Which is why it has always been traditional to have entirely independent systems so that cross checking is possible.
Yes, traditional. But now we have GPS standalone LPV approaches. Down to CAT 1 minima (in some countries). With no ground based navigation aid in range and no other on-board system with the required precision to back it up. Even ground proximity warning systems depend on GPS to some degree. So we really must take this spoofing threat seriously, I'm afraid.
This paper comes to mind when reading about the GPS spoofing. The paper was presented at Black Hat in 2012, don't remember what the response was from the industry though.
Basically it addresses that ADS-B lacks encryption and authentication. Just like many other protocols and systems (cars, medical devices, the list can go on).
That's interesting, but unsuprising. ADS-B has zero security. You could leave a box outside Eurocontrol's HQ with an ADS-B transmitter inside and a battery, and have it transmitting the track of a fictitious 747 from Gatwick to Munich, and nobody could tell it's not real.
If you picked the tail number and ID of a plane which is concurrently in flight, the system ought to realise something is obviously wrong... but it won't know which is the real one. I don't think ADS-B does any triangulation at the receivers, as e.g. the sferics networks do to get the lightning locations.
It's quite funny that at the Eurocontrol "navigation workshop" I went to a while ago they proposed the removal of radars, to reduce route charges to airlines, and replace them with ADS-B.
If you set 109.95 (the Shoreham EGKA DME) and fly near Caen LFRK, you pick up a solid reading, but it isn't EGKA's. It's somebody else's. As you fly north, that unknown DME gets weaker and eventually Shoreham's DME comes up, at about 85D (assuming FL100+) i.e. still over France, but apart from the morse ident, and the reading matching what your GPS is showing on a DCT EGKA, and the DME-derived ground speed (how many pilots watch that one) you would never know the difference.
Of course, with a DOC of 10NM/5000ft you wouldn't be relying on it anyway, at 85D, would you? ;)
That's interesting, but unsuprising. ADS-B has zero security.
But other than GPS it would be quite easy to make it more secure as there is two-way communication involved. ATC could provide all genuine airspace users with an encryption key together with their clearance and the spoofers will remain outside.
With no ground based navigation aid in range and no other on-board system with the required precision to back it up.
But places offering LPV down to CAT 1 minima ought to monitor GPS. That way they should detect spoofing, unless the spoofer does it with very directional antennae, which adds to the difficulty of the attacker.
I don't think ADS-B does any triangulation at the receivers
This is called (Wide Area) Multilateration and apparently all the rage in Eurocontrol circles, for example here:
It's implemented in Innsbruck, for example (not specific to ADS-B, works with any Mode-S transponder)
Of course, with a DOC of 10NM/5000ft you wouldn't be relying on it anyway, at 85D, would you?
Very correct answer 
But it does assume that you "somehow else" know where you are, otherwise you are not in a position to question the DOC.
But other than GPS it would be quite easy to make it more secure as there is two-way communication involved. ATC could provide all genuine airspace users with an encryption key together with their clearance and the spoofers will remain outside.
Is it 2-way?
I am fairly sure ADS-B emissions are just emissions. The receiver is just a passive receiver box. That's how those cheap boxes work.
This isn't Mode S with Enhanced Surveillance where the aircraft lat/long etc is returned only when pinged by the SSR radar.
This is called (Wide Area) Multilateration and apparently all the rage in Eurocontrol circles
Clearly I need to follow the Brussels fashion scene more closely 
Did you ever see the entrance security where you stand in a Star-Trek teleporter style tube and the piece of floor you stand on counts the number of feet standing on it, and checks it is 2. It's delightful to see taxpayer money so well spent. But they risk litigation under the EU disability regs.
That's interesting, but unsuprising. ADS-B has zero security. You could leave a box outside Eurocontrol's HQ with an ADS-B transmitter inside and a battery, and have it transmitting the track of a fictitious 747 from Gatwick to Munich, and nobody could tell it's not real.
It's quite funny that at the Eurocontrol "navigation workshop" I went to a while ago they proposed the removal of radars, to reduce route charges to airlines, and replace them with ADS-B.
I don't know when ADS-B development was started, but it wouldn't surprise me if it was mid 90s. The security awareness has changed a bit since then. I don't think these large projects are quick, nor do they easily adapt to new requirements and do recurring threat analysis :)
Next time you attend those workshops Peter, ask them about the security :)
But other than GPS it would be quite easy to make it more secure as there is two-way communication involved. ATC could provide all genuine airspace users with an encryption key together with their clearance and the spoofers will remain outside.
How do you do key management? Do you envision the CAA to send you a letter with your public/private key pair and then you type it into your transponder?
I cannot imagine this to work. Right now 10% of the crews cannot enter their Mode-S ident correctly, apparently. So I bet at least 50% wouldn't get their keys correctly into the transponder.
And then each radar site would have to have some means to get the public key of any aircraft. That means some sort of home location register would have to be implemented by every country. I cannot imagine this to happen anytime soon.
I am fairly sure ADS-B emissions are just emissions.
Exactly, that's why it's called -B (for Broadcast)
