Traffic Collision Avoidance Systems (TCAS) are safety-critical systems required on most commercial aircrafts in service today. However, TCAS was not designed to account for malicious actors. While in the past it may have been infeasible for an attacker to craft radio signals to mimic TCAS signals, attackers today have access to open-source digital signal processing software, like GNU Radio, and inexpensive software defined radios (SDR) that enable the transmission of spurious TCAS messages. In this paper, methods, both qualitative and quantitative, for analyzing TCAS from an adversarial perspective are presented. To demonstrate the feasibility of inducing near mid-air collisions between current day TCAS-equipped aircraft, an experimental Phantom Aircraft generator is developed using GNU Radio and an SDR against a realistic threat model.

中文翻译：

---

交通防撞系统漏洞利用的可行性研究

交通防撞系统 (TCAS) 是当今服役的大多数商用飞机所需的安全关键系统。然而，TCAS 并不是为了解决恶意行为者而设计的。虽然在过去，攻击者可能无法制作无线电信号来模拟 TCAS 信号，但今天的攻击者可以使用开源数字信号处理软件，如 GNU Radio，以及支持传输的廉价软件定义无线电 (SDR)虚假的 TCAS 消息。在本文中，提出了从对抗性角度分析 TCAS 的定性和定量方法。为了证明在当前配备 TCAS 的飞机之间诱导接近空中碰撞的可行性，使用 GNU Radio 和 SDR 针对现实威胁模型开发了实验性幻影飞机发生器。