Anomaly Detection for the MIL-STD-1553B Multiplex Data Bus Using an LSTM Autoencoder


  • Brian Lachine Royal Military College of Canada
  • Alec Harlow Canadian Departement of National Defence
  • Vincent Roberge



Anomaly Detection, LSTM Autoencoder, MIL-STD-1553B, Aviation Cybersecurity


Due to the modernization of commercial and military aircraft, real-time systems and their connectivity to ground based networks, including the Internet, that were thought to be “air-gapped”, are becoming more susceptible to cyber-attack. Most real-time systems that communicate using the Military Standard 1553B Multiplex data bus (MIL-STD-1553B) protocol do not have the ability to detect cyber-attacks. These systems were originally developed with safety and redundancy in mind, not security. These two factors introduce attack vectors to MIL-STD-1553B communication buses and expose associated avionics systems to exploitation. Recent approaches to anomaly detection for the MIL-STD-1553B data bus have leveraged statistical analysis, Markov Chain modelling, remote terminal fingerprinting and signature-based detection. However, their comparative effectiveness is unknown. Regarding the statistical analysis technique, the lack of accuracy and precision in detecting the start and stop time of anomalous events are not ideal for conducting investigations due to the sheer volume of messages still required to be manually analysed. Deep learning techniques offer an effective means of anomaly detection and applying these techniques to the MIL-STD-1553B data bus could provide more accurate and precise detection times when anomalies or attacks are present, when compared to known statistical analysis, leading to more efficient forensic investigations of anomalous events.

Author Biographies

Brian Lachine, Royal Military College of Canada

Assistant Professor, Department of Electrical and Computer Engineering

Alec Harlow, Canadian Departement of National Defence

Alec Harlow is a Captain within the Royal Canadian Air Force (RCAF) and leads an aviation cyber defence team within 415 Long Range Patrol Force Development Squadron. Capt Harlow received his MASc (Electrical and Computer Engineering) in 2023 and continues to focus on aviation cybersecurity and research.

Vincent Roberge,

Associate Professor, Department of Electrical and Computer Engineering, Royal Military Academy, Canada.