The reviewed record of science sign in
Pith

arxiv: 2408.16714 · v2 · pith:4XTMQC4A · submitted 2024-08-29 · cs.CR

ARINC 429 Cyber-vulnerabilities and Voltage Data in a Hardware-in-the-Loop Simulator

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:4XTMQC4Arecord.jsonopen to challenge →

classification cs.CR
keywords arincavionicsdataattackattacksavailablecommunicationdevices
0
0 comments X
read the original abstract

ARINC 429 is a ubiquitous data bus for civil avionics, enabling reliable communication between devices from disparate manufacturers. However, ARINC 429 lacks any form of encryption or authentication, making it an inherently insecure communication protocol and rendering any connected avionics vulnerable to a range of attacks. We constructed a hardware-in-the-loop simulator with ARINC 429 buses, explored these vulnerabilities, and identified their potential to deny, degrade, or disrupt aircraft capabilities. We performed a denial-of-service attack against a multi-function display via a compromised ARINC 429 bus using commercially available tools, which succeeded in disabling important navigational aids. This proven attack on physical avionics illustrates the risk inherent in ARINC 429 and the need for the ability to detect these attacks. One potential mitigation is an intrusion detection system (IDS) trained on data collected from the electrical properties of the physical bus. Although previous research has demonstrated the feasibility of an IDS on an ARINC 429 bus, no IDS has been trained on data generated by avionics hardware. To facilitate this, we recorded voltage traces and message history generated by avionics and adversarial devices on the ARINC 429 bus. To the best of our knowledge, this is the first publicly available collection of hardware-generated ARINC 429 signal data.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.