The evolution of Information and Communication Technologies (ICT) present in practically all industrial sectors and critical infrastructures today, has ushered in the era of information or the information society. This is a period of human history characterised by the great volume of information available to users from different sources.
Those sources could be digital, if the data is generated digitally or have undergone conversion or digitalisation prior to presentation, as in the case of measurements taken using digital callipers. On the other hand, there are also non-digital sources of information such as a printed book, data obtained using analogue instruments using needles, mechanical numbering and other mechanisms.
Focussing on the sources of digital information, the primary means of accessing this information is the internet, whether on a computer, smartphone or tablet or some other electronic device for accessing information hosted online. Regardless of the device, these sources may be open or closed, meaning accessible to any user (public access) or accessible only for those who meet some requirement, such as registration or payment of a fee.
At this point, the concept of OSINT (Open Source Intelligence) enters the equation. This was already covered in the article “OSINT – Information is power” (in Spanish). OSINT is used for extracting information from publicly accessed digital sources and then processed, analysed and offered to the user, offering useful knowledge that can reach users who may not always have the best of intentions.
Radar websites and apps
There is a type of website and app we call virtual web-based radars that offers us information in real time on the principal forms of transport through OSINT techniques SIGINT (SIGnal INTelligence) and GEOINT (GEOspatial INTelligence). Among the information presented on the user interface is the geo-positioning of aircraft, trains and other vehicles along with a detailed file corresponding to each of them.
There are several examples of these radars on the web, with links provided below:
- Global air traffic: flightradar24, virtualradar, radarbox and globe.adsbexchange.
- Global marine traffic: marinetraffic and vesselfinder.
- Rail traffic in Spain: positren.
- Rail traffic in the United Kingdom: train-track and traintimes.
- General traffic: radarmaarssen and localizatodo.
Some of the most important data presented are included in the following table:
- Sample of data shown by web radars -
Not all virtual radars offer the same quantity of information and some do not show all the information without a paid subscription. However, it is common to find some relevant data openly, such as the OACI aircraft address, with which, through a quick internet search, a user can find the rest of the complementary information they are looking for.
The refresh rate and accuracy of the information presented depends not only on the provisions of the website but also on the technical features of the airborne equipment, the communication protocols used, the updating of prediction databases or algorithms implemented. In other words, they depend on the sources of information and intermediate technologies involved. Therefore, not all web radars will show the same information in the same way. There will be some margins for error in terms of time and position.
Origin of the data
Gross data provided by web-based virtual radars and which are then processed may come from one or multiple sources of information, which can be classified in three groups:
- The first group encompasses all those sources whose origins are found in one of the items of equipment on board the vehicles, used for compiling information from the on-board computer and sending it through telecommunication protocol to a compatible receptor on a periodic basis. These protocols and technologies include: ADS-B (Automatic Dependent Surveillance – Broadcast), AIS (Automatic Identification System), Inmarsat-C and other satellite links, mobile data networks, multilateration (MLAT), among others. Data transmitted from vehicles are captured by a network of dedicated receptors and managed by a company that provides transport monitoring or tracking services (monitoring service suppliers). They may also be captured by any person with adequate equipment according to the protocol or technology. In this second case, these individual users can create their own data servers or contribute as another receptor, to the network of receptors of a company of the type mentioned above, following determined policies of action.
- The second group is all those systems which, independently of the equipment on board, can obtain information to identify the vehicles. Primary radars are a clear example of this.
- Finally, the third group encompasses those sources of information within databases of organisations, companies or competent authorities responsible for or involved in that transport sector. They include data on timetables, status or alerts of the vehicles and are freely accessible to the public. An example of these organisation would be national operators or public administrations like the EMT Madrid. Within this group, GTFS data (General Transit Feed Specification) stand out in particular. This is a standard that determines the format in which the time formats and geopositioning of a vehicle are related within a transport network.
- Types of data provided by a GTFS feed for a travel planning app. Source: Risum -
The combination of different sources of information is a common feature and all data end up stored on a dedicated database common to the servers linked to the website or app that offers the radar service. In this combination, the entry of additional information stands out: mapping, meteorological data, transport lines, traffic status, location of stops, photos of vehicles, etc.
Any number of companies in the transport industry, trade or logistics need to know how transport activity is running in order to conduct monitoring of their assets, to plan routes or manage resources using Big Data. This need is met by web-based virtual radars and that is why the exist.
The ability to view the monitor showing flight departures and arrivals at an airport or check the estimated arrival time of a bus at a bus stop is tremendously useful for any user. It does not represent sensitive information. The same goes for someone checks the frequency of a certain metro stops at a specific station.
However, knowing the point of the route (passing through a tunnel, flying over a city, navigating through a strait) or the status (stopped, moving, out of service) of a vehicle, unequivocally identified by one means or another, as previously explained, represents information that, as a whole, is more sensitive that the information described above, and a potential cybersecurity risk. Such information could be useful to those with malicious intentions, not only to perpetrate cyberattacks but even physical terrorist attacks.
This is why such transparency of information is a cause for concern for some in relation to confidentiality. An example of this concern can be found on the website of the FFA (Federal Aviation Administration), the body responsible for security and regulation of civil aviation in the United States:
“FAA acknowledges the desire of some operators to limit the availability of real-time ADS-B position and identification information for a specific aircraft.”
This example concerns air travel, but it could be extrapolated to other forms of transport as the type of information is the same, as the table above shows.
As of today, there are a number of solutions to this problem but, evidently, there is still some way to go. Examples include the program PIA (Privacy ICAO Address) or the establishment of registration on web radars, restricting the data to authorised users.