VansAirForceForums  
Home > VansAirForceForums

- POSTING RULES
- Donate yearly (please).
- Advertise in here!

- Today's Posts | Insert Pics


Go Back   VAF Forums > Avionics / Interiors / Fiberglass > ADS-B
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Search this Thread Display Modes
  #21  
Old 05-23-2013, 06:25 PM
Snowflake's Avatar
Snowflake Snowflake is offline
 
Join Date: Oct 2009
Location: Victoria, BC, Canada
Posts: 3,674
Default

Quote:
Originally Posted by Brantel View Post
Pretty cool stuff but it is scary. If I can do this for a hobby, what prevents some terrorist from doing it and sticking one of these things on the nose of a missle?
Really? The better solution would be to put a GPS in the nose of a missile. Let's hope this technology stays open and free rather than closed by big companies looking to make a buck off it instead.
__________________
Rob Prior
1996 RV-6 "Tweety" C-FRBP (formerly N196RV)
Reply With Quote
  #22  
Old 05-23-2013, 06:31 PM
Brantel's Avatar
Brantel Brantel is offline
 
Join Date: Mar 2006
Location: Newport, TN
Posts: 7,472
Default

Quote:
Originally Posted by Snowflake View Post
Really? The better solution would be to put a GPS in the nose of a missile. Let's hope this technology stays open and free rather than closed by big companies looking to make a buck off it instead.
A GPS only gives the bad guys the position, speed etc. of their own vehicle. This technology could give their vehicle guidance and the ability to lock on to a specific target and from a really long distance. I have picked up targets well over 100 miles away even with this crappy antenna that came with the radio.

There are people right here on this forum today with the skills to write the code to pull this off.

Many folks in the Software/IT/Security business have been screaming that ADS-B is a nighmare waiting to happen and this pretty much shows you how easy it would be to exploit.

The FAA has long known that the availability of their radar data is a security threat. That is why they delay the data by 5 minutes. There is no way for them to control the ADS-B out data being transmitted more and more everyday.

It is scary really!

Trust me, I want it to remain open as well but we all know that if it can be exploited, someone will do it....there are some real smart nut jobs out there that are more than a few fries short of a happy meal!
__________________
Brantel (Brian Chesteen),
Check out my RV-10 builder's BLOG
RV-10, #41942, N?????, Working on Emp/Tail Cone
---------------------------------------------------------------------
RV-7/TU, #72823, N159SB
Lyc. O-360 carbed, HARTZELL BA CS Prop, Dual P-MAGs, Dual Garmin G3X Touch
Track N159SB (KK4LIF)
Like EAA Chapter 1494 on Facebook

Last edited by Brantel : 05-23-2013 at 06:43 PM.
Reply With Quote
  #23  
Old 05-24-2013, 12:04 PM
walkman's Avatar
walkman walkman is offline
 
Join Date: Oct 2011
Location: Atlanta
Posts: 840
Default

Quote:
Originally Posted by Brantel View Post
Many folks in the Software/IT/Security business have been screaming that ADS-B is a nighmare waiting to happen and this pretty much shows you how easy it would be to exploit.
!
It's not just this issue. Consider that many of the devices we fly with now, such as our EFIS systems are based on standard OS. GRT for example is a Debian Linux box with USB and Ethernet, the iFly is a windows box. Consider that we also update them via wireless or USB etc over unsecured connections. I don't know whether the various devices typically check SHA1 hashes or similar before updating themselves. What happens when one connects a malware infected android device (very insecure) via Bluetooth or USB or Ethernet to your EFIS system? Are the vendors even cogniscent of the issues?

I know one of the things on my list this summer is to poke at my gear with the arsenal of tools in my lab and see what I can find.
__________________
RV-8 IO-360 (Bought)
RV-6 O-360 C/S (Sold)
Walkman aka Flame Out
Reply With Quote
  #24  
Old 05-25-2013, 03:32 PM
Jamie Aust's Avatar
Jamie Aust Jamie Aust is offline
 
Join Date: May 2005
Location: Brisbane Australia
Posts: 568
Default

Quote:
Originally Posted by Brantel View Post
Per Radomir's suggestion,

I bought one of the <$20 software definable radio sticks:



And had it running in about 15 minutes and it works surprizingly well!

Tons of work out on the net has been done with these radio's. I caught my short flight today by recieving my Mode S/ES squawk and uploading it to FlightRadar24 live. This is totally done via this receiver sniffing my Mode S/ES xponder signals... Little antenna stuck to the roof of my truck sitting on the ramp at the airport.






Pretty cool stuff but it is scary. If I can do this for a hobby, what prevents some terrorist from doing it and sticking one of these things on the nose of a missle?

SDR stick....If someone can write a software front end and decoder to be able to pull out the Mode S/ES aircraft buzzing around, there should be someone that is smart enough to write one for the 978 band and decode the FIS-B data.
If someone is going to give this a crack, I would like to see the output be sent in Garmin format via RS232 please.
__________________
Jamie lee
Brisbane, Australia
RV7A - Now Flying.
0-360,carb,catto 3 blade.
VH-XJL
Reply With Quote
  #25  
Old 09-17-2013, 03:32 PM
Jamie Aust's Avatar
Jamie Aust Jamie Aust is offline
 
Join Date: May 2005
Location: Brisbane Australia
Posts: 568
Default

If anyone is still working on this could you please reply, im looking for some log files ( garmin TIS )if anyone wants to share, please PM me and I will give you my email.

Quote:
Originally Posted by kevinh View Post
Hi ya'll,

So lately I've been recreationally making some software for hobbyist drones. In the process I found a really cool software based ADS-B decoder. Someone has made a really cool open-source project that uses a $30 USB radio to decode ADS-B data. I've tried it out at home and it works great.

My desire is to use a Rasberry-Pi to convert this data into a form acceptable for aircraft avionics. Does anyone know of a document that specifies the protocol garmin or dynon expects for aircraft and/or weather data? With such a document I can easily make this project go.

I suspect the total cost to add ADS-B in to your RV with this project would be about $100.
__________________
Jamie lee
Brisbane, Australia
RV7A - Now Flying.
0-360,carb,catto 3 blade.
VH-XJL
Reply With Quote
  #26  
Old 01-05-2014, 07:50 PM
zaitcev zaitcev is offline
 
Join Date: Jan 2014
Location: Albuquerque, NM
Posts: 15
Default

Quote:
Originally Posted by Brantel View Post
SDR stick....If someone can write a software front end and decoder to be able to pull out the Mode S/ES aircraft buzzing around, there should be someone that is smart enough to write one for the 978 band and decode the FIS-B data.
I don't think RTL can cut it. Althought in theory Neuquist allows to decode a clean FSK signal at 1 mbit/s while sampling at 2.8 s/s (maximum rate for RTL), in practice the available software fails miserably when trying that. At least it did not work for me, although I gave up just after looking at the samples and waterfall. Just about anything out there requires significant oversampling for each bit or else the output is junk.

I got the RTL SDR getting me 1090ES with homemade software easily (well, using a pre-existing SDR receiver), but UAT is a problem. The only thing that would do that is a real SDR like Ettus.

Last edited by zaitcev : 01-05-2014 at 08:58 PM.
Reply With Quote
  #27  
Old 01-05-2014, 09:22 PM
mculver's Avatar
mculver mculver is offline
 
Join Date: Dec 2008
Location: Redmond, WA
Posts: 269
Default

This is cheap and extremely cool technology! Costs just $12 or so plus shipping at www.amazon.com/gp/product/B00C37AZXK. All the software is readily available for free, although some of the applications described in this thread do indeed require custom code.

I hooked one of these up to a Raspberry Pi, which is currently sitting in my kitchen in Seattle, letting me watch Seattle traffic from anywhere (which is currently Central America).

100% fun, 100% what homebuilding is all about
__________________
-- Mike Culver;
RV-9 project sold but details of the build at
www.mculver.com
Reply With Quote
  #28  
Old 01-22-2014, 08:33 AM
zaitcev zaitcev is offline
 
Join Date: Jan 2014
Location: Albuquerque, NM
Posts: 15
Default

Quote:
Originally Posted by Brantel View Post
SDR stick....If someone can write a software front end and decoder to be able to pull out the Mode S/ES aircraft buzzing around, there should be someone that is smart enough to write one for the 978 band and decode the FIS-B data.
I was motivated by this thread to give UAT another go, but it was an abject failure. I tried to forego normal signal analysis and just look at phases for adjacent samples, and possibly detect packet headers if timing is right. Something about this technique is wrong, or I'm missing something important about pushing RTL chip too far. It may be that I'm just not receiving anything, however. If anyone wants to give it a go and let me know if any syncs are seen, code is here:
https://github.com/zaitcev/ruat
Reply With Quote
  #29  
Old 01-22-2014, 10:13 AM
Radomir's Avatar
Radomir Radomir is offline
 
Join Date: Jan 2005
Location: Charlotte, NC
Posts: 1,521
Default

There's tons of airports that have GBT on them -- I'd go to one of them and test things out there.. you're guaranteed to receive the signal.

Note: GBT's message has inverted preamble of an airplanes transceiver. Preamble's ones and zeros are opposite of what airplane sends out.

Find the UAT MOPS online (if you haven't already) as it has pretty good description of what the signal looks like. Depending on where you're doing your testing, it's possible you're not receiving anything useful.
__________________
Radomir
RV-7A sold
Reply With Quote
  #30  
Old 01-22-2014, 10:34 AM
digidocs digidocs is offline
 
Join Date: Apr 2007
Location: -
Posts: 480
Default

Zaitcev,

What problem are you seeing with the RTL? Is the device dropping samples at 2.8Msps? Also, are you getting I and Q sample pairs at that rate or just "real" samples?

I don't have the UAT MOPS in front of me, but I seem to remember that the signal total bandwidth is 1.3MHz (ie: +/- 0.65MHz from center). One thing to check is that any upstream analog filtering in the RTL has a bandwidth greater than this.

If the analog bandwidth is good and you can reliably get samples at the above rate, it should be possible to decode the signal. Realistically, you're probably going to have to upsample your original signal into the 6.25+Msps range to make it possible to recover the bit timing.

I was able to decode a 1-bit 6.25Msps UAT datastream in software so I know that at least that can work.

Neat project.

David

Last edited by digidocs : 01-22-2014 at 10:38 AM.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -6. The time now is 04:07 PM.


The VAFForums come to you courtesy Delta Romeo, LLC. By viewing and participating in them you agree to build your plane using standardized methods and practices and to fly it safely and in accordance with the laws governing the country you are located in.