< draft-ietf-raw-ldacs-09.txt   draft-ietf-raw-ldacs-10.txt >
RAW N. Maeurer, Ed. RAW N. Maeurer, Ed.
Internet-Draft T. Graeupl, Ed. Internet-Draft T. Graeupl, Ed.
Intended status: Informational German Aerospace Center (DLR) Intended status: Informational German Aerospace Center (DLR)
Expires: 25 April 2022 C. Schmitt, Ed. Expires: 22 September 2022 C. Schmitt, Ed.
Research Institute CODE, UniBwM Research Institute CODE, UniBwM
22 October 2021 21 March 2022
L-band Digital Aeronautical Communications System (LDACS) L-band Digital Aeronautical Communications System (LDACS)
draft-ietf-raw-ldacs-09 draft-ietf-raw-ldacs-10
Abstract Abstract
This document gives an overview of the architecture of the L-band This document gives an overview of the architecture of the L-band
Digital Aeronautical Communications System (LDACS), which provides a Digital Aeronautical Communications System (LDACS), which provides a
secure, scalable and spectrum efficient terrestrial data link for secure, scalable and spectrum efficient terrestrial data link for
civil aviation. LDACS is a scheduled, reliable multi-application civil aviation. LDACS is a scheduled, reliable multi-application
cellular broadband system with support for IPv6. LDACS provides a cellular broadband system with support for IPv6. LDACS provides a
data link for IPv6 network-based aircraft guidance. High reliability data link for IPv6 network-based aircraft guidance. High reliability
and availability for IP connectivity over LDACS, as well as security, and availability for IP connectivity over LDACS, as well as security,
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 25 April 2022. This Internet-Draft will expire on 22 September 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Motivation and Use Cases . . . . . . . . . . . . . . . . . . 6 3. Motivation and Use Cases . . . . . . . . . . . . . . . . . . 6
3.1. Voice Communications Today . . . . . . . . . . . . . . . 7 3.1. Voice Communications Today . . . . . . . . . . . . . . . 7
3.2. Data Communications Today . . . . . . . . . . . . . . . . 7 3.2. Data Communications Today . . . . . . . . . . . . . . . . 7
4. Provenance and Documents . . . . . . . . . . . . . . . . . . 8 4. Provenance and Documents . . . . . . . . . . . . . . . . . . 8
5. Applicability . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Applicability . . . . . . . . . . . . . . . . . . . . . . . . 9
5.1. Advances Beyond the State-of-the-Art . . . . . . . . . . 9 5.1. Advances Beyond the State-of-the-Art . . . . . . . . . . 9
5.1.1. Priorities . . . . . . . . . . . . . . . . . . . . . 9 5.1.1. Priorities . . . . . . . . . . . . . . . . . . . . . 9
5.1.2. Security . . . . . . . . . . . . . . . . . . . . . . 9 5.1.2. Security . . . . . . . . . . . . . . . . . . . . . . 10
5.1.3. High Data Rates . . . . . . . . . . . . . . . . . . . 10 5.1.3. High Data Rates . . . . . . . . . . . . . . . . . . . 10
5.2. Application . . . . . . . . . . . . . . . . . . . . . . . 10 5.2. Application . . . . . . . . . . . . . . . . . . . . . . . 10
5.2.1. Air/Ground Multilink . . . . . . . . . . . . . . . . 10 5.2.1. Air/Ground Multilink . . . . . . . . . . . . . . . . 10
5.2.2. Air/Air Extension for LDACS . . . . . . . . . . . . . 10 5.2.2. Air/Air Extension for LDACS . . . . . . . . . . . . . 11
5.2.3. Flight Guidance . . . . . . . . . . . . . . . . . . . 11 5.2.3. Flight Guidance . . . . . . . . . . . . . . . . . . . 11
5.2.4. Business Communications of Airlines . . . . . . . . . 12 5.2.4. Business Communications of Airlines . . . . . . . . . 12
5.2.5. LDACS-based Navigation . . . . . . . . . . . . . . . 12 5.2.5. LDACS-based Navigation . . . . . . . . . . . . . . . 12
6. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 12 6. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 13
7. Characteristics . . . . . . . . . . . . . . . . . . . . . . . 14 7. Characteristics . . . . . . . . . . . . . . . . . . . . . . . 14
7.1. LDACS Sub-Network . . . . . . . . . . . . . . . . . . . . 14 7.1. LDACS Sub-Network . . . . . . . . . . . . . . . . . . . . 14
7.2. Topology . . . . . . . . . . . . . . . . . . . . . . . . 15 7.2. Topology . . . . . . . . . . . . . . . . . . . . . . . . 15
7.3. LDACS Protocol Stack . . . . . . . . . . . . . . . . . . 15 7.3. LDACS Protocol Stack . . . . . . . . . . . . . . . . . . 16
7.3.1. LDACS Physical Layer . . . . . . . . . . . . . . . . 17 7.3.1. LDACS Physical Layer . . . . . . . . . . . . . . . . 17
7.3.2. LDACS Data Link Layer . . . . . . . . . . . . . . . . 17 7.3.2. LDACS Data Link Layer . . . . . . . . . . . . . . . . 18
7.3.3. LDACS Sub-Network Layer and Protocol Services . . . . 19 7.3.3. LDACS Sub-Network Layer and Protocol Services . . . . 19
7.4. LDACS Mobility . . . . . . . . . . . . . . . . . . . . . 19 7.4. LDACS Mobility . . . . . . . . . . . . . . . . . . . . . 20
8. Reliability and Availability . . . . . . . . . . . . . . . . 19 8. Reliability and Availability . . . . . . . . . . . . . . . . 20
8.1. Below Layer 1 . . . . . . . . . . . . . . . . . . . . . . 19 8.1. Below Layer 1 . . . . . . . . . . . . . . . . . . . . . . 20
8.2. Layer 1 and 2 . . . . . . . . . . . . . . . . . . . . . . 19 8.2. Layer 1 and 2 . . . . . . . . . . . . . . . . . . . . . . 20
8.3. Beyond Layer 2 . . . . . . . . . . . . . . . . . . . . . 23 8.3. Beyond Layer 2 . . . . . . . . . . . . . . . . . . . . . 23
9. Security . . . . . . . . . . . . . . . . . . . . . . . . . . 23 9. Security . . . . . . . . . . . . . . . . . . . . . . . . . . 23
9.1. Security in Wireless Digital Aeronautical 9.1. Security in Wireless Digital Aeronautical
Communications . . . . . . . . . . . . . . . . . . . . . 24 Communications . . . . . . . . . . . . . . . . . . . . . 24
9.2. LDACS Requirements . . . . . . . . . . . . . . . . . . . 25 9.2. LDACS Requirements . . . . . . . . . . . . . . . . . . . 25
9.3. LDACS Security Objectives . . . . . . . . . . . . . . . . 25 9.3. LDACS Security Objectives . . . . . . . . . . . . . . . . 25
9.4. LDACS Security Functions . . . . . . . . . . . . . . . . 26 9.4. LDACS Security Functions . . . . . . . . . . . . . . . . 26
9.5. LDACS Security Architecture . . . . . . . . . . . . . . . 26 9.5. LDACS Security Architecture . . . . . . . . . . . . . . . 26
9.5.1. Entities . . . . . . . . . . . . . . . . . . . . . . 26 9.5.1. Entities . . . . . . . . . . . . . . . . . . . . . . 26
9.5.2. Entity Identification . . . . . . . . . . . . . . . . 27 9.5.2. Entity Identification . . . . . . . . . . . . . . . . 27
9.5.3. Entity Authentication and Key Establishment . . . . . 27 9.5.3. Entity Authentication and Key Establishment . . . . . 27
9.5.4. Message-in-transit Confidentiality, Integrity and 9.5.4. Message-in-transit Confidentiality, Integrity and
Authenticity . . . . . . . . . . . . . . . . . . . . 28 Authenticity . . . . . . . . . . . . . . . . . . . . 28
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28
12. Normative References . . . . . . . . . . . . . . . . . . . . 28 12. Normative References . . . . . . . . . . . . . . . . . . . . 28
13. Informative References . . . . . . . . . . . . . . . . . . . 29 13. Informative References . . . . . . . . . . . . . . . . . . . 28
Appendix A. Selected Information from DO-350A . . . . . . . . . 35 Appendix A. Selected Information from DO-350A . . . . . . . . . 34
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36
1. Introduction 1. Introduction
One of the main pillars of the modern Air Traffic Management (ATM) One of the main pillars of the modern Air Traffic Management (ATM)
system is the existence of a communications infrastructure that system is the existence of a communications infrastructure that
enables efficient aircraft control and safe aircraft separation in enables efficient aircraft control and safe aircraft separation in
all phases of flight. Current systems are technically mature but all phases of flight. Current systems are technically mature but
suffering from the Very High Frequency (VHF) band's increasing suffering from the Very High Frequency (VHF) band's increasing
saturation in high- density areas and the limitations posed by saturation in high- density areas and the limitations posed by
analogue radio communications. Therefore, aviation globally, and the analogue radio communications. Therefore, aviation globally, and the
skipping to change at page 4, line 43 skipping to change at page 4, line 43
In the context of safety-related communications, LDACS will play a In the context of safety-related communications, LDACS will play a
major role in future ATM. ATN/IPS datalinks will provide diversified major role in future ATM. ATN/IPS datalinks will provide diversified
terrestrial and space-based connectivity in a multi-link concept, terrestrial and space-based connectivity in a multi-link concept,
called the Future Communications Infrastructure (FCI) [VIR2021]. called the Future Communications Infrastructure (FCI) [VIR2021].
From a technical point of view the FCI will realize airborne multi- From a technical point of view the FCI will realize airborne multi-
homed IPv6 networks connected to a global ground network via at least homed IPv6 networks connected to a global ground network via at least
two independent communication technologies. This is considered in two independent communication technologies. This is considered in
more detail in related IETF work in progress [I-D.haindl-lisp-gb-atn] more detail in related IETF work in progress [I-D.haindl-lisp-gb-atn]
[I-D.ietf-rtgwg-atn-bgp]. [I-D.ietf-rtgwg-atn-bgp].
In the context of WG-RAW, developing options, such as intelligent In the context of the Reliable and Available Wireless (RAW) working
switching between datalinks, for reliably delivering content from and group, developing options, such as intelligent switching between
to endpoints, is foreseen. As LDACS is part of such a concept, the datalinks, for reliably delivering content from and to endpoints, is
work of RAW is immediately applicable. In general, with the foreseen. As LDACS is part of such a concept, the work of RAW is
aeronautical communications system transitioning to ATN/IPS, and data immediately applicable. In general, with the aeronautical
being transported via IPv6, closer cooperation and collaboration communications system transitioning to ATN/IPS, and data being
between the aeronautical and IETF community is desirable. transported via IPv6, closer cooperation and collaboration between
the aeronautical and IETF community is desirable.
LDACS standardization within the framework of ICAO started in LDACS standardization within the framework of ICAO started in
December 2016. The ICAO standardization group has produced an December 2016. The ICAO standardization group has produced an
initial Standards and Recommended Practices (SARPS) document initial Standards and Recommended Practices (SARPS) document
[ICA2018]. It defines the general characteristics of LDACS. The [ICA2018]. It defines the general characteristics of LDACS. The
ICAO standardization group plans to produce an ICAO technical manual ICAO standardization group plans to produce an ICAO technical manual
- the ICAO equivalent to a technical standard - within the next - the ICAO equivalent to a technical standard - within the next
years. Generally, the group is open to input from all sources and years. Generally, the group is open to input from all sources and
encourages cooperation between the aeronautical and the IETF encourages cooperation between the aeronautical and the IETF
community. community.
skipping to change at page 7, line 23 skipping to change at page 7, line 23
[RAW-TECHNOS]. [RAW-TECHNOS].
3.1. Voice Communications Today 3.1. Voice Communications Today
Voice links are used for Air/Ground (A/G) and Air/Air (A/A) Voice links are used for Air/Ground (A/G) and Air/Air (A/A)
communications. The communications equipment is either ground-based communications. The communications equipment is either ground-based
working in the High Frequency (HF) or VHF frequency band or working in the High Frequency (HF) or VHF frequency band or
satellite-based. All VHF and HF voice communications are operated satellite-based. All VHF and HF voice communications are operated
via open broadcast channels without authentication, encryption or via open broadcast channels without authentication, encryption or
other protective measures. The use of well-proven communications other protective measures. The use of well-proven communications
procedures via broadcast channels can help to enhance the safety of procedures via broadcast channels, such as phraseology or read-backs,
communications. The main voice communications media is still the requiring well-trained personnel, help to enhance the safety of
analogue VHF Double Side-Band Amplitude Modulation (DSB-AM) communications, but does not replace necessary cryptographical
security mechanisms. The main voice communications media is still
the analogue VHF Double Side-Band Amplitude Modulation (DSB-AM)
communications technique, supplemented by HF single side-band communications technique, supplemented by HF single side-band
amplitude modulation and satellite communications for remote and amplitude modulation and satellite communications for remote and
oceanic regions. DSB-AM has been in use since 1948, works reliably oceanic regions. DSB-AM has been in use since 1948, works reliably
and safely, and uses low-cost communication equipment. These are the and safely, and uses low-cost communication equipment. These are the
main reasons why VHF DSB-AM communications are still in use, and it main reasons why VHF DSB-AM communications are still in use, and it
is likely that this technology will remain in service for many more is likely that this technology will remain in service for many more
years. This however, results in current operational limitations and years. This however, results in current operational limitations and
impediments in deploying new ATM applications, such as flight-centric impediments in deploying new ATM applications, such as flight-centric
operation with point-to-point communications between pilots and air operation with point-to-point communications between pilots and air
traffic control officers. [BOE2019] traffic control officers. [BOE2019]
skipping to change at page 7, line 48 skipping to change at page 8, line 4
Like for voice, data communications into the cockpit, are currently Like for voice, data communications into the cockpit, are currently
provided by ground-based equipment operating either on HF or VHF provided by ground-based equipment operating either on HF or VHF
radio bands or by legacy satellite systems. All these communication radio bands or by legacy satellite systems. All these communication
systems are using narrowband radio channels with a data throughput systems are using narrowband radio channels with a data throughput
capacity in the order of kilobits per second. While the aircraft is capacity in the order of kilobits per second. While the aircraft is
on ground, some additional communications systems are available, like on ground, some additional communications systems are available, like
the Aeronautical Mobile Airport Communications System (AeroMACS) or the Aeronautical Mobile Airport Communications System (AeroMACS) or
public cellular networks, operating in the Airport (APT) domain and public cellular networks, operating in the Airport (APT) domain and
able to deliver broadband communications capability. [BOE2019] able to deliver broadband communications capability. [BOE2019]
For regulatory reasons, the data communications networks, used for
The data communications networks, used for the transmission of data the transmission of data relating to the safety and regularity of
relating to the safety and regularity of flight, must be strictly flight, must be strictly isolated from those providing entertainment
isolated from those providing entertainment services to passengers. services to passengers. This leads to a situation that the flight
crews are supported by narrowband services during flight while
This leads to a situation that the flight crews are supported by passengers have access to inflight broadband services. The current
narrowband services during flight while passengers have access to HF and VHF data links cannot provide broadband services now or in the
inflight broadband services. The current HF and VHF data links future, due to the lack of available spectrum. This technical
cannot provide broadband services now or in the future, due to the shortcoming is becoming a limitation to enhanced ATM operations, such
lack of available spectrum. This technical shortcoming is becoming a as trajectory-based operations and 4D trajectory negotiations.
limitation to enhanced ATM operations, such as trajectory-based [BOE2019]
operations and 4D trajectory negotiations. [BOE2019]
Satellite-based communications are currently under investigation and Satellite-based communications are currently under investigation and
enhanced capabilities are under development which will be able to enhanced capabilities are under development which will be able to
provide inflight broadband services and communications supporting the provide inflight broadband services and communications supporting the
safety and regularity of flight. In parallel the ground-based safety and regularity of flight. In parallel the ground-based
broadband data link technology LDACS is being standardized by ICAO broadband data link technology LDACS is being standardized by ICAO
and has recently shown its maturity during flight tests [MAE20211] and has recently shown its maturity during flight tests [MAE20211]
[BEL2021]. The LDACS technology is scalable, secure and spectrum [BEL2021]. The LDACS technology is scalable, secure and spectrum
efficient and provides significant advantages to the users and efficient and provides significant advantages to the users and
service providers. It is expected that both - satellite systems and service providers. It is expected that both - satellite systems and
skipping to change at page 8, line 34 skipping to change at page 8, line 37
Plan (GNAP). [BOE2019] Plan (GNAP). [BOE2019]
4. Provenance and Documents 4. Provenance and Documents
The development of LDACS has already made substantial progress in the The development of LDACS has already made substantial progress in the
Single European Sky ATM Research (SESAR) framework and is currently Single European Sky ATM Research (SESAR) framework and is currently
being continued in the follow-up program SESAR2020 [RIH2018]. A key being continued in the follow-up program SESAR2020 [RIH2018]. A key
objective of these activities is to develop, implement and validate a objective of these activities is to develop, implement and validate a
modern aeronautical data link able to evolve with aviation needs over modern aeronautical data link able to evolve with aviation needs over
long-term. To this end, an LDACS specification has been produced long-term. To this end, an LDACS specification has been produced
[GRA2019] and is continuously updated; transmitter demonstrators were [GRA2020] and is continuously updated; transmitter demonstrators were
developed to test the spectrum compatibility of LDACS with legacy developed to test the spectrum compatibility of LDACS with legacy
systems operating in the L-band [SAJ2014]; and the overall system systems operating in the L-band [SAJ2014]; and the overall system
performance was analyzed by computer simulations, indicating that performance was analyzed by computer simulations, indicating that
LDACS can fulfil the identified requirements [GRA2011]. LDACS can fulfil the identified requirements [GRA2011].
Up to now LDACS standardization has been focused on the development Up to now LDACS standardization has been focused on the development
of the physical layer and the data link layer. Only recently have of the physical layer and the data link layer. Only recently have
higher layers have come into the focus of the LDACS development higher layers have come into the focus of the LDACS development
activities. There is currently no "IPv6 over LDACS" specification activities. There is currently no "IPv6 over LDACS" specification
publicly available; however, SESAR2020 has started the testing of publicly available; however, SESAR2020 has started the testing of
skipping to change at page 10, line 13 skipping to change at page 10, line 24
robustness measures [MAE20182] [MAE2021]. robustness measures [MAE20182] [MAE2021].
5.1.3. High Data Rates 5.1.3. High Data Rates
The user data rate of LDACS is 315 kbit/s to 1428 kbit/s on the The user data rate of LDACS is 315 kbit/s to 1428 kbit/s on the
Forward Link (FL) for the Ground-to-Air (G2A) connection, and 294 Forward Link (FL) for the Ground-to-Air (G2A) connection, and 294
kbit/s to 1390 kbit/s on the Reverse Link (RL) for the Air-to-Ground kbit/s to 1390 kbit/s on the Reverse Link (RL) for the Air-to-Ground
(A2G) connection, depending on coding and modulation. This is up to (A2G) connection, depending on coding and modulation. This is up to
two orders of magnitude greater than current terrestrial digital two orders of magnitude greater than current terrestrial digital
aeronautical communications systems, such as the VHF Data Link mode 2 aeronautical communications systems, such as the VHF Data Link mode 2
(VDLm2), provide [ICAO2019] [GRA2019]. (VDLm2), provide [ICAO2019] [GRA2020].
5.2. Application 5.2. Application
LDACS will be used by several aeronautical applications ranging from LDACS will be used by several aeronautical applications ranging from
enhanced communications protocol stacks (multi-homed mobile IPv6 enhanced communications protocol stacks (multi-homed mobile IPv6
networks in the aircraft and potentially ad-hoc networks between networks in the aircraft and potentially ad-hoc networks between
aircraft) to broadcast communication applications (sending Ground aircraft) to broadcast communication applications (sending Ground
Based Augmentation System (GBAS) correction data) and integration Based Augmentation System (GBAS) correction data) and integration
with other service domains (using the communications signal for with other service domains (using the communications signal for
navigation) [MAE20211]. navigation) [MAE20211].
skipping to change at page 12, line 17 skipping to change at page 12, line 28
5.2.4. Business Communications of Airlines 5.2.4. Business Communications of Airlines
In addition to air traffic services, AOC services are transmitted In addition to air traffic services, AOC services are transmitted
over LDACS. AOC is a generic term referring to the business over LDACS. AOC is a generic term referring to the business
communication of airlines, between the airlines and service partners communication of airlines, between the airlines and service partners
on the ground and their own aircraft in the air. Regulatory-wise, on the ground and their own aircraft in the air. Regulatory-wise,
this is considered related to safety and regularity of flight and may this is considered related to safety and regularity of flight and may
therefore be transmitted over LDACS. AOC communication is considered therefore be transmitted over LDACS. AOC communication is considered
the main business case for LDACS communications service providers the main business case for LDACS communications service providers
since modern aircraft generate significant amounts of data (i.e., since modern aircraft generate significant amounts of data (e.g.,
engine maintenance data). engine maintenance data).
5.2.5. LDACS-based Navigation 5.2.5. LDACS-based Navigation
Beyond communications, radio signals can always also be used for Beyond communications, radio signals can always also be used for
navigation. This fact is used for the LDACS navigation concept. navigation. This fact is used for the LDACS navigation concept.
For future aeronautical navigation, ICAO recommends the further For future aeronautical navigation, ICAO recommends the further
development of GNSS based technologies as primary means for development of GNSS based technologies as primary means for
navigation. Due to the large separation between navigational navigation. Due to the large separation between navigational
skipping to change at page 13, line 39 skipping to change at page 13, line 47
applies to the ground network. The avionics networks on the aircraft applies to the ground network. The avionics networks on the aircraft
will likely be heavily modified versions of Ethernet or proprietary. will likely be heavily modified versions of Ethernet or proprietary.
AOC applications currently mostly use the same stack (although some AOC applications currently mostly use the same stack (although some
applications, like the graphical weather service may use the applications, like the graphical weather service may use the
commercial passenger network). This creates capacity problems commercial passenger network). This creates capacity problems
(resulting in excessive amounts of timeouts) since the underlying (resulting in excessive amounts of timeouts) since the underlying
terrestrial data links do not provide sufficient bandwidth (i.e., terrestrial data links do not provide sufficient bandwidth (i.e.,
with VDLm2 currently in the order of 10 kbit/s). The use of non- with VDLm2 currently in the order of 10 kbit/s). The use of non-
aviation specific data links is considered a security problem. aviation specific data links is considered a security problem.
Ideally the aeronautical IP internetwork and the Internet should be Ideally the aeronautical IP internetwork, hence the ATN over which
completely separated. only communications related to safety and regularity of flight is
handled, and the Internet should be completely separated at Layer 3.
The objective of LDACS is to provide a next generation terrestrial The objective of LDACS is to provide a next generation terrestrial
data link designed to support IP addressing and provide much higher data link designed to support IP addressing and provide much higher
bandwidth to avoid the currently experienced operational problems. bandwidth to avoid the currently experienced operational problems.
The requirement for LDACS is therefore to provide a terrestrial high- The requirement for LDACS is therefore to provide a terrestrial high-
throughput data link for IP internetworking in the aircraft. throughput data link for IP internetworking in the aircraft.
In order to fulfil the above requirement LDACS needs to be In order to fulfil the above requirement LDACS needs to be
interoperable with IP (and IP-based services like Voice-over-IP) at interoperable with IP (and IP-based services like Voice-over-IP) at
skipping to change at page 14, line 38 skipping to change at page 14, line 45
LDACS will become one of several wireless access networks connecting LDACS will become one of several wireless access networks connecting
aircraft to the ATN implemented by the FCI. aircraft to the ATN implemented by the FCI.
The current LDACS design is focused on the specification of layer one The current LDACS design is focused on the specification of layer one
and two. However, for the purpose of this work, only layer two and two. However, for the purpose of this work, only layer two
details are discussed here. details are discussed here.
Achieving the stringent continuity, availability, and integrity Achieving the stringent continuity, availability, and integrity
requirements defined in [DO350A] will require the specification of requirements defined in [DO350A] will require the specification of
layer 3 and above mechanisms (e.g. reliable crossover at the IP layer 3 and above mechanisms (e.g. reliable crossover at the IP
layer). Fault management mechanisms are similarly undefined. Input layer). Fault management mechanisms are similarly undefined.
from the working group will be appreciated here.
7.1. LDACS Sub-Network 7.1. LDACS Sub-Network
An LDACS sub-network contains an Access Router (AR) and several GS, An LDACS sub-network contains an Access Router (AR) and several GS,
each of them providing one LDACS radio cell. each of them providing one LDACS radio cell.
User plane interconnection to the ATN is facilitated by the AR User plane interconnection to the ATN is facilitated by the AR
peering with an A/G Router connected to the ATN. peering with an A/G Router connected to the ATN.
The internal control plane of an LDACS sub-network interconnects the The internal control plane of an LDACS sub-network interconnects the
skipping to change at page 18, line 37 skipping to change at page 19, line 16
5. User data itself is communicated in the Data Channel (DCH) on the 5. User data itself is communicated in the Data Channel (DCH) on the
FL and RL. FL and RL.
Access to the FL and RL data channel is granted by the scheduling Access to the FL and RL data channel is granted by the scheduling
mechanism implemented in the LME discussed below. mechanism implemented in the LME discussed below.
7.3.2.3. Voice Interface (VI) Services 7.3.2.3. Voice Interface (VI) Services
The VI provides support for virtual voice circuits. Voice circuits The VI provides support for virtual voice circuits. Voice circuits
may either be set-up permanently by the GS (e.g., to emulate voice may either be set-up permanently by the GS (e.g., to emulate voice
party line) or may be created on demand. The creation and selection party line) or may be created on demand.
of voice circuits is performed.
7.3.2.4. LDACS Management Entity (LME) Services 7.3.2.4. LDACS Management Entity (LME) Services
The mobility management service in the LME provides support for The mobility management service in the LME provides support for
registration and de-registration (cell entry and cell exit), scanning registration and de-registration (cell entry and cell exit), scanning
RF channels of neighboring cells and handover between cells. In RF channels of neighboring cells and handover between cells. In
addition, it manages the addressing of aircraft within cells. addition, it manages the addressing of aircraft within cells.
The resource management service provides link maintenance (power, The resource management service provides link maintenance (power,
frequency and time adjustments), support for adaptive coding and frequency and time adjustments), support for adaptive coding and
skipping to change at page 20, line 36 skipping to change at page 21, line 14
LDACS medium access layer on top of the physical layer uses a static LDACS medium access layer on top of the physical layer uses a static
frame structure to support deterministic timer management. As shown frame structure to support deterministic timer management. As shown
in Figure 3 and Figure 4, LDACS framing structure is based on Super- in Figure 3 and Figure 4, LDACS framing structure is based on Super-
Frames (SF) of 240ms duration corresponding to 2000 OFDM symbols. FL Frames (SF) of 240ms duration corresponding to 2000 OFDM symbols. FL
and RL boundaries are aligned in time (from the GS perspective) and RL boundaries are aligned in time (from the GS perspective)
allowing for deterministic slots for control and data channels. This allowing for deterministic slots for control and data channels. This
initial AS time synchronization and time synchronization maintenance initial AS time synchronization and time synchronization maintenance
is based on observing the synchronization symbol pairs that is based on observing the synchronization symbol pairs that
repetitively occur within the FL stream, being sent by the repetitively occur within the FL stream, being sent by the
controlling GS [GRA2019]. controlling GS [GRA2020].
^ ^
| +------+------------+------------+------------+------------+ | +------+------------+------------+------------+------------+
| FL | BCCH | MF | MF | MF | MF | | FL | BCCH | MF | MF | MF | MF |
F +------+------------+------------+------------+------------+ F +------+------------+------------+------------+------------+
r <---------------- Super-Frame (SF) - 240ms ----------------> r <---------------- Super-Frame (SF) - 240ms ---------------->
e e
q +------+------------+------------+------------+------------+ q +------+------------+------------+------------+------------+
u RL | RACH | MF | MF | MF | MF | u RL | RACH | MF | MF | MF | MF |
e +------+------------+------------+------------+------------+ e +------+------------+------------+------------+------------+
skipping to change at page 22, line 44 skipping to change at page 23, line 6
The protocol used to communicate faults is not defined in the LDACS The protocol used to communicate faults is not defined in the LDACS
specification. It is assumed that vendors would use industry specification. It is assumed that vendors would use industry
standard protocols like the Simple Network Management Protocol or the standard protocols like the Simple Network Management Protocol or the
Network Configuration Protocol, where security permits. Network Configuration Protocol, where security permits.
The LDACS data link layer protocol, running on top of the medium The LDACS data link layer protocol, running on top of the medium
access sub-layer, uses ARQ to provide reliable data transmission on access sub-layer, uses ARQ to provide reliable data transmission on
the data channel. the data channel.
It employs selective repeat ARQ with transparent fragmentation and It employs selective repeat ARQ with transparent fragmentation and
reassembly to the resource allocation size to achieve low latency and reassembly to the resource allocation size to minimize latency and
a low overhead without losing reliability. It ensures correct order overhead without losing reliability. It ensures correct order of
of packet delivery without duplicates. In case of transmission packet delivery without duplicates. In case of transmission errors,
errors, it identifies lost fragments with deterministic timers synced it identifies lost fragments with deterministic timers synced to the
to the medium access frame structure and initiates retransmission. medium access frame structure and initiates retransmission.
8.3. Beyond Layer 2 8.3. Beyond Layer 2
LDACS availability can be increased by appropriately deploying LDACS LDACS availability can be increased by appropriately deploying LDACS
infrastructure: This means proliferating the number of terrestrial infrastructure: This means proliferating the number of terrestrial
ground stations. However, the scarcity of aeronautical spectrum for ground stations. However, the scarcity of aeronautical spectrum for
data link communication (in the case of LDACS: tens of MHz in the data link communication (in the case of LDACS: tens of MHz in the
L-band) and the long range (in the case of LDACS: up to 200 nautical L-band) and the long range (in the case of LDACS: up to 200 nautical
miles) make this quite hard. The deployment of a larger number of miles) make this quite hard. While the deployment of a larger number
small cells is certainly possible, suffers, however, also from the of small cells is one possible solution, this also suffers from the
scarcity of spectrum. An additional constraint to consider, is that spectrum scarcity. An additional constraint to consider, is that
Distance Measuring Equipment (DME) is the primary user of the Distance Measuring Equipment (DME) is the primary user of the
aeronautical L-band. That is, any LDACS deployment has to take DME aeronautical L-band. That is, any LDACS deployment has to take DME
frequency planning into account. frequency planning into account.
The aeronautical community has therefore decided not to rely on a The aeronautical community has therefore decided not to rely on a
single communication system or frequency band. It is envisioned to single communication system or frequency band. It is envisioned to
have multiple independent data link technologies in the aircraft have multiple independent data link technologies in the aircraft
(e.g., terrestrial and satellite communications) in addition to (e.g., terrestrial and satellite communications) in addition to
legacy VHF voice. legacy VHF voice.
However, as of now, no reliability and availability mechanisms that However, as of now, no reliability and availability mechanisms that
could utilize the multi-link architecture, have been specified on could utilize the multi-link architecture, have been specified on
Layer 3 and above. Even if LDACS has been designed for reliability, Layer 3 and above. Even if LDACS has been designed for reliability,
the wireless medium presents significant challenges to achieve the wireless medium presents significant challenges to achieve
deterministic properties such as low packet error rate, bounded deterministic properties such as low packet error rate, bounded
consecutive losses, and bounded latency. Support for high consecutive losses, and bounded latency. Support for high
reliability and availability for IP connectivity over LDACS is reliability and availability for IP connectivity over LDACS is
therefore, highly desirable, needs, however, to be adapted to the certainly highly desirable but needs to be adapted to the specific
specific use case. use case.
9. Security 9. Security
ICAO Doc 9896 foresees transport layer security [ICAO2015] for all ICAO Doc 9896 foresees transport layer security [ICAO2015] for all
aeronautical data as described in ARINC P858 [ARI2021], most likely aeronautical data as described in ARINC P858 [ARI2021], most likely
realized via Datagram Transport Layer Security (DTLS) [RFC6012] realized via Datagram Transport Layer Security (DTLS) [RFC6012]
[RFC6347]. [RFC6347].
LDACS also needs to comply with in-depth security requirements, LDACS also needs to comply with in-depth security requirements,
stated in P858, for the radio access technologies transporting ATN/ stated in P858, for the radio access technologies transporting ATN/
skipping to change at page 24, line 40 skipping to change at page 24, line 40
Most CNS technology developed in ICAO relies on open standards, thus Most CNS technology developed in ICAO relies on open standards, thus
syntax and semantics of wireless digital aeronautical communications syntax and semantics of wireless digital aeronautical communications
should be expected to be common knowledge for attackers. With should be expected to be common knowledge for attackers. With
increased digitization and automation of civil aviation, the human as increased digitization and automation of civil aviation, the human as
control instance, is being taken gradually out of the loop. control instance, is being taken gradually out of the loop.
Autonomous transport drones or single piloted aircraft demonstrate Autonomous transport drones or single piloted aircraft demonstrate
this trend. However, without profound cybersecurity measures such as this trend. However, without profound cybersecurity measures such as
authenticity and integrity checks of messages in-transit on the authenticity and integrity checks of messages in-transit on the
wireless link or mutual entity authentication, this lack of a control wireless link or mutual entity authentication, this lack of a control
instance can prove disastrous. Thus, future digital communications instance can prove disastrous. Thus, future digital communications
waveforms will need additional embedded security features to fulfill will need additional embedded security features to fulfill modern
modern information security requirements like authentication and information security requirements like authentication and integrity.
integrity. These security features require sufficient bandwidth These security features require sufficient bandwidth which is beyond
which is beyond the capabilities of currently deployed VHF narrowband the capabilities of currently deployed VHF narrowband communications
communications systems. For voice and data communications, systems. For voice and data communications, sufficient data
sufficient data throughput capability is needed to support the throughput capability is needed to support the security functions
security functions while not degrading performance. LDACS is a data while not degrading performance. LDACS is a data link technology
link technology with sufficient bandwidth to incorporate security with sufficient bandwidth to incorporate security without losing too
without losing too much user data throughput. much user data throughput.
9.2. LDACS Requirements 9.2. LDACS Requirements
Overall, there are several business goals for cybersecurity to Overall, there are several business goals for cybersecurity to
protect, within the FCI in civil aviation: protect, within the FCI in civil aviation:
1. Safety: The system must sufficiently mitigate attacks, which 1. Safety: The system must sufficiently mitigate attacks, which
contribute to safety hazards. contribute to safety hazards.
2. Flight regularity: The system must sufficiently mitigate attacks, 2. Flight regularity: The system must sufficiently mitigate attacks,
which contribute to delays, diversions, or cancellations of which contribute to delays, diversions, or cancellations of
skipping to change at page 26, line 36 skipping to change at page 26, line 36
found in [ICA2018] and [MAE20182] and respective updates in found in [ICA2018] and [MAE20182] and respective updates in
[MAE20191], [MAE20192], [MAE2020], and most recently [MAE2021]. [MAE20191], [MAE20192], [MAE2020], and most recently [MAE2021].
9.5.1. Entities 9.5.1. Entities
A simplified LDACS architectural model requires the following A simplified LDACS architectural model requires the following
entities: Network operators such as the Societe Internationale de entities: Network operators such as the Societe Internationale de
Telecommunications Aeronautiques (SITA) [SIT2020] and ARINC [ARI2020] Telecommunications Aeronautiques (SITA) [SIT2020] and ARINC [ARI2020]
are providing access to the ground IPS network via an A/G LDACS are providing access to the ground IPS network via an A/G LDACS
router. This router is attached to a closed off LDACS access router. This router is attached to a closed off LDACS access
network, which connects via further (access routers to the different network, which connects via further access routers to the different
LDACS cell ranges, each controlled by a GS (serving one LDACS cell), LDACS cell ranges, each controlled by a GS (serving one LDACS cell),
with several interconnected GS spanning a local LDACS access network. with several interconnected GS spanning a local LDACS access network.
Via the A/G wireless LDACS data link AS the aircraft is connected to Via the A/G wireless LDACS data link AS the aircraft is connected to
the ground network and via the aircraft's VI and aircraft's network the ground network and via the aircraft's VI and aircraft's network
interface, aircraft's data can be sent via the AS back to the GS, interface, aircraft's data can be sent via the AS back to the GS,
then to the LDACS local access network, access routers, LDACS access then to the LDACS local access network, access routers, LDACS access
network, A/G LDACS router and finally to the ground IPS network network, A/G LDACS router and finally to the ground IPS network
[ICAO2015]. [ICAO2015].
9.5.2. Entity Identification 9.5.2. Entity Identification
skipping to change at page 27, line 40 skipping to change at page 27, line 40
certificate's content. First, all ground infrastructures must certificate's content. First, all ground infrastructures must
mutually authenticate to each other, negotiate and derive keys and, mutually authenticate to each other, negotiate and derive keys and,
thus, secure all ground connections. How this process is handled in thus, secure all ground connections. How this process is handled in
detail is still an ongoing discussion. However, established methods detail is still an ongoing discussion. However, established methods
to secure user plane by IPSec [RFC4301] and IKEv2 [RFC7296] or the to secure user plane by IPSec [RFC4301] and IKEv2 [RFC7296] or the
application layer via TLS 1.3 [RFC8446] are conceivable. The LDACS application layer via TLS 1.3 [RFC8446] are conceivable. The LDACS
PKI with their chain-of-trust approach, digital certificates and PKI with their chain-of-trust approach, digital certificates and
public entity keys lay the groundwork for this step. In a second public entity keys lay the groundwork for this step. In a second
step, the AS with the LDACS radio aboard, approaches an LDACS cell step, the AS with the LDACS radio aboard, approaches an LDACS cell
and performs a cell-attachment procedure with the corresponding GS. and performs a cell-attachment procedure with the corresponding GS.
This procedure consists of (1) the basic cell entry [GRA2019] and (2) This procedure consists of (1) the basic cell entry [GRA2020] and (2)
a Mutual Authentication and Key Establishment (MAKE) procedure a Mutual Authentication and Key Establishment (MAKE) procedure
[MAE2021]. [MAE2021].
Note, that LDACS will foresee multiple security levels. To address Note, that LDACS will foresee multiple security levels. To address
the issue of the long service life of LDACS (i.e., possibly >30 the issue of the long service life of LDACS (i.e., possibly >30
years) and the security of current pre-quantum cryptography, these years) and the security of current pre-quantum cryptography, these
security levels include pre- and post-quantum cryptographic security levels include pre- and post-quantum cryptographic
solutions. Limiting security data on the LDACS datalink as much as solutions. Limiting security data on the LDACS datalink as much as
possible, to reserve as much space for actual user data transmission, possible, to reserve as much space for actual user data transmission,
is key in the LDACS security architecture, this is also reflected in is key in the LDACS security architecture, this is also reflected in
skipping to change at page 28, line 17 skipping to change at page 28, line 17
9.5.4. Message-in-transit Confidentiality, Integrity and Authenticity 9.5.4. Message-in-transit Confidentiality, Integrity and Authenticity
The key material from the previous step can then be used to protect The key material from the previous step can then be used to protect
LDACS Layer 2 communications via applying encryption and integrity LDACS Layer 2 communications via applying encryption and integrity
protection measures on the SNP layer of the LDACS protocol stack. As protection measures on the SNP layer of the LDACS protocol stack. As
LDACS transports AOC and ATS data, the integrity of that data is most LDACS transports AOC and ATS data, the integrity of that data is most
important, while confidentiality only needs to be applied to AOC data important, while confidentiality only needs to be applied to AOC data
to protect business interests [ICA2018]. This possibility of to protect business interests [ICA2018]. This possibility of
providing low layered confidentiality and integrity protection providing low layered confidentiality and integrity protection
ensures a secure delivery of user data over the air gap. ensures a secure delivery of user data over the wireless link.
Furthermore, it ensures integrity protection of LDACS control data. Furthermore, it ensures integrity protection of LDACS control data.
10. IANA Considerations 10. IANA Considerations
This memo includes no request to IANA. This memo includes no request to IANA.
11. Acknowledgements 11. Acknowledgements
Thanks to all contributors to the development of LDACS and ICAO PT-T. Thanks to all contributors to the development of LDACS and ICAO PT-T.
skipping to change at page 28, line 46 skipping to change at page 28, line 46
industry and potential economic spillovers. industry and potential economic spillovers.
Thanks to the Aeronautical Communications group at the Institute of Thanks to the Aeronautical Communications group at the Institute of
Communications and Navigation of the German Aerospace Center (DLR). Communications and Navigation of the German Aerospace Center (DLR).
With that, the authors would like to explicitly thank Miguel Angel With that, the authors would like to explicitly thank Miguel Angel
Bellido-Manganell and Lukas Marcel Schalk for their thorough Bellido-Manganell and Lukas Marcel Schalk for their thorough
feedback. feedback.
12. Normative References 12. Normative References
[GRA2019] Graeupl, T., Rihacek, C., and B. Haindl, "LDACS A/G
Specification", SESAR2020 PJ14-02-01 D3.3.030 , 2019.
[ICAO2015] International Civil Aviation Organization (ICAO), "Manual
on the Aeronautical Telecommunication Network (ATN) using
Internet Protocol Suite (IPS) Standards and Protocols, Doc
9896", January 2015,
<https://standards.globalspec.com/std/10026940/icao-9896>.
[RTCA2019] Radio Technical Commission for Aeronautics (RTCA),
"Internet Protocol Suite Profiles, DO-379", September
2019, <https://www.rtca.org/products/do-379/>.
[EURO2019] European Organization for Civil Aviation Equipment
(EUROCAE), "Technical Standard of Aviation Profiles for
ATN/IPS, ED-262", September 2019,
<https://eshop.eurocae.net/eurocae-documents-and-reports/
ed-262/>.
[ARI2021] ARINC, "Internet Protocol Suite (IPS) For Aeronautical
Safety Services Part 1- Airborne IP System Technical
Requirements, ARINC SPECIFICATION 858 P1", June 2021,
<https://standards.globalspec.com/std/14391274/858p1>.
13. Informative References 13. Informative References
[RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with
CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September
2003, <https://www.rfc-editor.org/info/rfc3610>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, DOI 10.17487/RFC4291, February Architecture", RFC 4291, DOI 10.17487/RFC4291, February
2006, <https://www.rfc-editor.org/info/rfc4291>. 2006, <https://www.rfc-editor.org/info/rfc4291>.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the [RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
December 2005, <https://www.rfc-editor.org/info/rfc4301>. December 2005, <https://www.rfc-editor.org/info/rfc4301>.
[RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The
AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June
2006, <https://www.rfc-editor.org/info/rfc4493>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
<https://www.rfc-editor.org/info/rfc5280>.
[RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand
Key Derivation Function (HKDF)", RFC 5869,
DOI 10.17487/RFC5869, May 2010,
<https://www.rfc-editor.org/info/rfc5869>.
[RFC6012] Salowey, J., Petch, T., Gerhards, R., and H. Feng, [RFC6012] Salowey, J., Petch, T., Gerhards, R., and H. Feng,
"Datagram Transport Layer Security (DTLS) Transport "Datagram Transport Layer Security (DTLS) Transport
Mapping for Syslog", RFC 6012, DOI 10.17487/RFC6012, Mapping for Syslog", RFC 6012, DOI 10.17487/RFC6012,
October 2010, <https://www.rfc-editor.org/info/rfc6012>. October 2010, <https://www.rfc-editor.org/info/rfc6012>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347,
January 2012, <https://www.rfc-editor.org/info/rfc6347>. January 2012, <https://www.rfc-editor.org/info/rfc6347>.
[RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6 [RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6
Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136, Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136,
February 2014, <https://www.rfc-editor.org/info/rfc7136>. February 2014, <https://www.rfc-editor.org/info/rfc7136>.
[RFC7236] Reschke, J., "Initial Hypertext Transfer Protocol (HTTP)
Authentication Scheme Registrations", RFC 7236,
DOI 10.17487/RFC7236, June 2014,
<https://www.rfc-editor.org/info/rfc7236>.
[RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T.
Kivinen, "Internet Key Exchange Protocol Version 2 Kivinen, "Internet Key Exchange Protocol Version 2
(IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October
2014, <https://www.rfc-editor.org/info/rfc7296>. 2014, <https://www.rfc-editor.org/info/rfc7296>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[GRA2020] Graeupl, T., Rihacek, C., and B. Haindl, "LDACS A/G
Specification", SESAR2020 PJ14-02-01 D3.3.030 , 2020,
<https://www.ldacs.com/wp-content/uploads/2013/12/SESAR202
0_PJ14-W2-60_D3_1_210_Initial_LDACS_AG_Specification_00_01
_00-1_0_updated.pdf>.
[ARI2021] ARINC, "Internet Protocol Suite (IPS) For Aeronautical
Safety Services Part 1- Airborne IP System Technical
Requirements, ARINC SPECIFICATION 858 P1", June 2021,
<https://standards.globalspec.com/std/14391274/858p1>.
[EURO2019] European Organization for Civil Aviation Equipment
(EUROCAE), "Technical Standard of Aviation Profiles for
ATN/IPS, ED-262", September 2019,
<https://eshop.eurocae.net/eurocae-documents-and-reports/
ed-262/>.
[ICAO2015] International Civil Aviation Organization (ICAO), "Manual
on the Aeronautical Telecommunication Network (ATN) using
Internet Protocol Suite (IPS) Standards and Protocols, Doc
9896", January 2015,
<https://standards.globalspec.com/std/10026940/icao-9896>.
[RTCA2019] Radio Technical Commission for Aeronautics (RTCA),
"Internet Protocol Suite Profiles, DO-379", September
2019, <https://www.rtca.org/products/do-379/>.
[SCH2016] Schneckenburger, N., Jost, T., Shutin, D., Walter, M., [SCH2016] Schneckenburger, N., Jost, T., Shutin, D., Walter, M.,
Thiasiriphet, T., Schnell, M., and U.C. Fiebig, Thiasiriphet, T., Schnell, M., and U.C. Fiebig,
"Measurement of the L-band Air-to-Ground Channel for "Measurement of the L-band Air-to-Ground Channel for
Positioning Applications", IEEE Transactions on Aerospace Positioning Applications", IEEE Transactions on Aerospace
and Electronic Systems, 52(5), pp.2281-229 , 2016. and Electronic Systems, 52(5), pp.2281-229 , 2016.
[MAE20191] Maeurer, N., Graeupl, T., and C. Schmitt, "Evaluation of [MAE20191] Maeurer, N., Graeupl, T., and C. Schmitt, "Evaluation of
the LDACS Cybersecurity Implementation", IEEE 38th Digital the LDACS Cybersecurity Implementation", IEEE 38th Digital
Avionics Systems Conference (DACS), pp. 1-10, San Diego, Avionics Systems Conference (DACS), pp. 1-10, San Diego,
CA, USA , 2019. CA, USA , 2019.
[MAE20192] Maeurer, N. and C. Schmitt, "Towards Successful [MAE20192] Maeurer, N. and C. Schmitt, "Towards Successful
Realization of the LDACS Cybersecurity Architecture: An Realization of the LDACS Cybersecurity Architecture: An
Updated Datalink Security Threat- and Risk Analysis", IEEE Updated Datalink Security Threat- and Risk Analysis", IEEE
Integrated Communications, Navigation and Surveillance Integrated Communications, Navigation and Surveillance
Conference (ICNS), pp. 1-13, Herndon, VA, USA , 2019. Conference (ICNS), pp. 1-13, Herndon, VA, USA , 2019.
[FAN2019] Pierattelli, S., Fantappie, P., Tamalet, S., van den
Einden, B., Rihacek, C., and T. Graeupl, "LDACS Deployment
Options and Recommendations", SESAR2020 PJ14-02-01
D3.4.020 , 2019.
[MAE20182] Maeurer, N. and A. Bilzhause, "A Cybersecurity [MAE20182] Maeurer, N. and A. Bilzhause, "A Cybersecurity
Architecture for the L-band Digital Aeronautical Architecture for the L-band Digital Aeronautical
Communications System (LDACS)", IEEE 37th Digital Avionics Communications System (LDACS)", IEEE 37th Digital Avionics
Systems Conference (DASC), pp. 1-10, London, UK , 2017. Systems Conference (DASC), pp. 1-10, London, UK , 2017.
[GRA2011] Graeupl, T. and M. Ehammer, "L-DACS1 Data Link Layer [GRA2011] Graeupl, T. and M. Ehammer, "L-DACS1 Data Link Layer
Evolution of ATN/IPS", 30th IEEE/AIAA Digital Avionics Evolution of ATN/IPS", 30th IEEE/AIAA Digital Avionics
Systems Conference (DASC), pp. 1-28, Seattle, WA, USA , Systems Conference (DASC), pp. 1-28, Seattle, WA, USA ,
2011. 2011.
skipping to change at page 32, line 5 skipping to change at page 31, line 23
Aeronautical Communications System (LDACS) Activities in Aeronautical Communications System (LDACS) Activities in
SESAR2020", Integrated Communications Navigation and SESAR2020", Integrated Communications Navigation and
Surveillance Conference (ICNS), pp. 1-8, Herndon, VA, Surveillance Conference (ICNS), pp. 1-8, Herndon, VA,
USA , 2018. USA , 2018.
[BEL2019] Bellido-Manganell, M. A. and M. Schnell, "Towards Modern [BEL2019] Bellido-Manganell, M. A. and M. Schnell, "Towards Modern
Air-to-Air Communications: the LDACS A2A Mode", IEEE/AIAA Air-to-Air Communications: the LDACS A2A Mode", IEEE/AIAA
38th Digital Avionics Systems Conference (DASC), pp. 1-10, 38th Digital Avionics Systems Conference (DASC), pp. 1-10,
San Diego, CA, USA , 2019. San Diego, CA, USA , 2019.
[TS33.401] Zhang, D., "3GPP System Architecture Evolution (SAE);
Security architecture", T33.401, 3GPP , 2012.
[CRO2016] Crowe, B., "Proposed AeroMACS PKI Specification is a Model [CRO2016] Crowe, B., "Proposed AeroMACS PKI Specification is a Model
for Global and National Aeronautical PKI Deployments", for Global and National Aeronautical PKI Deployments",
WiMAX Forum at 16th Integrated Communications, Navigation WiMAX Forum at 16th Integrated Communications, Navigation
and Surveillance Conference (ICNS), pp. 1-19, New York, and Surveillance Conference (ICNS), pp. 1-19, New York,
NY, USA , 2016. NY, USA , 2016.
[MAE2020] Maeurer, N., Graeupl, T., and C. Schmitt, "Comparing [MAE2020] Maeurer, N., Graeupl, T., and C. Schmitt, "Comparing
Different Diffie-Hellman Key Exchange Flavors for LDACS", Different Diffie-Hellman Key Exchange Flavors for LDACS",
IEEE/AIAA 39th Digital Avionics Systems Conference (DASC), IEEE/AIAA 39th Digital Avionics Systems Conference (DASC),
pp. 1-10, San Antonio, TX, USA , 2020. pp. 1-10, San Antonio, TX, USA , 2020.
skipping to change at page 33, line 25 skipping to change at page 32, line 38
[KAMA2010] Kamali, B., "An Overview of VHF Civil Radio Network and [KAMA2010] Kamali, B., "An Overview of VHF Civil Radio Network and
the Resolution of Spectrum Depletion", Integrated the Resolution of Spectrum Depletion", Integrated
Communications, Navigation, and Surveillance Conference, Communications, Navigation, and Surveillance Conference,
pp. F4-1-F4-8 , May 2010. pp. F4-1-F4-8 , May 2010.
[SON2021] Soni, D., Basu, K., Nabeel, M., Aaraj, N., Manzano, M., [SON2021] Soni, D., Basu, K., Nabeel, M., Aaraj, N., Manzano, M.,
and R. Karri, "FALCON", Hardware Architectures for Post- and R. Karri, "FALCON", Hardware Architectures for Post-
Quantum Digital Signature Schemes, pp. 31-41 , November Quantum Digital Signature Schemes, pp. 31-41 , November
2021. 2021.
[KOB1987] Koblitz, N. and M. Hellman, "Elliptic Curve
Cryptosystems", Mathematics of Computation,
48(177):203-209. , January 1987.
[SIK2021] SIKE, "SIKE – Supersingular Isogeny Key Encapsulation", [SIK2021] SIKE, "SIKE – Supersingular Isogeny Key Encapsulation",
October 2021, <https://sike.org/>. October 2021, <https://sike.org/>.
[ROY2020] Roy, S.S.. and A. Basso, "High-Speed Instruction-Set [ROY2020] Roy, S.S.. and A. Basso, "High-Speed Instruction-Set
Coprocessor For Lattice-Based Key Encapsulation Mechanism: Coprocessor For Lattice-Based Key Encapsulation Mechanism:
Saber In Hardware", IACR Transactions on Cryptographic Saber In Hardware", IACR Transactions on Cryptographic
Hardware and Embedded Systems, 443-466. , August 2020. Hardware and Embedded Systems, 443-466. , August 2020.
[RAW-TECHNOS] [RAW-TECHNOS]
Thubert, P., Cavalcanti, D., Vilajosana, X., Schmitt, C., Thubert, P., Cavalcanti, D., Vilajosana, X., Schmitt, C.,
and J. Farkas, "Reliable and Available Wireless and J. Farkas, "Reliable and Available Wireless
Technologies", Work in Progress, Internet-Draft, draft- Technologies", Work in Progress, Internet-Draft, draft-
ietf-raw-technologies-04, 3 August 2021, ietf-raw-technologies-05, 2 February 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-raw- <https://datatracker.ietf.org/doc/html/draft-ietf-raw-
technologies-04>. technologies-05>.
[RAW-USE-CASES] [RAW-USE-CASES]
Papadopoulos, G. Z., Thubert, P., Theoleyre, F., and C. J. Bernardos, C. J., Papadopoulos, G. Z., Thubert, P., and F.
Bernardos, "RAW use cases", Work in Progress, Internet- Theoleyre, "RAW use-cases", Work in Progress, Internet-
Draft, draft-ietf-raw-use-cases-03, 20 October 2021, Draft, draft-ietf-raw-use-cases-05, 23 February 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-raw-use- <https://datatracker.ietf.org/doc/html/draft-ietf-raw-use-
cases-03>. cases-05>.
[I-D.haindl-lisp-gb-atn] [I-D.haindl-lisp-gb-atn]
Haindl, B., Lindner, M., Rahman, R., Comeras, M. P., Haindl, B., Lindner, M., Rahman, R., Comeras, M. P.,
Moreno, V., Maino, F., and B. Venkatachalapathy, "Ground- Moreno, V., Maino, F., and B. Venkatachalapathy, "Ground-
Based LISP for the Aeronautical Telecommunications Based LISP for the Aeronautical Telecommunications
Network", Work in Progress, Internet-Draft, draft-haindl- Network", Work in Progress, Internet-Draft, draft-haindl-
lisp-gb-atn-06, 6 March 2021, lisp-gb-atn-06, 6 March 2021,
<https://datatracker.ietf.org/doc/html/draft-haindl-lisp- <https://datatracker.ietf.org/doc/html/draft-haindl-lisp-
gb-atn-06>. gb-atn-06>.
[I-D.ietf-rtgwg-atn-bgp] [I-D.ietf-rtgwg-atn-bgp]
Templin, F. L., Saccone, G., Dawra, G., Lindem, A., and V. Templin, F. L., Saccone, G., Dawra, G., Lindem, A., and V.
Moreno, "A Simple BGP-based Mobile Routing System for the Moreno, "A Simple BGP-based Mobile Routing System for the
Aeronautical Telecommunications Network", Work in Aeronautical Telecommunications Network", Work in
Progress, Internet-Draft, draft-ietf-rtgwg-atn-bgp-11, 6 Progress, Internet-Draft, draft-ietf-rtgwg-atn-bgp-14, 14
July 2021, <https://datatracker.ietf.org/doc/html/draft- February 2022, <https://datatracker.ietf.org/doc/html/
ietf-rtgwg-atn-bgp-11>. draft-ietf-rtgwg-atn-bgp-14>.
[ICAO2018] International Civil Aviation Organization (ICAO), [ICAO2018] International Civil Aviation Organization (ICAO),
"Handbook on Radio Frequency Spectrum Requirements for "Handbook on Radio Frequency Spectrum Requirements for
Civil Aviation, Doc 9718, Volume 1, ICAO Spectrum Civil Aviation, Doc 9718, Volume 1, ICAO Spectrum
Strategy, Policy Statements and Related Information", July Strategy, Policy Statements and Related Information", July
2018, <https://www.icao.int/safety/FSMP/Documents/Doc9718/ 2018, <https://www.icao.int/safety/FSMP/Documents/Doc9718/
Doc9718_Vol_I_2nd_ed_(2018)corr1.pdf>. Doc9718_Vol_I_2nd_ed_(2018)corr1.pdf>.
[EURO2021] European Organization for Civil Aviation Equipment
(EUROCAE), "Radio Frequency Function 2020 report", March
2021, <https://www.eurocontrol.int/>.
[ARI2019] ARINC, "AOC Air-Ground Data And Message Exchange Format, [ARI2019] ARINC, "AOC Air-Ground Data And Message Exchange Format,
ARINC 633", January 2019, ARINC 633", January 2019,
<https://standards.globalspec.com/std/13152055/ <https://standards.globalspec.com/std/13152055/
ARINC%20633>. ARINC%20633>.
[VIR2021] Virdia, A., Stea, G., and G. Dini, "SAPIENT: Enabling [VIR2021] Virdia, A., Stea, G., and G. Dini, "SAPIENT: Enabling
Real-Time Monitoring and Control in the Future Real-Time Monitoring and Control in the Future
Communication Infrastructure of Air Traffic Management", Communication Infrastructure of Air Traffic Management",
IEEE Transactions on Intelligent Transportation Systems, IEEE Transactions on Intelligent Transportation Systems,
22(8):4864-4875 , August 2021. 22(8):4864-4875 , August 2021.
skipping to change at page 36, line 20 skipping to change at page 35, line 20
+------------------------+-------------+-------------+ +------------------------+-------------+-------------+
| Continuity | 0.999 | 0.95 | | Continuity | 0.999 | 0.95 |
+------------------------+-------------+-------------+ +------------------------+-------------+-------------+
| Availability | 0.989 | 0.989 | | Availability | 0.989 | 0.989 |
+------------------------+-------------+-------------+ +------------------------+-------------+-------------+
| Integrity | 1E-5 per FH | 1E-5 per FH | | Integrity | 1E-5 per FH | 1E-5 per FH |
+------------------------+-------------+-------------+ +------------------------+-------------+-------------+
Table 1: CPDLC Requirements for RCP 130 Table 1: CPDLC Requirements for RCP 130
+==============+==========+==============+=========+=========+ +========================+=========+=========+=========+=========+
| | RCP 240 | RCP 240 | RCP 400 | RCP 400 | | | RCP 240 | RCP 240 | RCP 400 | RCP 400 |
+==============+==========+==============+=========+=========+ +========================+=========+=========+=========+=========+
| Parameter | ET | TT95% | ET | TT95% | | Parameter | ET | TT95% | ET | TT95% |
+--------------+----------+--------------+---------+---------+ +------------------------+---------+---------+---------+---------+
| Transaction | 240 | 210 | 400 | 350 | | Transaction Time (sec) | 240 | 210 | 400 | 350 |
| Time (sec) | | | | | +------------------------+---------+---------+---------+---------+
+--------------+----------+--------------+---------+---------+ | Continuity | 0.999 | 0.95 | 0.999 | 0.95 |
| Continuity | 0.999 | 0.95 | 0.999 | 0.95 | +------------------------+---------+---------+---------+---------+
+--------------+----------+--------------+---------+---------+ | Availability | 0.989 | 0.989 | 0.989 | 0.989 |
| Availability | 0.989 | 0.989 | 0.989 | 0.989 | +------------------------+---------+---------+---------+---------+
| | (safety) | (efficiency) | | | | Integrity | 1E-5 | 1E-5 | 1E-5 | 1E-5 |
+--------------+----------+--------------+---------+---------+ | | per FH | per FH | per FH | per FH |
| Integrity | 1E-5 per | 1E-5 per FH | 1E-5 | 1E-5 | +------------------------+---------+---------+---------+---------+
| | FH | | per FH | per FH |
+--------------+----------+--------------+---------+---------+
Table 2: CPDLC Requirements for RCP 240/400 Table 2: CPDLC Requirements for RCP 240/400
RCP Monitoring and Alerting Criteria in case of CPDLC: RCP Monitoring and Alerting Criteria in case of CPDLC:
- MA-1: The system shall be capable of detecting failures and - MA-1: The system shall be capable of detecting failures and
configuration changes that would cause the communication service configuration changes that would cause the communication service
no longer meet the RCP specification for the intended use. no longer meet the RCP specification for the intended use.
- MA-2: When the communication service can no longer meet the RCP - MA-2: When the communication service can no longer meet the RCP
specification for the intended function, the flight crew and/or specification for the intended function, the flight crew and/or
the controller shall take appropriate action. the controller shall take appropriate action.
+==============+=====+=====+==========+==============+======+=======+ +==============+========+========+========+========+========+=======+
| | RSP | RSP | RSP 180 | RSP 180 | RSP |RSP 400| | | RSP | RSP | RSP | RSP | RSP | RSP |
| | 160 | 160 | | | 400 | | | | 160 | 160 | 180 | 180 | 400 | 400 |
+==============+=====+=====+==========+==============+======+=======+ +==============+========+========+========+========+========+=======+
| Parameter | OT |DT95%| OT | DT95% | OT | DT95% | | Parameter | OT | DT95% | OT | DT95% | OT | DT95% |
+--------------+-----+-----+----------+--------------+------+-------+ +--------------+--------+--------+--------+--------+--------+-------+
| Transaction | 160 | 90 | 180 | 90 | 400 | 300 | | Transaction | 160 | 90 | 180 | 90 | 400 | 300 |
| Time (sec) | | | | | | | | Time (sec) | | | | | | |
+--------------+-----+-----+----------+--------------+------+-------+ +--------------+--------+--------+--------+--------+--------+-------+
| Continuity |0.999| 0.95| 0.999 | 0.95 |0.999 | 0.95 | | Continuity | 0.999 | 0.95 | 0.999 | 0.95 | 0.999 | 0.95 |
+--------------+-----+-----+----------+--------------+------+-------+ +--------------+--------+--------+--------+--------+--------+-------+
| Availability |0.989|0.989| 0.989 | 0.989 |0.989 | 0.989 | | Availability | 0.989 | 0.989 | 0.989 | 0.989 | 0.989 | 0.989 |
| | | | (safety) | (efficiency) | | | +--------------+--------+--------+--------+--------+--------+-------+
+--------------+-----+-----+----------+--------------+------+-------+ | Integrity | 1E-5 | 1E-5 | 1E-5 | 1E-5 | 1E-5 | 1E-5 |
| Integrity | 1E-5| 1E-5| 1E-5 per | 1E-5 per FH | 1E-5 | 1E-5 | | | per FH | per FH | per FH | per FH | per | per |
| | per | per | FH | |per FH| per FH| | | | | | | FH | FH |
| | FH | FH | | | | | +--------------+--------+--------+--------+--------+--------+-------+
+--------------+-----+-----+----------+--------------+------+-------+
Table 3: ADS-C Requirements Table 3: ADS-C Requirements
RCP Monitoring and Alerting Criteria: RCP Monitoring and Alerting Criteria:
- MA-1: The system shall be capable of detecting failures and - MA-1: The system shall be capable of detecting failures and
configuration changes that would cause the ADS-C service no longer configuration changes that would cause the ADS-C service no longer
meet the RSP specification for the intended function. meet the RSP specification for the intended function.
- MA-2: When the ADS-C service can no longer meet the RSP - MA-2: When the ADS-C service can no longer meet the RSP
specification for the intended function, the flight crew and/or specification for the intended function, the flight crew and/or
 End of changes. 46 change blocks. 
181 lines changed or deleted 142 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/