Caroline MacGregor Published

Making Air Traffic Reliable And More Secure Subject Of Shepherd University Research

A fighter jet flying above green fields and rugged terrain
Due to the US military's dependence on, and the general vulnerability of supporting information systems, cybersecurity is essential to airspace control. Pictured, an F-16 Falcon Fighter Jet.
Courtesy U.S. Air Force

A Shepherd University professor is overseeing research to make aircraft communication more secure. 

The research was presented at the 63rd Annual Conference of the International Association for Computer Information Systems. It has also been published in several publications subsequently attracting the attention of the country’s national defense contractors. 

Assistant News Director Caroline MacGregor sat down with Assistant Professor of Business Administration George Ray to talk about his cutting-edge research.

This interview has been lightly edited for clarity. 

MacGregor: Professor Ray – thank you for joining me. Your research is focused on making the skies more secure, not only in the interest of the general public but also from a national security standpoint. Tell me what motivated this area of study.

Ray: I started the most recent round of this research around five years ago and I’ve just had a continuing interest in it. I was a computer and communications officer in the United States Air Force for eight years and that’s where I first started but we were using different equipment. I was in the Air Force 40 years ago. Prior to that I was in the United States Marine Corps. Quite a lot has changed. The ability to use PCs to collect data real time and process it in real time kind of got my interest five years ago and that’s when I started working on it.

MacGregor: You talk about the National Airspace System – a network of controlled and uncontrolled airspace, both domestic and international. The NAS essentially has an enormous responsibility of managing air traffic. What role does cybersecurity play in the national airspace?

Ray: Shepherd University has a national airspace cyber security laboratory. We consider the national airspace to be part of the national cyber infrastructure because the avionics that are used in air traffic management transplant digitally encoded messages over a data link service, similar to how we are communicating now over a data link. So, we’re focusing on collecting the communications in the airspace transmitted by surveillance radars, transmitted by aircraft, by GPS (Global Positioning System) satellites and we build at Shepherd custom instruments so we have a data driven approach to analyzing the national airspace.

MacGregor: You commented that most people do not consider the airspace as a cyber system that is vulnerable to hacking attacks. What do you mean?  

Ray: I think it’s more that they realize the national airspace is vulnerable to these attacks but it’s not considered part of the cyberinfrastructure. We look at this as being part of the cyber infrastructure, again digitally encoded messages over a data link service and those are the ones most of the investment dollars from the National Science Foundation are going into – protecting things like power stations and the data communication networks we use for finance and so on. But we think this is just as important an infrastructure and it is a cyberinfrastructure.

MacGregor: What are some of the different techniques used by hackers to attack the network – for example, the “replay” attack. What is this and what are some mitigation measures for countering these attacks?

Ray: The replay attack is where an attacker will record messages at one time and then replay them at a later time. The purpose is to create confusion in that particular system. So in the National Airspace System they might record avionic traffic ADS-B (Automatic Dependent Surveillance Broadcast), and that’s where the aircraft gives its state information: its position, its velocity. It might record those and at a later time replay that. The purpose is to create confusion in the air traffic control management. So you might have an aircraft that looks like it’s heading into a collision with another aircraft. It’s a form of spoofing attack, where the hacker is pretending to be a legitimate node in the network and in fact they’re there to cause confusion.

MacGregor: What interest are you finding on the national level for your research? 

Ray: We’ve had interest from defense contractors that work on the national level. So we are in communication with several organizations that are part of the Department of Defense community, and we are working with them. There was a headline in the New York Post just a few weeks ago about GPS hacking, another one of the avionic systems like ADS-B and the headline was “Hackers are attacking the GPS and experts don’t know what to do about it.” So we’re looking at things like that as well. Some of the research we’re doing is looking at taking radio frequency signals and decomposing them into their phase and quadrature components and then analyzing patterns in those to detect if we have GPS spoofing or maybe even ADB-S spoofing going on.

MacGregor: Tell me more about other specific cyber attacks or hacking incidents.  

Ray: There’s a couple of them, eavesdropping is one. That’s where you’re listening to broadcast messages and you’re not authorized to do so. Another is jamming and that’s where you have a denial-of-service attack where you at a particular frequency, for example, ADS-B transmits at 1090 megahertz, you broadcast a powerful transmission at that frequency and it jams the communications, nothing gets through. And then spoofing, again, is another form of hacker attacks where you pretend to be a legitimate node and decentralized identity solution for websites and applications on the network, but you’re not, and the attack is where you create a false position or other spatial information.

MacGregor: How difficult is it for the Air Force as well as commercial pilots to respond to these incidents? 

Ray: The Air Force has a very good training in this area but you are dealing with sentient opponents, people who are able to see what you are doing and then counter that. And that’s just the nature of the competition. We’re seeing a lot of this in the Ukrainian war, systems are effective for a while, but then counter measures come into play and they lose their effectiveness. So it’s definitely an ongoing competition that is between sentient actors.

MacGregor: This includes attacks on satellite systems and capabilities which we’ve seen are vulnerable to attack during wartime as you just alluded to. What other areas are prone to attack?

Ray: Yes, that’s correct. And there’s other satellite systems as well, GPS is a satellite system, it’s part of the GNSS (Global Navigation Satellite System) where several other countries have put up similar systems to GPSA. All of these systems are vital for transmitting information so they’re all vulnerable to hacking attacks of various kinds. All of them transmit on certain frequencies that can be jammed.        

MacGregor: With the addition of drones using the country’s airspace, what are the risks for air traffic controllers already under intense pressure to provide key information and communication support for pilots? 

Ray: There’s another side of the National Airspace System and it’s the commercial side where we are not necessarily concerned about hackers attacking it but just the stable and effective operation of the system itself. Putting a lot of drones into the National Airspace System is going to have a couple of problems. The main one is the air traffic control systems we have aren’t able to handle that, the air traffic controllers are overwhelmed. 

At Shepherd University we’ve built our own traffic control system, and we are using that to see how we can apply artificial intelligence to make the airspace more manageable by the air traffic controllers. We help with things like we help with traffic congestion prediction, traffic optimization, and also handling a lot of drone traffic, or unmanned aerial vehicles.

MacGregor: So as air traffic control becomes more critical, it sounds like your research is going to be instrumental in lessening the occupational stress of this job in the future.

Ray: That has always been an extremely stressful job and it’s only become more stressful as air traffic has increased, but I think the key thing is it’s getting the point where a person is no longer able to handle the air traffic that’s going to be coming in in the near future, much less the drone traffic you add onto that. I think we definitely need to do things to help the air traffic controller do their job a lot more effectively.           

MacGregor: How big is your team at Shepherd University and where do you see this research heading?          

Ray: Right now we’re a fairly small crew but we’re also connecting with these defense contractors so we could expand that dramatically because they have a great deal of funding. The other thing is, right now at Shepherd University we’re building a Science DMZ (secure computer subnetwork) through a grant from the NSF. This will enable us to share our datasets and coding with other researchers and then also access large government databases at NASA or the Department of Defense. A Science DMZ is a specially configured network that provides for the transfer of large quantities of data very quickly. 

We’re making the steps we need to make sure we can get into this next level so we’ll really increase the contributions we can make, and therefore the staff we’ll have working.