Two people in the RCAT lab simulator

Securing Systems in the Sky

By Karina Wright

Our Resilient Cyber Aerospace Testbed, the RCAT, pressure-tests real and potential cyberattack scenarios of on-board electronic systems. Here’s a 30,000-foot look at the lab’s work to advance avionics security.

The technologies aboard an aircraft present a massive attack surface for cyber adversaries. Interconnected systems—from radios to GPS to displays—offer several points of entry.

A bad actor gaining access to the aircraft’s data network could remotely take over a plane’s avionics and control systems to disrupt flight-critical systems or throw off the position, navigation, and timing system by seconds, setting a collision in motion.

With thousands of military and commercial aircraft in skies around the globe at any given time, how do we secure on-board electronic systems?

Jeff Higginson, who leads our Resilient Cyber Aerospace Testbed (RCAT), has answers and insights.

Here’s Higginson’s 30,000-foot perspective about how the RCAT helps secure avionics—the systems that control an aircraft’s essential navigation and safety functions.

Q: What does the RCAT Lab do?

Higginson: The lab is a proving ground for timely, lower cost solutions designed to keep bad actors out of an aircraft’s multiple electronic platforms — and to spot and mitigate their tactics when they’re deployed.

For example, one aspect of our work involves training air crews to recognize the latest threats such as GPS spoofing, when fake position data is sent to navigation systems, which could mislead an aircraft into restricted or enemy airspace.

We develop versatile tools and technologies and get these solutions in the field faster than a typical two- to three-year acquisition cycle. Some solutions cost as little as $200 and are extremely low weight, an important consideration for all aircraft.

The lab was established 25 years ago to help the Air Force quickly integrate avionics into their cockpits at a lower cost. It evolved into a cyber testbed as threats began to ramp up. We made additional investments in capabilities and now have one of the premier aircraft cyber test beds in the Department of Defense.

Q: What makes aircraft systems different from other electronic systems?

Higginson: You might think that if somebody gets access to your radio, it makes things a little hard but your plane will still fly. Except that the radio is connected to a bunch of other systems over the aircraft data bus [collection of signals]. And if someone gets access to that system, they can get access to all those other systems.

Planes are not designed like IT systems with firewalls, routers, and switches. We've developed capabilities that prevent malware from taking over an aircraft and turning off an oxygen system or the fuel system or capturing the autopilot.

 

We develop versatile tools and technologies and get solutions in the field faster than a two to three-year acquisition cycle.

Jeff Higginson, Department Manager, Mission Resilience and Crypto

Q: How does the lab approach this research?

Higginson: We bring avionics and cybersecurity together under one roof to pressure-test real and theoretical attack scenarios. But not in a vacuum. Pilots test solutions in our cockpit simulators. We regularly collaborate with the Air Force, the FAA, and industry.

The lab is located on our Bedford [Massachusetts] campus, down the road from our sponsor and longtime collaborators at Hanscom Air Force Base.

We're lucky to have a strong partnership with the New Hampshire Air National Guard and Pease Air National Guard Base nearby. They have tankers and transport aircraft—some built on the same airframes used by commercial airlines. We also partner with the Guard unit at Barnes Air Force Base that flies F-15s. We collaborate with the Vermont Air National Guard, too. They fly F-35s. All of this to say we regularly bring pilots to the lab, or we go to the bases to show stakeholders what we're doing.

They've been the best advocates. When we bring them an idea, they'll say, “Let's do that. We'll help you.”

What we do in the lab helps strengthen avionics in both military and civilian aircraft. We work very closely with our FAA-sponsored R&D center, the Center for Advanced Aviation System Development, to share the solutions we're developing. Our goal is to make them as broadly available as possible to protect the nation.

Q: What’s in the lab?

Higginson: The RCAT is structured so that we can scrutinize individual pieces of avionics—a navigation system, a communication system, an autopilot system, and more—understand how a cyberattack might affect the single system and then how an attack might impact the aircraft’s larger system.

There’s a full aircraft here in the lab with all these systems integrated.

The lab has three cockpit simulators, integrated avionics components for communications, navigation, surveillance/Air Traffic Management, flight management, and bus interface for testing.

The set-up creates an immersive environment. We can do mission emulation and “live fly” demonstrations to explore, model, and mitigate the impacts of various cyber-attacks. We can also examine how a pilot perceives a cyberattack and understand what they will try to do to fix the problem.

Q: Anything else you’d like to add about the RCAT Lab?

We don’t have many offices or cubicles. That’s intentional. There are whiteboards everywhere. We keep our space open for unclassified work and encourage others to see our research in action and how it might apply to their work for government sponsors.

Any sponsor, whether they're military or FAA or Homeland Security or state or even local, they can come see what we're doing. I think lowering the barrier has helped us be successful.

Also, we’re part of the [MITRE] Cyber Futures Internship program, so we generally have between 10 and 15 interns a year in the lab, which is great.

Interested in solving problems for a safer world? Join our community of innovators, learners, knowledge-sharers, and risk takers. View our Job Openings and Student Programs. Subscribe to our MITRE 360 Newsletter.