EE Seminar: Hardware Fingerprinting for the ARINC 429 Avionic Bus
Speaker: Nimrod Gilboa Markevich
M.Sc. student under the supervision of Prof. Avishai Wool
Wednesday, November 13, 2019 at 15:00
Room 011, Kitot Bldg., Faculty of Engineering
Hardware Fingerprinting for the ARINC 429 Avionic Bus
ARINC 429 is the most common data bus in use today in civil avionics. Despite its widespread use, it is not up to par with modern security requirements, as it did not undergo any major revisions since the 1980s. Specifically, the protocol lacks any form of source authentication. An adversary with physical access to the bus is freely able to spread malicious content, as the receivers have no method of verifying the authenticity of messages.
Updating the protocol would close off security loopholes in new aircrafts but would require thousands of airplanes to be modified. The cost of such an operation make this an unappealing solution. Other options must be explored.
We propose an intrusion detection system that utilizes a hardware fingerprinting approach for sender identification, that we designed specifically for the ARINC 429 data bus. Our approach relies on the observation that changes in hardware, such as replacing the transmitting device by a rogue one, modify the electric signal of the transmission. By exploiting this observation, we can detect technician attacks before any malicious content is transmitted. Our proposed method only requires the attachment of a standard-compliant monitoring unit to the bus. It does not require hardware or software updates to existing systems and is compliant with the current version of the ARINC standard.