Traffic Collision Avoidance System: Threat Actor Model and Attack Taxonomy

As air travel increases across the globe, the opportunities for exploiting air communications increase as well. In modern aviation technology, the Traffic Collision Avoidance System (TCAS) is used to deter mid-air collisions between aircraft. With an increase in the air traffic, it is imperative for the safety of passengers that TCAS properly functions. This paper aims to present the first TCAS threat actor model, adapted from a cyber threat model. The determined threat actors include: Advanced Persistent Threats (APTs), Insider Threats, Criminal Organizations, and Hobbyists. Additionally, the paper presents the first taxonomy of communication threats against TCAS. Using an Automatic dependent surveillance-broadcast (ADS-B) threat model, the TCAS threats are categorized into passive, eavesdropping and active attacks, ghosting, denial-of-service, and spoofing. Furthermore, the paper presents the requirements necessary to successfully implement a spoofing attack. After the taxonomy of threats are presented, future work is discussed regarding the current TCAS implementation and future versions.