Nils Mäurer

Nils Mäurer

Group Head - Cybersecurity Architectures

German Aerospace Center

Biography

Nils Mäurer has been employed as a scientist at DLR’s Institute of Communications and Navigation since 2017.

He specializes in cybersecurity for critical infrastructures in aerospace, railways, and shipping. His main work focused on developing the cybersecurity architecture of the L-band Digital Aeronautical Communications System (LDACS). In 2023, his work was standardized by the Internet Engineering Task Force (IETF) and the International Civil Aviation Organization (ICAO) in the international standard on LDACS.

As of January 2023, he heads the “Cybersecurity Architectures” group at DLR’s Communications Department.

Interests

  • Cybersecurity
  • Digital Aeronautical Communications
  • LDACS
  • GBAS

Education

  • MSc in IT-Security and Reliability, 2017

    Universität Passau

  • BSc in IT, 2015

    Technische Universität München (TUM)

Skills

Technologies:

Secure Wireless Communication
Pre/Post-Quantum Cryptography
Origin of Trust Solutions
LDACS

Languages:

German (native)
English (C1)
Spanish (B1)

Standardization Activities:

International Civil Aviation Origanization (ICAO)
Internet Engineering Task Force (IETF)

Honorary Office

PhD Spokesperson of all Doctoral Students at DLR

Python

90%

Cryptography

80%

Protocols

70%

Experience

 
 
 
 
 

Group Head

German Aerospace Center (DLR)

Jan 2023 – Present Munich
I am currently heading the Cybersecurity Architectures group with a focus on cybersecurity solutions for critical infrastructure communications and navigation systems.
 
 
 
 
 

PhD Researcher

German Aerospace Center (DLR)

Oct 2017 – Jan 2023 Munich
Research on

  • Provably Secure Communication for Air Traffic Management (ATM)
  • Cybersecurity Design of LDACS
  • Security in Resource Constraints Environment
  • Trust Solutions for Wireless Communication Systems
 
 
 
 
 

Master Student

German Aerospace Center (DLR)

Jan 2017 – Jun 2017 Munich
Analysis of the IT Security of Digital Aeronautical Communications Systems
 
 
 
 
 

IT Security Student

Siemens

Aug 2016 – Oct 2016 Erlangen
Threat and Risk Analysis, Security Assessments, Reporting and Evaluation of Commuter Rails at Siemens Mobility

Recent Publications

L-band Digital Aeronautical Communications System (LDACS) draft-ietf-raw-ldacs-14

This version of our IETF draft has been adopted by the IESG.

A Secure Ground Handover Protocol for LDACS

The L-band Digital Aeronautical Communications System (LDACS), the worldwide first true integrated Communication, Navigation and …

L-band Digital Aeronautical Communications System (LDACS) draft-ietf-raw-ldacs-13

We made this update to incorporate all comments from the IESG.

Secure Point-to-Point Long-Distance Multi-Hop Connections in a Dense Airplane Mesh-Network using LDACS

The capacity of current aeronautical datalinks is reaching its limits and becomes a hindrance to the growth of worldwide civil …

Security in Digital Aeronautical Communications - A Comprehensive Gap Analysis

Aeronautical communications still heavily depend on analog radio systems, despite the fact that digital communication has been introduced to aviation in the 1990’s. Since then, the digitization of civil aviation has been continued, as considerable pressure to rationalize the aeronautical spectrum has built up. In any modern digital communications system, the threat of digital attacks needs to be considered carefully. This is especially true for safety-critical infrastructure, which aviation’s operational communication services clearly are. In this article, we reverse the traditional approach in the aeronautical industry of looking at a system from the safety perspective and assume a security-oriented point of view. We use the lens of security properties to review the requirements and specifications of aeronautical communications infrastructure as of 2021 and observe that most standards lack cybersecurity as a key requirement. Furthermore, we review the academic literature to identify possible solutions for the lack of cybersecurity measures in aeronautical communications system. We observe that most systems have been thoroughly analyzed within the academic security community, some for decades even, with many papers proposing concrete solutions to missing cybersecurity features. We conclude that there is a systematic problem in the design process of aeronautical communication systems. We provide a list of eight key findings and recommendations to improve the process of specifying such systems in a secure manner.

Accomplishments and Awards

Best of Track - Cyber Security and Software

Best of Track - Cyber Security and Software Award @DASC 2021 for this paper
See certificate

Best of Session - Avionics Systems

Best of Session - Cybersecurity Award @DASC 2021 for this paper
See certificate

Best of Track - Cyber Security and Software

Best of Track - Cyber Security and Software Award @DASC 2020 for this paper
See certificate

Best of Session - Cybersecurity

Best of Session - Cybersecurity Award @DASC 2020 for this paper
See certificate

Best of Session - Cyber Security and Software 3

Best of Session - Cyber Security and Software 3 @DASC 2019 for this paper
See certificate

Best of Conference

Best of Conference Award @ICNS 2019 for this paper
See certificate

Best of Track - Special Topics

Best of Track - Special Topics Award @DASC 2018 for this paper
See certificate

Best Student Paper – Runner-up

Best Student Paper – Runner-up Award @ICNS 2018 for this paper
See certificate

Recent & Upcoming Talks

L-band Digital Aeronautical Communications System (LDACS) - draft-ietf-raw-ldacs-13

At IETF 115, we presented the latest work on the LDACS draft in version draft-ietf-raw-ldacs-13. After one other update, the draft was adopted by the IESG in December 2022.

A Secure Ground Handover Protocol for LDACS

The L-band Digital Aeronautical Communications System (LDACS), the worldwide first true integrated Communication, Navigation and Surveillance (CNS) system, is in the process of being standardized at the International Civil Aviation Organization (ICAO) and the Internet Engineering Task Force (IETF). The cellular system is considered a successor to the 30-years old Very High Frequency (VHF) Datalink mode 2 system (VDLm2) and intended for communications related to the safety and regularity of flight. With the initial rollout planned in the near future, the finalization of all its aspects, including security is of utmost importance. While previous works presented a cybersecurity architecture for LDACS, including a Public Key Infrastructure (PKI), certificates, a Mutual Authentication and Key Establishment (MAKE) procedure, as well as usage of established keys for protecting its user- and control-data plane, the protocol for secure LDACS handovers between cells has not been established. The objective of this work is to present a secure handover procedure for LDACS, fulfilling all security and performance requirements for data- and voice communications via LDACS.

L-band Digital Aeronautical Communications System (LDACS) - draft-ietf-raw-ldacs-11

At IETF 114, we presented the latest work on the LDACS draft in version draft-ietf-raw-ldacs-11.

L-band Digital Aeronautical Communications System (LDACS) - draft-ietf-raw-ldacs-10

At IETF 113, we presented the latest work on the LDACS draft in version draft-ietf-raw-ldacs-10.

L-band Digital Aeronautical Communications System (LDACS) - draft-ietf-raw-ldacs-09

At IETF 112, we presented the latest work on the LDACS draft in version draft-ietf-raw-ldacs-09.

Recent Posts

On the (In)Security of 4G - Part XI: Non Access Stratum and Access Stratum Security

In this series, I’d like to have a deeper look on 4G security measures. Here we have a look at Non Access Stratum (NAS) and Access Stratum (AS) security, just after Authentication and Key Agreement Procedure (AKA) has completed.

Overthewire Natas Level 22, 23, 24 and 25

This is a writeup for the overthewire natas web application hacking challenge for level 22, 23, 24 and 25.

Overthewire Natas Level 20 and 21

This is a writeup for the overthewire natas web application hacking challenge for level 20 and 21.

Overthewire Natas Level 18 and 19

This is a writeup for the overthewire natas web application hacking challenge for level 18 and 19.

On the (In)Security of 4G - Part X: Authentication and Key Agreement Procedure

In this series, I’d like to have a deeper look on 4G security measures. Here we look closely at step 5a in the Initial Attachment Procedure - the Authentication and Key Agreement Procedure (AKA).

Contact

  • Muenchner Str. 20, Wessling, BAV 82443
  • Enter Building 103 and take the stairs to Office 01.026 on Floor 1
  • DM Me
  • PM Me