A domain-specific language to design false data injection tests for air traffic control systems

The ADS-B—automatic dependent surveillance-broadcast—technology requires aircraft to broadcast their position and velocity periodically. As compared to legacy radar technologies, coupled with alarming cyber security issues (the ADS-B protocol provides no encryption nor identification), the reliance on aircraft to communicate this surveillance information exposes air transport to new cyber security threats, and especially to FDIAs—false data injection attacks—where an attacker modifies, blocks, or emits fake ADS-B messages to dupe controllers and surveillance systems. This paper is part of an ongoing research initiative toward the generation of FDIA test scenarios and focuses on supporting the test design activity, i.e., supporting ATC experts to meticulously craft test cases in order to assess the resilience of surveillance systems against FDIAs. To achieve this goal, we propose a complete and powerful domain-specific language (DSL), close to natural language, that provides a large expressiveness to support ATC business experts in creating FDIA’s test scenarios. We demonstrate the design capabilities of this approach and its productivity gain with respect to manually creating the FDIAs test scenarios.

[1]  Ian Horrocks,et al.  FaCT++ Description Logic Reasoner: System Description , 2006, IJCAR.

[2]  Faizan Javed,et al.  Applications of Grammatical Inference in Software Engineering: Domain Specific Language Development , 2010, Scientific Applications of Language Methods.

[3]  Calin Belta,et al.  Temporal Logics and Automata , 2017 .

[4]  Rubén Prieto-Díaz,et al.  DARE: Domain analysis and reuse environment , 1998, Ann. Softw. Eng..

[5]  Peter Brooker,et al.  SESAR and NextGen: Investing In New Paradigms , 2008, Journal of Navigation.

[6]  A. Smith,et al.  Methods to Provide System-Wide ADS-B Back-Up, Validation and Security , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[7]  Ivan Martinovic,et al.  Security of ADS-B: State of the Art and Beyond , 2013, ArXiv.

[8]  Jianyi Liu,et al.  Analysis of Message Attacks in Aviation Data-Link Communication , 2018, IEEE Access.

[9]  Russell A. Paielli Automated Generation of Air Traffic Encounters for Testing Conflict-Resolution Software , 2013, J. Aerosp. Inf. Syst..

[10]  Maria João Varanda Pereira,et al.  Ontological approach for DSL development , 2016, Comput. Lang. Syst. Struct..

[11]  Paul Klint,et al.  A Case of Visitor versus Interpreter Pattern , 2011, TOOLS.

[12]  Naima Kaabouch,et al.  A preliminary effort toward investigating the impacts of ADS-B message injection attack , 2018, 2018 IEEE Aerospace Conference.

[13]  Ivan Martinovic,et al.  Experimental Analysis of Attacks on Next Generation Air Traffic Communication , 2013, ACNS.

[14]  M Mernik,et al.  When and how to develop domain-specific languages , 2005, CSUR.

[15]  Dieter Fensel,et al.  Knowledge Engineering: Principles and Methods , 1998, Data Knowl. Eng..

[16]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[17]  Naima Kaabouch,et al.  Analysis of vulnerabilities, attacks, countermeasures and overall risk of the Automatic Dependent Surveillance-Broadcast (ADS-B) system , 2017, Int. J. Crit. Infrastructure Prot..

[18]  Kyo Chul Kang,et al.  Feature-Oriented Domain Analysis (FODA) Feasibility Study , 1990 .

[19]  James F. Epperson On the Runge example , 1987 .

[20]  Renata Pontin de Mattos Fortes,et al.  A systematic review of domain analysis tools , 2010, Inf. Softw. Technol..

[21]  Boris Motik,et al.  HermiT: An OWL 2 Reasoner , 2014, Journal of Automated Reasoning.

[22]  K. C. Ho,et al.  A simple and efficient estimator for hyperbolic location , 1994, IEEE Trans. Signal Process..

[23]  R. M. Trim Mode S: an introduction and overview , 1990 .

[24]  Marjan Mernik,et al.  Ontology driven development of domain-specific languages , 2011, Comput. Sci. Inf. Syst..

[25]  K. C. Ho,et al.  Elliptic Localization: Performance Study and Optimum Receiver Placement , 2014, IEEE Transactions on Signal Processing.

[26]  Rui Pinheiro,et al.  On Perception and Reality in Wireless Air Traffic Communication Security , 2016, IEEE Transactions on Intelligent Transportation Systems.

[27]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[28]  Asaf Shabtai,et al.  VizADS-B: Analyzing Sequences of ADS-B Images Using Explainable Convolutional LSTM Encoder-Decoder to Detect Cyber Attacks , 2019, ArXiv.

[29]  G Stix,et al.  The mice that warred. , 2001, Scientific American.

[30]  Daniel Hoffman,et al.  Commonality and Variability in Software Engineering , 1998, IEEE Softw..

[31]  Bruno Sinopoli,et al.  False Data Injection Attacks in Electricity Markets , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[32]  Alexandre Vernotte,et al.  Test Data Generation for False Data Injection Attack Testing in Air Traffic Surveillance , 2020, 2020 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW).

[33]  Hiroshi Akima,et al.  A New Method of Interpolation and Smooth Curve Fitting Based on Local Procedures , 1970, JACM.

[34]  Jeffrey G. Gray,et al.  Using Ontologies in the Domain Analysis of Domain-Specific Languages , 2009, TWOMDE@MoDELS.

[35]  Ian Horrocks,et al.  OWL Web Ontology Language Reference-W3C Recommen-dation , 2004 .

[36]  Ana C. R. Paiva,et al.  From Requirements to Automated Acceptance Tests of Interactive Apps: An Integrated Model-based Testing Approach , 2019, ENASE.

[37]  Miao Ma,et al.  Resilience Against False Data Injection Attack in Wireless Sensor Networks , 2008 .

[38]  Scott Pakin,et al.  The Design and Implementation of a Domain-Specific Language for Network Performance Testing , 2007, IEEE Transactions on Parallel and Distributed Systems.

[39]  Krzysztof Czarnecki,et al.  GeoScenario: An Open DSL for Autonomous Driving Scenario Representation , 2019, 2019 IEEE Intelligent Vehicles Symposium (IV).

[40]  Arie van Deursen,et al.  Domain-specific language design requires feature descriptions , 2002 .

[41]  Asaf Shabtai,et al.  Using LSTM Encoder-Decoder Algorithm for Detecting Anomalous ADS-B Messages , 2017, Comput. Secur..

[42]  Markus Maurer,et al.  Scenarios for Development, Test and Validation of Automated Vehicles , 2018, 2018 IEEE Intelligent Vehicles Symposium (IV).

[43]  Umut Durak,et al.  OWL ontology to Ecore metamodel transformation for designing a domain specific language to develop aviation scenarios , 2017, SpringSim.

[44]  Will Tracz,et al.  Software development using domain-specific software architectures: CDRl A011—a curriculum module in the SEI style , 1995, SOEN.

[45]  Marjan Mernik,et al.  Domain-Specific Languages: A Systematic Mapping Study , 2016, Inf. Softw. Technol..

[46]  Mani B. Srivastava,et al.  The bits and flops of the n-hop multilateration primitive for node localization problems , 2002, WSNA '02.

[47]  Martin Strohmeier,et al.  Security in next generation air traffic communication networks , 2016 .