IETF Logo Mail Archive

Re: [Drip] ADSB

Alexandre Petrescu <alexandre.petrescu@gmail.com> Wed, 05 August 2020 12:50 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6AA23A081C for <tm-rid@ietfa.amsl.com>; Wed, 5 Aug 2020 05:50:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.278
X-Spam-Level:
X-Spam-Status: No, score=-0.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.949, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GtBW-TL9AoXg for <tm-rid@ietfa.amsl.com>; Wed, 5 Aug 2020 05:50:15 -0700 (PDT)
Received: from sainfoin-smtp-out.extra.cea.fr (sainfoin-smtp-out.extra.cea.fr [132.167.192.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BA2C3A07F7 for <tm-rid@ietf.org>; Wed, 5 Aug 2020 05:50:15 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by sainfoin-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 075CoD9T045632; Wed, 5 Aug 2020 14:50:13 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id E17DC203D01; Wed, 5 Aug 2020 14:50:13 +0200 (CEST)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id D249B2019FD; Wed, 5 Aug 2020 14:50:13 +0200 (CEST)
Received: from [10.8.35.150] (is154594.intra.cea.fr [10.8.35.150]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 075CoDOb007143; Wed, 5 Aug 2020 14:50:13 +0200
To: Robert Moskowitz <rgm@labs.htt-consult.com>, tm-rid@ietf.org
References: <1bebf5b1-1fa5-6902-5bb7-9ec3582e6d9a@andersdotter.cc> <01a21161-aa8d-6d4b-b384-3129fe6d799b@gmail.com> <973223fd-0119-376d-12cd-21559a14ce87@labs.htt-consult.com> <b88975b0-ecfd-3091-4314-304c36d51e8f@gmail.com> <3c632ce9-115d-11f5-ee33-bfabd4973522@labs.htt-consult.com> <f5dc0567-c9a1-a26f-b240-aead0d85c11f@gmail.com> <c9cc2ff4-c24f-f575-150b-8b978a4c2ac5@labs.htt-consult.com> <7ddd9a2f-23ba-dd82-8cfb-1d2974969e67@gmail.com> <d8cf3a43-910a-db2f-4408-184b52446c97@labs.htt-consult.com> <a288966d-d22a-d0fa-c544-ae2db7d1533e@gmail.com> <e60a44a7-a659-1937-19fb-d468c4329bb2@axenterprize.com> <A80AB482-557C-44C7-A99A-B494852D59AB@tencent.com> <f4dd60a2-da57-35d5-6467-9a4b09b3d73c@gmail.com> <c09092f9-2c59-65be-6af8-47d1135c6cfe@axenterprize.com> <61511ef6-5b9b-5b62-f922-d32b994a35b9@gmail.com> <f5775e1c-8a9a-d5ac-9a31-a79e49caf995@labs.htt-consult.com> <d4b370f6-91e7-942c-e4bf-d587eda7ae5d@gmail.com> <ff51fe20-5cc3-71e0-684a-a25e13a0c4ea@labs.htt-consult.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <e3663725-6419-d6fd-7196-fcd2189a63aa@gmail.com>
Date: Wed, 05 Aug 2020 14:50:14 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <ff51fe20-5cc3-71e0-684a-a25e13a0c4ea@labs.htt-consult.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/CTWIsu7inaSBPxLELgNNFDkdVr4>
Subject: Re: [Drip] ADSB
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2020 12:50:18 -0000


Le 05/08/2020 à 13:53, Robert Moskowitz a écrit :
> 
> 
> On 8/5/20 6:11 AM, Alexandre Petrescu wrote:
>> 
>> 
>> Le 04/08/2020 à 17:51, Robert Moskowitz a écrit :
>>> 
>>> 
>>> On 8/4/20 11:27 AM, Alexandre Petrescu wrote:
>>>> Thanks for the clarification.
>>>> 
>>>> Le 04/08/2020 à 17:17, Stuart W. Card a écrit :
>>>>> I just want to respond to one line that I think comes from 
>>>>> confusion:
>>>>> 
>>>>>> But if we have reluctance about the use of ADS-B, and thus 
>>>>>> of IP, and we recommend Bluetooth-without-IP to identify 
>>>>>> drones
>>>>> 
>>>>> We aren't recommending Bluetooth-without-IP, we are 
>>>>> _supporting_ it,
>>>> 
>>>> But, the security manifest that I have seen on slides during 
>>>> the presentation of the DRIP WG meeting - is something below 
>>>> IP, right?
>>> 
>>> For now, we are dealing with broadcast messages.  Either over 
>>> Bluetooth or WiFI (NAN).
>> 
>> If it is a broadcast message and it is over Bluetooth or over WiFi 
>> then it certainly is IP multicast, cant be anything else.
> 
> Wrong for BT4.  There are only 25 bytes available.  We can do most
> of the messaging in a single frame.  To do anything with IP will
> force this to a multiframe design.

I might say something stupid if I am allowed, maybe things that are
already known.  Sorry, I did not check the BoF archive discussion.  But
here goes anyways.  If one wants to do something with Bluetooth4 below
IP and finds it to be too small packets, then there could be several
possibilities:
- do it at Bluetooth SIG instead of IETF;
- do it in 6lo WG;
- use a header compression scheme at IETF (6lowpan HC at 6lo WG, SCHC at
   LP-WAN WG, ROHC and why not CBOR);
- implement packet fragmentation and reassembly and multiframe design
   below IP;
- use the already available data in the 25 bytes in order to realize
   that identification (there must be MAC addresses in there, and they're
   likely to be useful).

> Even BT5 it is wrong for the Authentication Message.  We need the 
> full frame for our content.  We would have to go with multiframe 
> design for BT5 as a result.

So, I do not understand: does DRIP want the entire packet to stay of
size 25bytes?  Or does DRIP want the packet to be more than 25bytes?

Would a multiframe design in which an IP packet of length 1280bytes is
chopped into 25bytes BT5 packets be advantageous for DRIP?

Do the BT5 packets have a notion of interlinking between sub-packets
that make a bigger packet?  (such a mechanism exists at the IP layer; it
uses Identification to identify a chain and an Offset to say where in
the chain is that sub-packet to be found).

> So this leaves WiFi NAN.  Sure you can do it, but why?  What does it 
> add?  In My Not So Humble Opinion (IMNSOHO) nothing but cost and 
> processing overhead.

I think WiFi 5.4 GHz is already used extensively to remotely control
drones.  These consoles with joysticks are WiFi 5.4GHz, if I am not
mistaken.

>> If it is IP multicast over Bluetooth or over WiFi then I wonder 
>> what is the value  in the Next Header field of the IP header
>> format (RFC8200 "IPv6", section 3 "Header format").  Basically -
>> what is the payload?
>> 
>> If one asks me, I would dare to think that payload might be an 
>> ICMPv6 Router Advertisement.
>> 
>>> There is NO security for the messages below the message package.
>> 
>> Noted.
>> 
>>> Just not enough payload size for anything that would work in a 
>>> broadcast environment like a National Airspace.  All of the 
>>> security we are specifying is inside the messages where 
>>> appropriate.
>>> 
>>> That security manifest is a payload of the ASTM F3411-19 
>>> Authentication Message.
>> 
>> It costs 85USD I wont pay to see it.  It is security.  There will 
>> always be someone smarter to break that security and ask for more 
>> money.
> 
> Look at:
> 
> https://github.com/opendroneid/specs/blob/master/OpenDroneID_Bluetooth_0.64.3.pdf
>
>
> 
It is close enough.

Thanks for the pointer.  Noted.

It is about Bluetooth.  Should be submitted to Bluetooth SIG.

I might stay something stupid here again... si I wont say it :-)

>> I would not oppose if that Authentication MEssage had a 
>> specification in clear.
> 
> The above plus Adam's draft will get you there.
> 
>> 
>>> These messages are broadcasted as Adam mentioned in his 'flying 
>>> DRIP' comments at the beginning.
>> 
>> Thank you for the reminder.  I looked again at the 'flying DRIP' 
>> presentation during the WG meeting, and at the related draft. 
>> https://datatracker.ietf.org/meeting/108/materials/slides-108-drip-authentication-formats
>>
>> 
>> 
>> and draft-wiethuechter-drip-auth-01
>> 
>> During the presentation, the slide clearly shows on slide 8 that a 
>> Bluetooth header immediately precedes an Open Drone ID message. 
>> There is no IP header in that slide.
> 
> That is right.  No IP.  No room for it.  No justification for it. It 
> is all RLOS only.

I might say something stupid here: no IP?  No IETF.

>> In the draft, there is similar discussion tightly related to 
>> Bluetooth and without IP.
>> 
>> But if we are to have an independence of Bluetooth, and use a 
>> networking layer such as IP, then the question of the use of an 
>> authentication header is made differently.
> 
> Again what is the justification for adding IP multicast?

I would not be afraid of IP multicast like the multicast we know for
video delivery.  It is IP multicast because IP is IPv6 and IPv6 has no
broadcast.

_If_ there is agreement that DRIP should be with IP (Internet Protocol).

We know that the drone identification should be broadcasted (like in TV
broadcast).  In IPv4 there is a mechanism to implement such TV-broadcast
concept.  It is called IPv4 broadcast.  That broadcast is sent to a
dedicated address (like 255.255.255.255 which is all Internet, or like
195.212.142.255 which is all computers in a particular subnet).  In IPv6
such broadcast concept does not exist.  Rather, it's called 'multicast'
and, as opposed to IPv4, it has a mandatory and voluntary join/leave
mechanism.

I name that IPv6 multicast simply IP multicast, because IPv4 should not
be used as basis for any new work at IETF.

On such an IP multicast perspective for DRIP, one would have to come up
with an architecture for joining and leaving that makes it easy to use
by authorities, mandatory to implement, is secure enough (security and
multicast is not that easy), etc.

> Where do you see these messages going beyond the RF Line Of Sight?

True.

But one would not want all BT5 devices (like my watch or earphones)
around a drone's sight to be awaken by its identification beacons,
right?  Only those devices who have voluntarily subscribed to that
multicast group would be awaken.


>> The authentication header would be an IP Authentication Header. 
>> This AH would be somehow re-used and extended where necessary for 
>> DRIP purposes.
>> 
>>> Now later I expect us to move on to Network Remote ID and Command
>>> and Control (C2).
>>> 
>>> Most C2 (e.g. Mavlink) is directly over the MAC, but there is a 
>>> method to run it over UDP (I forget the UDP port commonly 
>>> used...). AX Enterprize has done this using HIP so the UA starts 
>>> with WiFi over the launch point, transitions to LTE, and on 
>>> return back to WiFi.
>>> 
>>> Network Remote ID can work either directly from the UA, or via
>>> C2 information to the GCS, from the GCS.  In either case, IP is 
>>> assumed. This will probably be done via UDP.  From the UA, 
>>> mobility will be important; from the GCS nice to have (most GCS 
>>> will be stable location).  As UDP to a fixed Net-SP, DTLS 1.3 is 
>>> a viable alternative to HIP.
>> 
>> I will have to look closer at HIP again :-) and see how it could
>> be made to work with DRIP and IP.
> 
> Stu, Adam, Andrei, and I see HIP for where there is pairwise 
> communication with potentially both ends mobile and using multiple 
> interfaces.  Once you have that use case, be consistent and use it 
> for simpler situations.

I wanted to ask whether using a Host Identity that is cryptographically
generated is sufficient for authorities to trust a drone upon reception
of one DRIP identification packet, or maybe am additional roundrip (a
ping, a request-response) would still be needed from ground officer to
drone to make sure it's the right drone who replies?  Or maybe a full
Diffie-Hellman exchange is needed?

Alex

> 
>> 
>> Alex
>> 
>>> 
>>> 
>>> 
>>> 
>>>> 
>>>> Alex
>>>> 
>>>> as
>>>>> it is specified in ASTM F3411, which most of the regulators 
>>>>> are dubbing as an approved technical means of regulatory 
>>>>> compliance.
>>>>> 
>>>>> AFAIK, no one runs IP over ADS-B, which was designed as a 
>>>>> narrowband application specific communications stovepipe,
>>>>> not a data link supporting higher layer network protocols,
>>>>> so not great for IP.
>>>>> 
>>>>> More importantly, we have no "reluctance about the use of...
>>>>>  IP", which is an entirely separate issue from ADS-B.
>>>>> 
>>>>> On 8/4/2020 9:52 AM, Alexandre Petrescu wrote:
>>>>>> architectural layers discussion...
>>>>>> 
>>>>>> Le 30/07/2020 à 11:49, shuaiizhao(Shuai Zhao) a écrit :
>>>>>>> Just to echo Stu on the ADSB, AFAIK, ADSB will  not be 
>>>>>>> feasible for most of the drones mostly due to SwaP, 
>>>>>>> commercial drones might be exception.
>>>>>> 
>>>>>> It might be that ADS-B might be forbidden in drones on 
>>>>>> Earth, but how about the drones on Mars? ('NASA Mars 
>>>>>> helicopters', or ESA too).  On Mars there would be much 
>>>>>> less such drones, so less risk of interference.
>>>>>> 
>>>>>> With such a system (ADS-B under IP) one could re-use DTN 
>>>>>> (Delay Tolerant Networking) between planets, and so 
>>>>>> identify drones even on Mars.
>>>>>> 
>>>>>> But if we have reluctance about the use of ADS-B, and thus 
>>>>>> of IP, and we recommend Bluetooth-without-IP to identify 
>>>>>> drones, then we might become too dependent on it?
>>>>>> 
>>>>>> (do not get me wrong, I do like Bluetooth, but I like many 
>>>>>> other things together with Bluetooth).
>>>>>> 
>>>>>> Alex
>>>>>> 
>>>>>>> 
>>>>>>> Best,
>>>>>>> 
>>>>>>> Shuai Zhao
>>>>>>> 
>>>>>>> *From: *Tm-rid <tm-rid-bounces@ietf.org> on behalf of 
>>>>>>> "Stuart W. Card" <stu.card@axenterprize.com> *Date: 
>>>>>>> *Wednesday, July 29, 2020 at 19:46 *To: 
>>>>>>> *"tm-rid@ietf.org" <tm-rid@ietf.org> *Subject: *[Drip] 
>>>>>>> ADSB (was: Review of draft-drip-arch-02 w.r.t. RFC6973, 
>>>>>>> RFC8280 and other)(Internet mail)
>>>>>>> 
>>>>>>> Sorry for the slow reply.
>>>>>>> 
>>>>>>> ADS-B is gradually being mandated for essentially all 
>>>>>>> manned aircraft.
>>>>>>> 
>>>>>>> ADSB-In and ADSB-Out are mandated for airliners: -In 
>>>>>>> gives their pilots
>>>>>>> 
>>>>>>> some Situational Awareness (SA) of other aircraft; -Out 
>>>>>>> gives other
>>>>>>> 
>>>>>>> pilots SA of the airliners.
>>>>>>> 
>>>>>>> "ADSB-Out" is mandated even for small general aviation 
>>>>>>> aircraft: it does
>>>>>>> 
>>>>>>> not directly benefit the pilots of those aircraft; but
>>>>>>> by providing SA
>>>>>>> 
>>>>>>> to others, it indirectly benefits all.
>>>>>>> 
>>>>>>> ADSB is _not_ going to be deployed on large numbers of 
>>>>>>> small UAS as it
>>>>>>> 
>>>>>>> would overwhelm the limited bandwidth available at those 
>>>>>>> lower radio
>>>>>>> 
>>>>>>> frequencies (which propagate long ranges). In fact, it
>>>>>>> is expected to be
>>>>>>> 
>>>>>>> explicitly prohibited in the US per the FAA NPRM; I 
>>>>>>> suspect most of the
>>>>>>> 
>>>>>>> rest of the world will do likewise.
>>>>>>> 
>>>>>>> ADSB is also altogether insecure.
>>>>>>> 
>>>>>>> On 7/9/2020 3:02 AM, Alexandre Petrescu wrote:
>>>>>>> 
>>>>>>> ...
>>>>>>> 
>>>>>>> They call it "ADS-B Receivers" (Automatic Dependent 
>>>>>>> Surveillance -
>>>>>>> 
>>>>>>> Broadcast).
>>>>>>> 
>>>>>>> I wouuld like to ask if there is a packet dump available 
>>>>>>> showing such
>>>>>>> 
>>>>>>> presence data form planes?  Maybe wireshark already 
>>>>>>> supports it, maybe
>>>>>>> 
>>>>>>> it even dissects it...
>>>>>>> 
>>>>>>> --
>>>>>>> 
>>>>>>> -----------------------------------------
>>>>>>> 
>>>>>>> Stuart W. Card, PhD, Principal Engineer
>>>>>>> 
>>>>>>> AX Enterprize, LLC www.axenterprize.com
>>>>>>> 
>>>>>>> 4947 Commercial Drive, Yorkville NY 13495
>>>>>>> 
>>>>>>> 
>>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>> 
>>> 
>>> -- Standard Robert Moskowitz Owner HTT Consulting C:248-219-2059 
>>> F:248-968-2824 E:rgm@labs.htt-consult.com
>>> 
>>> There's no limit to what can be accomplished if it doesn't matter
>>> who gets the credit
> 
> -- Standard Robert Moskowitz Owner HTT Consulting C:248-219-2059 
> F:248-968-2824 E:rgm@labs.htt-consult.com
> 
> There's no limit to what can be accomplished if it doesn't matter
> who gets the credit

v2.23.0 | Report a Bug | By Email