5G and Aviation: A Look Into Security and Technology Upgrades Working in Tandem
By Craig Gibson and Fyodor Yarochkin
The Federal Aviation Authority (FAA) highlighted safety risks between 5G and aircraft instruments, and the implementation of the technology has caused a momentary disruption in international flights as long-haul carriers grappled with the concerns of the technology change. While 5G has features capable of supporting communications for airplanes, airports, and drone air traffic control, it is the interference between the radio signals used by the new technology (5G) and older technology (radar altimeters) that is seen as the source of these risks.
In this article, we break down the risks, the potential safety and security impact of the concerns, and recommendations for these technologies in terms of maintaining efficiency for safety and upgrades in the aviation industry.
Following US telecommunications’ update of systems to using 5G networks, the FAA issued several statements on the safety risks and outlined that two altimeter models installed on a number of Boeing and Airbus plane models are affected by 5G C band radio interference. Boeing has even requested carriers with 777s and 747-8s not to land in airports without 5G notices. C band is a radio frequency between 3.7 and 4.2 GHz, with 5G utilizing a range of 3.5 to 3.98 GHz. Radar altimeters (RA) operate at frequencies of 4.2-4.4GHz, so the close proximity is the foreseen cause for potential interference. These could cause problems for planes when landing in low-visibility conditions. It is estimated that 48 of 88 airports will be affected by the upgrade to 5G C band. The Federal Communications Commission (FCC) initially approved only the lower end of the band to minimize potential impact.
These safety and security risks center on the overlap between two types of radio management standards in the radar altimeter: 5G cellular radio used in mobile cellular devices, and radio detection and ranging (radar) system used in aircrafts. Radar is a type of radio that aircraft and airports use to determine distance. RAs are used by commercial aircraft during approach and landing to determine the vertical distance between the airplane and the ground, and the lateral distance from the plane to the runway. Other types of radar devices are also used between airplanes, in runway beacons, and by air traffic control towers.
The reality of 5G-related aircraft risks
We discuss the basic concepts associated with the technologies concerned and integrate the usage and potential risks to air traffic control, aircrafts, airports, and passengers.
What is radio noise?
Radio can be described like water’s movements. It is composed of ripples of broadcast electricity that spread outward from the cell tower antenna, much like how ripples spread outward from the point of impact when an object touches the surface of the water. A large amount of radio broadcast power could be thought of as big ripples made by a big rock dropped in a pond. How close the ripples are to each other can be thought of as the radio frequency (wherein lots of ripples = high frequency). The job of a radio device is to count the number, timing, and size of these ripples and turn it into data. This data then becomes a mobile phone call, downloaded video, or a radar signal.
When there is a lot of communication (many sources of radio ripples), low-quality radio devices have difficulty distinguishing between the different ripples. Radio frequencies that are too close to each other could cause mutual interference. This confusing and messy signal is called radio noise. When there is enough noise, a device may not function as intended. Devices are separated by frequency, but with enough noise even that can become unpredictable. Of course, many factors, such as direction of the radio beam, intensity of the emitted signal, and location of the antennas, could affect signal quality.
Security and safety risks of radio noise
This brings us to examples of two types of devices that can interfere with each other and be “confused” by the resulting radio noise. One of them considered relevant in this discussion is C band RAs in modern jetliner aircrafts. These devices use C band range of radio frequencies to emit a radio beam and receive reflected signal. This altimeter device then computes distance data. This data can be used by the aircraft’s navigation instruments, terrain awareness, and collision-avoidance systems. A misreading of the reflected signal could lead to incorrect information provided by the altimeter. Such errors could be catastrophic to the aircraft, especially in low-visibility conditions.
5G radio towers and devices make up the second type. When these two technologies interact during takeoff and landing, there is a risk of causing incorrect altitude readings RAs and having the plane and its heavily automated systems lose track of the ground. This increases the chance of collision with the ground (a plane crash).
An expedient and blunt method of addressing this is to ensure there is a physical buffer zone (or a circle of 5G coverage gap around the airport). It should be large enough for a human pilot to have an ample amount of time to take control of the landing function in a 5G related emergency. Currently, this amount of time is generally less than two minutes throughout the world, and between zero seconds (no safety ring at all) and 20 seconds throughout the US.
From a security perspective, these risks are quite concerning. The European and US government responses assume their acknowledgement of a 5G radio vulnerability capable of crashing a plane, noting the discrepancies of different countries’ 5G deployments in and near airports. In all but 50 US airports, the time allowed for a pilot to respond is zero seconds if, for instance, a 5G-class device was to interact with radar in a malicious way.
A mitigation approach advocated from the 5G standpoint is to treat aircraft as if they were 5G devices. Terrestrial 5G is handled by cell towers, while satellites handle aerial and transoceanic 5G. As 5G has an extremely high-accuracy positioning capability, it could be an excellent replacement for the radar in 5G areas without affecting other services and creating “5G outage circles” (5G buffer zones). The airport itself could use 5G similarly to the current 5G ocean ports such as the Port of Antwerp in Belgium, which uses a 5G campus network managed by the port itself. This port’s 5G campus is increasingly able to support autonomous 5G vehicle shipping traffic. This was also supported by various testimonies at the GSMA Future Networks on 5G’s growing role in supporting communication, transportation, aviation, and security given 5G’s considerable agility, speed, reduced latency, and requirement for accuracy.
5G has a number of anti-jamming, anti-spoofing, and interference management capabilities that radar does not. The concerns raised by the FAA are addressed by relying on 5G or using it in tandem with traditional radar. By using both in conjunction, it could address concerns on expensive aircraft radar retrofitting as many aviation standards still require radar.
Airplanes, phones, and flying drones using this security model would all rely on the 5G standard as opposed to the exclusive use of radar. Each device could use security detection and solutions software: As malware attacks the plane, airport, or passengers’ devices, these solutions can identify the attack before it has an effect through analysis of the airplane’s supply chain attack surface, bolster this with knowledge of emerging threats, and make ongoing improvements to the overall security posture. These threat responses would be coordinated through a Security Operations Center (SOC), which can use attack telemetry from one part of the airline or customer infrastructure for predicting attacks against another.
All is not lost. A fact of this risk is that radar and 5G interact in unpredictable ways. One way to address this vulnerability is to make the risk predictable and, therefore, manageable. By making the risk predictable and manageable, exploitation and the impact of this risk can be mitigated.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report