Protecting Military Avionics Platforms from Attacks on MIL-STD-1553 Communication Bus

TL;DR

This paper analyzes security vulnerabilities of the MIL-STD-1553 communication bus in military avionics, proposing anomaly detection methods and an intrusion detection system to enhance security against cyber attacks.

Contribution

It provides a comprehensive security analysis of MIL-STD-1553 and introduces a novel anomaly detection approach and IDS framework for this legacy communication standard.

Findings

Effective anomaly detection in testbed scenarios

Detection of attacks on real system data

Proposed IDS enhances security of MIL-STD-1553

Abstract

MIL-STD-1553 is a military standard that defines the physical and logical layers, and a command/response time division multiplexing of a communication bus used in military and aerospace avionic platforms for more than 40 years. As a legacy platform, MIL-STD-1553 was designed for high level of fault tolerance while less attention was taken with regard to security. Recent studies already addressed the impact of successful cyber attacks on aerospace vehicles that are implementing MIL-STD-1553. In this study we present a security analysis of MIL-STD-1553. In addition, we present a method for anomaly detection in MIL-STD-1553 communication bus and its performance in the presence of several attack scenarios implemented in a testbed, as well as results on real system data. Moreover, we propose a general approach towards an intrusion detection system (IDS) for a MIL-STD-1553 communication bus.