On the security of mobile cockpit information systems

Devin Lundberg, Brown Farinholt, Edward Sullivan, Ryan Mast, Stephen Checkoway, Stefan Savage, Alex C. Snoeren, Kirill Levchenko

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recent trends in aviation have led many general aviation pilots to adopt the use of iPads (or other tablets) in the cockpit. While initially used to display static charts and documents, uses have expanded to include live data such as weather and traffic information that is used to make flight decisions. Because the tablet and any connected devices are not a part of the onboard systems, they are not currently subject to the software reliability standards applied to avionics. In this paper, we create a risk model for electronic threats against mobile cockpit information systems and evaluate three such systems popular with general aviation pilots today: The Appareo Stratus 2 receiver with the ForeFlight app, the Garmin GDL 39 receiver with the Garmin Pilot app, and the SageTech Clarity CL01 with the WingX Pro7 app. We found all three to be vulnerable, allowing an attacker to manipulate information presented to the pilot, which in some scenarios would lead to catastrophic outcomes. Finally, we provide recommendations for securing such systems. Copyright is held by the authors.

Original languageEnglish (US)
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages633-645
Number of pages13
ISBN (Electronic)9781450329576, 9781450329576, 9781450331470, 9781450331500, 9781450331517, 9781450331524, 9781450331531, 9781450331548, 9781450331555, 9781450332392
DOIs
StatePublished - Nov 3 2014
Externally publishedYes
Event21st ACM Conference on Computer and Communications Security, CCS 2014 - Scottsdale, United States
Duration: Nov 3 2014Nov 7 2014

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other21st ACM Conference on Computer and Communications Security, CCS 2014
CountryUnited States
CityScottsdale
Period11/3/1411/7/14

Keywords

  • Aviation
  • Human factors
  • Mobile cockpit information systems
  • Security

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'On the security of mobile cockpit information systems'. Together they form a unique fingerprint.

Cite this