A domain-specific language to design false data injection tests for air traffic control systems

The ADS-B-automatic dependent surveillance-broadcast-technology requires aircraft to broadcast their position and velocity periodically. As compared to legacy radar technologies, coupled with alarming cyber security issues (the ADS-B protocol provides no encryption nor identification), the reliance on aircraft to communicate this surveillance information exposes air transport to new cyber security threats, and especially to FDIAs-false data injection attacks-where an attacker modifies, blocks, or emits fake ADS-B messages to dupe controllers and surveillance systems. This paper is part of an ongoing research initiative toward the generation of FDIA test scenarios and focuses on supporting the test design activity, i.e., supporting ATC experts to meticulously craft test cases in order to assess the resilience of surveillance systems against FDIAs. To achieve this goal, we propose a complete and powerful domain-specific language (DSL), close to natural language, that provides a large expressiveness to support ATC business experts in creating FDIA's test scenarios. We demonstrate the design capabilities of this approach and its productivity gain with respect to manually creating the FDIAs test scenarios.