Table of Contents
Fetching ...

A Survey of Security Challenges and Solutions for Advanced Air Mobility and eVTOL Aircraft

Mahyar Ghazanfari, Iman Sharifi, Peng Wei, Noah Dahle, Abel Diaz Gonzalez, Austin Coursey, Bryce Bjorkman, Cailani Lemieux-Mack, Robert Canady, Abenezer Taye, Bryan C. Ward, Xenofon Koutsoukos, Gautam Biswas, Maheed H. Ahmed, Hyeong Tae Kim, Mahsa Ghasemi, Vijay Gupta, Filippos Fotiadis, Ufuk Topcu, Junchi Lu, Alfred Chen, Abdul Kareem Ras, Nischal Aryal, Amer Ibrahim, Amir Shirkhodaie, Heber Herencia-Zapana, Saqib Hasan, Isaac Amundson

TL;DR

This work addresses the cybersecurity challenges of Advanced Air Mobility and eVTOL platforms by composing a system-level risk taxonomy across onboard avionics, autonomy, data links, and cloud interactions. It synthesizes existing threats (eg GNSS spoofing, ADS-B weaknesses, and ATC impersonation) with defense strategies (RTK GNSS, multi-sensor fusion, ACAS-X integrity concepts, eFB segmentation, and cloud provenance) to propose a comprehensive secure architecture for future AAM ecosystems. The paper identifies critical gaps, including the lack of standardized threat models, authenticated surveillance and navigation data, robust C2/fall-back mechanisms, and cross-domain provenance across PSU/SDSP cloud services. Its contributions lay the groundwork for end-to-end resilience, urging collaboration among avionics, cybersecurity, operations, and regulators to achieve trustworthy, scalable AAM deployments with measurable security assurances.

Abstract

This survey reviews the existing and envisioned security vulnerabilities and defense mechanisms relevant to Advanced Air Mobility (AAM) systems, with a focus on electric vertical takeoff and landing (eVTOL) aircraft. Drawing from vulnerabilities in the avionics in commercial aviation and the automated unmanned aerial systems (UAS), the paper presents a taxonomy of attacks, analyzes mitigation strategies, and proposes a secure system architecture tailored to the future AAM ecosystem. The paper also highlights key threat vectors, including Global Positioning System (GPS) jamming/spoofing, ATC radio frequency misuse, attacks on TCAS and ADS-B, possible backdoor via Electronic Flight Bag (EFB), new vulnerabilities introduced by aircraft automation and connectivity, and risks from flight management system (FMS) software, database and cloud services. Finally, this paper describes emerging defense techniques against these attacks, and open technical problems to address toward better defense mechanisms.

A Survey of Security Challenges and Solutions for Advanced Air Mobility and eVTOL Aircraft

TL;DR

This work addresses the cybersecurity challenges of Advanced Air Mobility and eVTOL platforms by composing a system-level risk taxonomy across onboard avionics, autonomy, data links, and cloud interactions. It synthesizes existing threats (eg GNSS spoofing, ADS-B weaknesses, and ATC impersonation) with defense strategies (RTK GNSS, multi-sensor fusion, ACAS-X integrity concepts, eFB segmentation, and cloud provenance) to propose a comprehensive secure architecture for future AAM ecosystems. The paper identifies critical gaps, including the lack of standardized threat models, authenticated surveillance and navigation data, robust C2/fall-back mechanisms, and cross-domain provenance across PSU/SDSP cloud services. Its contributions lay the groundwork for end-to-end resilience, urging collaboration among avionics, cybersecurity, operations, and regulators to achieve trustworthy, scalable AAM deployments with measurable security assurances.

Abstract

This survey reviews the existing and envisioned security vulnerabilities and defense mechanisms relevant to Advanced Air Mobility (AAM) systems, with a focus on electric vertical takeoff and landing (eVTOL) aircraft. Drawing from vulnerabilities in the avionics in commercial aviation and the automated unmanned aerial systems (UAS), the paper presents a taxonomy of attacks, analyzes mitigation strategies, and proposes a secure system architecture tailored to the future AAM ecosystem. The paper also highlights key threat vectors, including Global Positioning System (GPS) jamming/spoofing, ATC radio frequency misuse, attacks on TCAS and ADS-B, possible backdoor via Electronic Flight Bag (EFB), new vulnerabilities introduced by aircraft automation and connectivity, and risks from flight management system (FMS) software, database and cloud services. Finally, this paper describes emerging defense techniques against these attacks, and open technical problems to address toward better defense mechanisms.
Paper Structure (51 sections, 4 figures, 11 tables)

This paper contains 51 sections, 4 figures, 11 tables.

Figures (4)

  • Figure 1: Illustrative architecture of a commercial Flight Management System (FMS), highlighting potential adversarial attack vectors.
  • Figure 2: ACAS-X continuously updates its aircraft state estimates as new sensor measurements become available. The system represents uncertainty using a probability distribution, which determines the appropriate region of the lookup table from which to select the corresponding resolution advisory.
  • Figure 3: Attack vectors and target data categories for EFBs, highlighting how operational, technical, and passenger-related data may be compromised through remote, local, or human-based threats.
  • Figure 4: Threat channels affecting eVTOL visual perception on approach.