SECURITY IMPLICATIONS FOR DATA COMM

摘要

The FAA Data Comm Integrated Services (DCIS) program is a key enabler of NextGen applications. The FAA plans to share the existing data radio currently used for supporting Airline operations, for Air Traffic Control (ATC) data communication between the controller and the pilot. The FAA plans to use existing commercial service provider (CSP) infrastructures to support the ATC data communication network service. This exposes the air traffic control message traffic to the CSP networks outside the FAA domain. Traditionally, FAA has operated all its communications within a relatively closed network environment. The DCIS program necessitates operation in a relatively open network environment where the FAA network is connected to the CSP networks which in turn are connected to US and international airline operation centers. While air to ground communication security is subject to collaborative standards evolution, the potential of distributed network attacks that may be launched from outside CONUS on the CSP networks needs to be addressed. This paper explores potential vulnerabilities of the ground network and possible techniques to mitigate attacks such as distributed denial of service attacks launched by malicious actors from CONUS or OCONUS locations on CSP network infrastructures.