteeing the authenticity of messages and entities through digital signatures. These security features of DRIP make it a preferable alternative to the existing RID standard. However, the lack of verification regarding its security claims raises concerns about its performance in hostile conditions. This paper comprehensively analyzes the DRIP protocol's security features using Tamarin Prover, a formal security verification tool. With its automated reasoning capabilities, Tamarin Prover accurately identifies potential security vulnerabilities within the DRIP protocol while thoroughly verifying its conformance to security properties. Our investigation demonstrates that the DRIP protocol is susceptible to replay attacks. We strongly recommend the inclusion of message freshness components, reducing the lifespan of DET broadcasts, and incorporating a not-after timestamp that is set only a few minutes ahead of the current time. These measures enhance the protocol's defence against replay attacks and ensure message authenticity and Integrity.

Communication systems in aviation tend to focus on safety rather than security. Protocols such as Automatic Dependent Surveillance-Broadcast (ADS-B) use plain-text, unauthenticated messages and, therefore, open to various attacks. The open and shared nature of the ADS-B protocol makes its messages extremely vulnerable to various security threats, such as jamming, flooding, false information, and false Squawk attacks. To handle this security issue in the ADS-B system, a state-of-the-art dataset is required to train the ADS-B system against these attacks using machine learning algorithms. 

The L-band Digital Aeronautical Communications System (LDACS) is a key advancement for next-generation aviation networks, enhancing Communication, Navigation, and Surveillance (CNS) capabilities. It operates with VHF Datalink mode 2 (VDLm2) and features a seamless handover mechanism to maintain uninterrupted communication between aircraft and ground stations (GSs), improving safety and efficiency in air traffic management (ATM). However, LDACS’ handover process encounters significant security risks due to inadequate authentication and key agreement between aircraft and ground station controllers (GSCs) during handovers. This vulnerability threatens communications’ confidentiality, integrity, and authenticity, posing risks to flight safety and sensitive data. Therefore, developing and implementing a robust security framework to protect aviation communications is essential. In response, we have proposed a security solution specifically designed to protect LDACS handovers. Our solution uses a mutual authentication and key agreement mechanism tailored for LDACS handovers, ensuring robust security for all types of handovers, including Intra GSC - Intra Aeronautical Telecommunication Network (ATN), Inter GSC - Intra ATN, and Inter GSC - Inter ATN. Our approach utilizes post-quantum cryptography to protect aviation communication systems against potential post-quantum threats, such as unauthorized access to flight data, interception of communication, and spoofing of aircraft identity. Furthermore, our proposed solution has undergone a thorough informal security analysis to ensure its effectiveness in addressing handover challenges and offering robust protection against various threats. It seamlessly integrates with the LDACS framework, delivering low Bit Error Rate (BER) and latency levels, making it a highly reliable approach in practice.

Controller-Pilot Data Link Communications (CPDLC) are rapidly replacing voice-based Air Traffic Control (ATC) communications worldwide. Being digital, CPDLC is highly resilient and bandwidth efficient, which makes it the best choice for traffic-congested airports. Although CPDLC initially seems to be a perfect solution for modern-day ATC operations, it suffers from serious security issues. For instance, eavesdropping, spoofing, man-in-the-middle, message replay, impersonation attacks, etc. Cyber attacks on the aviation communication network could be hazardous, leading to fatal aircraft incidents and causing damage to individuals, service providers, and the aviation industry. Therefore, we propose a new security model called AKAASH, enabling several paramount security services, such as efficient and robust mutual authentication, key establishment, and a secure handover approach for the CPDLC-enabled aviation communication network. We implement the approach on hardware to examine the practicality of the proposed approach and verify its computational and communication efficiency and efficacy. We investigate the robustness of AKAASH through formal (proverif) and informal security analysis. The analysis reveals that the AKAASH adheres to the CPDLC standards and can easily integrate into the CPDLC framework.

The safety of the passengers and goods in airplanes depends upon a number of combined factors. An airplane's condition and the pilot's experience are pivotal, but another very crucial element is the synchronization among the pilots and the air traffic controller (ATC). The communication link between the two carries many uncertain aspects.  The aviation sector often tends to give more priority to safety rather than cybersecurity.  Although the controller-pilot data communication link (CPDLC) system has been proposed for consistent and reliable communication recently, it has some serious drawbacks. In this paper, we highlight the shortcomings of the CPDLC system from a cyber security perspective. We propose a federated learning-based privacy-preserving intrusion detection system (IDS) to protect the CPDLC from uplink and downlink cyber attacks. To ensure a realistic and viable solution, we created our own training dataset by eavesdropping on the air-ground communication at a site near Arlanda airport, Sweden. The anomaly detection model constructed through federated learning has achieved higher accuracy, precision, recall and F1 score as compared to the centrally and locally trained models, enabling higher security. Due to the lower training loss and time, the proposed approach is highly suitable for the sensitive aviation communications.

L-band Digital Aeronautical Communication System (LDACS) is a newly proposed modern state-of-the-art system that will enable communication, navigation, and surveillance in the future aviation network. The current LDACS system does not prevent and detect intrusion within the LDACS domain. Therefore, it may suffer from various cyber-attacks, including spoofing, injection and many more attacks. To the best of our knowledge, this paper proposes the first federated learning-based attack detection model, called FL-Guard, for LDACS. Our proposed model exploits a federated learning environment and uses a deep neural network (DNN) to detect possible attacks on LDACS-based Air-Ground communication. FL-Guardis was simulated on a network of four aeroplanes, and the preliminary results show that the proposed model can detect attacks with 89 % accuracy.

Communication systems in aviation tend to focus on safety rather than security. Protocols such as Automatic Dependent Surveillance-Broadcast (ADS-B) use plain-text, unauthenticated messages and, therefore, open to various attacks. The open and shared nature of the ADS-B protocol makes its messages extremely vulnerable to various security threats, such as jamming, flooding, false information, and false Squawk attacks. To handle this security issue in the ADS-B system, a state-of-theart dataset is required to train the ADS-B system against these attacks using machine learning algorithms. Therefore, we generated the dataset with four new attacks: name jumping attack, false information attack, false heading attack, and false squawk attack. After the dataset generation, we performed some data pre-processing steps, including removing missing values, removing outliers from data, and data transformation. After pre-processing, we applied three machine learning algorithms. Logistic regression, Naive Bayes, and K-Nearest Neighbor (KNN) are used in this paper. We used accuracy, precision, recall, F1-Score, and false alarm rate (FAR) to evaluate the performance of machine learning algorithms. KNN outperformed Naive Bayes and logistic regression algorithms in terms of the results. We achieved 0% FAR for anomaly messages, and for normal ADS-B messages, we achieved 0.10% FAR, respectively. On average more than 99.90% accuracy, precision, recall, and F1-score are achieved using KNN for both normal and anomaly ADS-B messages.