Syed Khandker (New York University Abu Dhabi), Krzysztof Jurczok (Amateur Radio Operator), Christina Pöpper (New York University Abu Dhabi)
COSPAS-Sarsat is a global satellite-based search and rescue system that provides distress alert and location information to aid in the rescue of people in distress. However, recent studies show that the system lacks proper security mechanisms, making it vulnerable to various cyberattacks, including beacon spoofing, hacking, frequency jamming, and more. This paper proposes a backward-compatible solution to address these longstanding security concerns by incorporating a message authentication code (MAC) and timestamp. The MAC and timestamp ensure the integrity and authenticity of distress signals, while backward compatibility enables seamless integration with existing beacons. The proposed solution was evaluated in both a laboratory setting and a real-world satellite environment, demonstrating its practicality and effectiveness. Experimental results indicate that our solution can effectively prevent attacks such as spoofing, man-in-the-middle, and replay attacks. This solution represents a significant step toward enhancing the security of COSPAS-Sarsat beacon communication, making it more resilient to cyberattacks, and ensuring the timely and accurate delivery of distress signals to search and rescue authorities.