Controller-Pilot Data Link Communications (CPDLC) are rapidly replacing voice-based Air Traffic Control (ATC) communications worldwide. Being digital, CPDLC is highly resilient and bandwidth efficient, which makes it the best choice for traffic-congested airports. Although CPDLC initially seems to be a perfect solution for modern-day ATC operations, it suffers from serious security issues. For instance, eavesdropping, spoofing, man-in-the-middle, message replay, impersonation attacks, etc. Cyber attacks on the aviation communication network could be hazardous, leading to fatal aircraft incidents and causing damage to individuals, service providers, and the aviation industry. Therefore, we propose a new security model called AKAASH, enabling several paramount security services, such as efficient and robust mutual authentication, key establishment, and a secure handover approach for the CPDLC-enabled aviation communication network. We implement the approach on hardware to examine the practicality of the proposed approach and verify its computational and communication efficiency and efficacy. We investigate the robustness of AKAASH through formal (proverif) and informal security analysis. The analysis reveals that the AKAASH adheres to the CPDLC standards and can easily integrate into the CPDLC framework.

Controller Pilot Data Link Communications (CPDLC) enhances air traffic communication by replacing traditional voice transmissions with digital messages over Very High Frequency (VHF) radio systems. This transition improves communication resilience by providing clear, text-based instructions that reduce misunderstandings and increase bandwidth efficiency by enabling more data to be transmitted simultaneously. It benefits congested airspace by reducing radio frequency congestion and minimizing communication errors. However, due to the plain-text nature of its messages, CPDLC faces significant security challenges, making it vulnerable to cyber-attacks such as eavesdropping, modification, injection, and man-in-the-middle (MITM) attacks. This vulnerability allows motivated attackers to intercept CPDLC messages using inexpensive devices like Software-Defined Radio (SDR), HACKRF-one, and an antenna. Such breaches can lead to fatal safety incidents, severely impacting passengers and the aviation industry. To address this, we proposed a robust security framework for securing CPDLC communication by implementing critical measures, including mutual authentication, secure key establishment, and handover. The proposed framework has been tested on hardware to verify its effectiveness in practical scenarios, ensuring it aligns with existing CPDLC standards and integrates seamlessly into current systems without impacting operational efficiency. Our findings indicate that the proposed security framework enhances CPDLC's defenses against potential cyber threats while maintaining system performance, making it feasible to protect global air traffic communications.

The aviation industry faces significant challenges due to rising global air travel demand. Frequency saturation in Air Traffic Management (ATM) leads to communication problems, necessitating the enhancement of traditional systems. The Single European Sky ATM Research (SESAR) initiative, backed by the European Commission, aims to digitize ATM, with the L-band Digital Aeronautical Communications System (LDACS) as a key component. LDACS aims to improve communication, enhance surveillance, and optimize airspace usage for safer, more efficient ATM. Although LDACS is protected against most cyberattacks, a critical security objective, anonymity, is currently overlooked. To strengthen LDACS's security, robust authentication mechanisms, Post-Quantum security, and measures to ensure aircraft anonymity are crucial. Therefore, we propose a comprehensive security framework to enhance LDACS's cybersecurity, focusing on mutual authentication and key agreement. The protocol uses Physical Unclonable Function (PUF) for robust mutual authentication and Bit-flipping Key Encapsulation (BIKE) for secure session key establishment utilizing Post-Quantum Cryptography (PQC). This framework ensures anonymity and secure communication between aircraft and ground stations while minimizing message exchange, latency, and data overhead. An informal security analysis confirms our proposed framework's potential to augment the efficiency and security of ATM operations.

The L-band Digital Aeronautical Communications System (LDACS) is a key advancement for next-generation aviation networks, enhancing Communication, Navigation, and Surveillance (CNS) capabilities. It operates with VHF Datalink mode 2 (VDLm2) and features a seamless handover mechanism to maintain uninterrupted communication between aircraft and ground stations (GSs), improving safety and efficiency in air traffic management (ATM). However, LDACS’ handover process encounters significant security risks due to inadequate authentication and key agreement between aircraft and ground station controllers (GSCs) during handovers. This vulnerability threatens communications’ confidentiality, integrity, and authenticity, posing risks to flight safety and sensitive data. Therefore, developing and implementing a robust security framework to protect aviation communications is essential. In response, we have proposed a security solution specifically designed to protect LDACS handovers. Our solution uses a mutual authentication and key agreement mechanism tailored for LDACS handovers, ensuring robust security for all types of handovers, including Intra GSC - Intra Aeronautical Telecommunication Network (ATN), Inter GSC - Intra ATN, and Inter GSC - Inter ATN. Our approach utilizes post-quantum cryptography to protect aviation communication systems against potential post-quantum threats, such as unauthorized access to flight data, interception of communication, and spoofing of aircraft identity. Furthermore, our proposed solution has undergone a thorough informal security analysis to ensure its effectiveness in addressing handover challenges and offering robust protection against various threats. It seamlessly integrates with the LDACS framework, delivering low Bit Error Rate (BER) and latency levels, making it a highly reliable approach in practice.