• Investigation into the Development of a Wireless IoT Penetration Testbed

      Thompson II, Willie L.; White, Tellrell; Morgan State University (International Foundation for Telemetering, 2019-10)
      IoT protocols have been proposed to replace wired systems in aircraft to support telemetry applications. They offer several advantages to wired systems due to them being wireless, low cost, and consuming less power. However, the one consideration that is often overlooked is the security of these wireless protocols. This project focused on investigating the use of open source hardware and software frameworks to create a wireless testbed to conduct penetration testing of the ZigBee protocol. To accomplish this task, the open source XBee software library was used to implement the ZigBee Network and Application Layers within the GNU Radio IDE. The XBee hardware module was leveraged for the IEEE 802.15.4 PHY and MAC Layers.

      Sandberg, Alvia; Morse, Caleb; Chandler, Ryan; Redstone Test Center (International Foundation for Telemetering, 2019-10)
      The Joint Advanced Missile Instrumentation (JAMI) project has created a very effective high dynamic Time Space Position Information (TSPI) solution and the Test and Training Enabling Architecture (TENA) is a very effective way to share data over a network. Can JAMI and TENA work together? This paper answers that question.

      Rubio, Pedro; Coll, Francisca; AIRBUS DEFENCE & SPACE Flight Test (International Foundation for Telemetering, 2019-10)
      During the development of an aircraft it is mandatory to demonstrate that the aircraft is free from flutter within its operational flight envelope. This piece showcases JFlutter, a flutter analysis tool developed within Airbus Defence & Space Flight Test Analysis Tools. JFlutter allows the analysis of this phenomenon in real time monitoring and post flight mode. Using the FxS dataserver as data provider, a reliable data gathering mechanism has been used for this critical tool. As flutter means aero elastic instability, potentially dangerous, flight safety becomes a main requirement. For safety reasons and in order to reduce overall test program duration it is necessary to check predicted frequencies and damping in real time / monitoring.

      Shoudha, Shamman Noor; Saquib, Mohammad; Univ Texas, Dept Electrical Engineering (International Foundation for Telemetering, 2019-10)
      This paper addresses the use of a minimum-mean-square-error (MMSE) interference canceler for mitigating the Long-Term Evolution (LTE) uplink interference and multipath in Aeronautical Telemetry system. SOQPSK-TG modulation scheme for the telemetry victim signal and 64-QAM for the LTE interference signal are considered. For a multipath channel derived from the channel sounding data, the interference canceler achieves the target bit error rate (BER) of 10-5 at Carrier-to-Interference (C/I) ratio - 12.7, - 40.7 and – 36 dB for data rates 1, 5 and 10 Mbits/s, respectively. To offer the same performance, an MMSE channel equalizer requires C/I ratio - 10.9, - 25.0 and - 5.0 dB.
    • Latest Development Status on the Commercial derivative aircraft Based Instrumentation Telemetry System (CBITS) Program

      Roudebush, J. Kyle; Hernandez, Jose; Kujiraoka, Scott; NAVAIR-Point Mugu; GBL Systems (International Foundation for Telemetering, 2019-10)
      The Commercial derivative aircraft Based Instrumentation Telemetry System (CBITS) project will provide an advanced airborne telemetry system and capability to support the test and evaluation (T&E) of current and future military weapons and defensive systems. In conjunction with the Range Support Aircraft (RSA) contracts, the CBITS project will provide an autonomous airborne T&E asset capable of supporting Major Range and Test Facility Base (MRTFB) government ranges and open-ocean testing worldwide. The project will develop an improved S-Band airborne telemetry (TM) capability and a new L- and C-Band telemetry capability as a result of frequency spectrum selloff issues. These improved telemetry capabilities, along with the existing airborne Flight Termination System/Command Destruct (FTS/CD) capability, existing radar for Range Surveillance (RS) and Range Clearance (RC), and range unique augmenting communication systems will be integrated into a Gulfstream G550 Airborne Early Warning (AEW) RSA which will be replacing the current NP-3D Remote Area Safety Aircraft (RASA). This paper will discuss the latest developmental status of the CBITS project.

      Deshmukh, Mrugen A.; Wilson, Stephen G.; Univ Virginia, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      We consider the application of LDPC codes for improving performance in multi-channel (spectrum aggregation) for air-to-ground telemetry, by virtue of frequency diversity available on a wideband frequency-selective multipath channel. Our particular interest is in use of multi-channel OFDM transmission on “white spots” in the microwave spectrum. Each such channel is subject to frequency-selective fading over its bandwidth (typically a few MHz) due to multipath, for which typical OFDM equalization is standard. However, some subcarriers within this OFDM channel may experience deep fading at the output of the equalizer, rendering the symbol error probability poor relative to that on an AWGN channel at the same average SNR. We study simulated performance on a multipath channel described by the ETU fading model. Specific performance reported includes error rate of LDPC coding constrained to a single channel (effective diversity order roughly 2) and error rate of coding across eight channels (diversity order roughly 5). Further, performance on this dispersive fading channel is only about 3 dB worse than that on a no-multipath channel, at block error probability 0:01.

      Urli, Renaud; Mertl, Florian; Flight Test Instrumentation, Dept. ETXMI; Airbus Helicopters Deutschland GmbH; Industriestrasse 4 (International Foundation for Telemetering, 2019-10)
      Flight Test Instrumentation (FTI) architectures are moving more and more towards network topologies. For almost every task, current equipment support connection to the FTI system via Ethernet. However, up to now, the telemetry link has kept the legacy PCM technology for most applications. By implementing network / IP radios, the drawbacks of old fashioned PCM-based telemetry links could be eliminated. Furthermore, new use cases have become possible, and the architecture of FTI installations, both on board and on ground, could be simplified. This paper gives some technical background on networked / IP radios and describes the steps taken during the first introduction of this promising technology. The benefits of this system are explained in order to show the potential of that approach. Beside this, important lessons were learned during the introduction of the network / IP telemetry: from software to hardware topics, from topology to human factors aspects. Eventually, the present installation at the FTI facility is described as well as the status of the migration from S-band PCM/FM to IP C-Band.

      Lee, Hua; Maravilla, Julian; Shimada, Haruka; Univ California Santa Barbara, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      In this paper, we present the 4th-generation, light-weight low-power collision avoidance system. For this new version, the ultrasound transmitter of the data-acquisition component is replaced by a Lidar to avoid multi-paths in complex environments. The estimate of the target range is quantized into a frequency bin and represented by acoustic waveforms within the human hearing range. The bearing angle of the target is utilized to produce the temporal offset between the twin channels of the corresponding acoustic waveforms. This wearable and hearable device is designed for real-time navigation for the blind.

      Beck, Eric; Erramilli, Shobha; Habiby, Sarry; Johnson, William; Kogiantis, Achilles; Maung, Nan; Rege, Kiran; Sayeed, Zulfiquar; Triolo, Anthony; Young, Jeffrey; et al. (International Foundation for Telemetering, 2019-10)
      Aeronautical mobile telemetry (AMT) based on 3GPP’s LTE standard is implemented in a proof-of-concept system. The solution tackles the very high Doppler shifts expected in flight tests using an appliqué that can be inserted between the transmit/receive ports of the Test Article (TA) and the antennas. This appliqué estimates the Doppler shift and proactively compensates for it on the uplink signal being transmitted by the TA. The overall system has been tested under different operational conditions in a laboratory setup as well as in the field. In the laboratory setup, the desired operating conditions are created with a set of Software-Defined-Radio-based channel emulators coupled with a computer to control their behavior. In order to carry out field tests, an operational LTE network has been created at Edwards Air Force Base (EAFB) with two base stations, backhaul links, and a core network. In this paper, we provide descriptions of both laboratory and field test setups as well as the results of several tests that have been carried out to date. The results of lab and field tests lend strong support to the viability of this AMT solution.

      Geoghegan, Mark; Nusair, Marwan; Quasonix (International Foundation for Telemetering, 2019-10)
      The majority of aircraft telemetry antennas transmit a linearly polarized wave. These linearly polarized signals are often received by two orthogonal (left and right hand) circularly polarized receive antennas, each of which has 3 dB polarization loss. Under nominal conditions, a diversity combiner can be used to coherently add the two received signals, thereby restoring the 3 dB loss. Recent flight tests have revealed that the signals radiating from the aircraft are actually elliptically polarized or even circularly polarized, leading to degraded combiner performance. This paper describes how the transmit polarization can be transformed from linear to circular, why this degrades combiner performance, and how to mitigate this effect.

      Moore, Russell; Moroni, Jacob; Curtiss-Wright Defense Solutions (International Foundation for Telemetering, 2019-10)
      With flight test data acquisition and avionic bus data demands increasing every year, a new breed of network switches and recorders are needed to handle the new extreme data load to aggregate and record on solid-state media. Flight test instrumentation switches and recorders must perform in harsh environments with ultra-high levels of reliability. They must also facilitate fast and efficient movement and storage of data. Switches also require many features such as data aggregation, port-mirroring, and QoS (Quality-of-Service) support while recorder features such as port truncation, and support for PCAP, DARv3 & CH10 recording formats are important. This paper will discuss these needs and outline some use cases for new 10 GbE network switches and recorders.
    • Multi-Stage Attack Detection Using Layered Hidden Markov Model Intrusion Detection System

      Moazzami, Farzad; Dean, Richard; Zegeye, Wondimu K.; Morgan State University, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      Intrusion Detection Systems (IDS) based on Artificial Intelligence can be deployed to protect telemetry networks against intruders. As security solutions which encrypt radio links do not accommodate the ever evolving network attacks and vulnerabilities, new defense mechanisms using machine learning and artificial intelligence can play a significant role for telemetry networks. This paper proposes a multi-layered Hidden Markov Model (HMM) IDS that addresses multi-stage attacks. This is due to the fact that intrusions are increasingly being launched through multiple phases instead of single stage intrusion. This layered model divides the problem space into smaller manageable pieces reducing the curse of dimensionality associated with HMMs. To verify the application of this model for real network, the NSL-KDD dataset is used to train and test the model.
    • Neuro-OSVETA: A Robust Watermarking of 3D Meshes

      Vasic, Bata; Raveendran, Nithin; Vasic, Bane; Univ Arizona, Dept Electrical and Computer Engineering; Univ Nis, Electronic Dept (International Foundation for Telemetering, 2019-10)
      Best and practical watermarking schemes for copyright protection of 3D meshes are required to be blind and robust to attacks and errors. In this paper, we present the latest developments in 3D blind watermarking with a special emphasis on our Ordered Statistics Vertex Extraction and Tracing Algorithm (OSVETA) algorithm and its improvements. OSVETA is based on a combination of quantization index modulation (QIM) and error correction coding using novel ways for judicial selection of mesh vertices which are stable under mesh simplification, and the technique we propose in this paper offers a systematic method for vertex selection based on neural networks replacing a heuristic approach in the OSVETA. The Neuro-OSVETA enables a more precise mesh geometry estimation and better curvature and topological feature estimation. These enhancements result in a more accurate identification of stable vertices resulting in significant reduction of deletion probability.

      Rice, Michael; Redd, Bryan; Briceno, Ximena; Brigham Young University, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      This paper examines the problem of carrier phase and frequency estimation for coded 16-APSK in aeronautical mobile telemetry. Given the fact that coded systems tend to operate at lower signalto-noise ratios than uncoded systems, the synchronizer must operate at these lower signal-to-noise ratios. For a 30 kHz frequency offset and a 10 Mbit/s 16-APSK signal, the conventional phase lock loop (PLL) system does not achieve consistent lock to be a useful approach. Consequently, a blind feed-forward approach, based on the FFT, and an initialized feedback approach based on the PLL were examined. The feed-forward estimator is capable of achieving BER ideal performance for Eb/N0 ≥ 6 dB using 1024 symbols. The feedback estimator, initialized using a feed-forward estimate based on 1024 symbols is also capable of achieving BER ideal performance for Eb/N0 ≥ 6 dB. Both synchronizers require a sufficiently good blind estimate: the estimate based on 2014 symbols appears to be the minimum value to achieve good performance.
    • Optimizing Pre-Flight Checkout by Leveraging IOT enabled FTI and Augmented Reality

      Quinn, Patrick; Curtiss-Wright (International Foundation for Telemetering, 2019-10)
      Pre-flight checkout is one of the most time critical stages in any flight test program. Delays and in-efficiencies during checkout can lead to aircraft being grounded for unnecessarily long periods of time, increasing costs and program schedule slippages. With the dawn of augmented reality wearables, smart sensors, wireless sensors and next generation Flight Test Instrumentation (FTI), today’s technological advances can be leveraged to transform pre-flight checkout into an interactive, self-diagnostic and operationally efficient essential step in your flight test program. These same technologies can also be used to optimize the day to day operations of airlines, MRO’s and aircraft maintenance companies, taking advantage of the current “data rich” generation of aircraft. This paper describes how pre-flight checkout can be optimized by combining best in class Internet of Things (IOT) enabled FTI and augmented reality wearables.
    • Peak-to-Average Power Ratio (PAPR) Reduction for OFDM

      Moazzami, Farzad; Dean, Richard; Zegeye, Wondimu K.; Morgan State University, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      The telemetry community has been challenged in its search for additional spectrum for its aeronautical mission. With a fixed amount of spectrum the challenge becomes focused on increased spectrum efficiency. Today’s best solution for spectrum efficiency is Orthogonal Frequency Division Modulation (OFDM). This approach has proven effective with both cellular LTE as well as IEEE 802.11 wireless LAN systems. OFDM has seen limited use in telemetry systems in part due to issues related to high peak to average ratio of OFDM signals. This paper reviews approaches to resolving these issues and proposes a scheme for peak conditioning of OFDM signals to reduce the peak to average ratio. Results of preliminary experimental work are promising.

      Rice, Michael; Arabian, Farah; Brigham Young University, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      Providing RHCP and LHCP outputs from the antennas vertical (V) and horizontal (H) dipoles in there sonant cavity within the antenna feeds is the current practice of ground-based station receivers in aeronautical telemetry. The equalizers on the market, operate on either LHCP or RHCP alone, or a combined signal created by co-phasing and adding the RHCP and LHCP outputs. In this paper, we show how to optimally combine the V and H dipole outputs and demonstrate that an equalizer operating on this optimally-combined signal outperforms an equalizer operating on the RHCP, LHCP, or the combined signals. Finally, we show how to optimally combine the RHCP and LHCP outputs for equalization, where this optimal combination performs as good as the optimally combined V and H signals.

      Peken, Ture; Tandon, Ravi; Bose, Tamal; Univ Arizona, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      The use of millimeter waves (mmWave) for next-generation cellular systems is promising due to the large bandwidth available in this band. Beamforming will likely be divided into RF and baseband domains, which is called hybrid beamforming. Precoders can be designed by using a predefined codebook or by choosing beamforming vectors arbitrarily in hybrid beamforming. The computational complexity of finding optimal precoders grows exponentially with the number of RF chains. In this paper, we develop a Q-learning (a form of reinforcement learning) based algorithm to find the precoders jointly. We analyze the complexity of the algorithm as a function of the number of iterations used in the training phase. We compare the spectral efficiency achieved with unconstrained precoding, exhaustive search, and another state-of-art algorithm. Results show that our algorithm provides better spectral efficiency than the state-of-art algorithm and has performance close to that of exhaustive search.

      Lee, Hua; Radzicki, Vincent R.; Rajagopal, Abhejit; Univ California Santa Barbara, Dept Electrical and Computer Engineering (International Foundation for Telemetering, 2019-10)
      Today, a wide range of heart conditions can be monitored remotely with relatively inexpensive passive sensing technologies, enabling the potential for long-term monitoring and prognosis of patient state under representative environmental stimuli. A medical telemetry system that can incorporate such passive measurements and provide key diagnostic information to medical professionals would provide tremendous value to patients via quantitative and personalized healthcare. This paper presents an overview of passive sensing methods that could be utilized in a medical telemetry system for remote heart monitoring of patients. While active systems are another attractive option, they impose additional constraints on the system that require careful calibration, expert control, and more complex instrumentation. The methods presented here are based on low-cost, sensor technology with the potential to greatly improve long-term non-invasive, heart-health monitoring.

      Fischer, John; Perdue, Lisa; Orolia (International Foundation for Telemetering, 2019-10)
      GNSS is key to effective situational awareness, providing critical Positioning, Navigation and Timing (PNT) telemetry data for mobile military operations. Yet GPS/GNSS jamming and spoofing attacks are on the rise. The combination of low-cost hardware, open source software, and tutorials on YouTube have fostered the proliferation of these malicious acts. Beyond intentional disruption, other factors such as environmental conditions and conflicts with other electronic systems can result in unreliable or even unavailable GNSS data. The disruption of GNSS for increasing periods of time through jamming/spoofing must now be an essential test component in most test scenarios today. How can one still provide reliable Time-Space Position Information (TSPI) during periods of GNSS denial? Key mobile military operations that rely on continuous and trusted PNT telemetry data from GNSS include: SatCom on the Move (SOTM), Command, Control, Communications, Computer, Intelligence, Surveillance and Reconnaissance (C4ISR), Airborne Communications Relay, Synthetic Aperture Radar, and Combat Search and Rescue (CSAR). Techniques and technologies used in battlefield systems to provide alternative sources of PNT data during a GNSS outage, can also be used on the test range. This paper will identify technologies, best practices and strategies for GNSS jamming/spoofing detection and protection systems and testing protocols to maintain a state of PNT readiness.