The 1090 Megahertz Riddle: A Guide to Decoding Mode S and ADS-B Signals
12 comments
·August 3, 2025toomuchtodo
fluxquanta
> aircraft surveillance has moved from controller-based interrogation to automatic broadcast
I'd take issue with the phrasing "moved from" and would rather use "supplemented by". Controller-based interrogation is still widely used.
touisteur
Moreover the advantage of Mode S radar (ground-initiated transactions) is that you're using a self-coherent system: the radar knows what it sent and what it is supposed to receive, and when, in a narrow beam, etc.
It makes lots of spoofing attacks unpractical. Where as relying on GNSS exposes to a whole bunch of 'constellation replay' or fake-adsb-telegrams attacks. Mode S lacks authentication, but there's no reason it couldn't be tacked on one day (through e.g. the already available 'advanced' data-link capabilities or the many available 'gicb' registers...). Even light session-authentication would break most of the remaining spoofing attacks (and most swap problems) on ground-initiated Mode S radar.
Catbert59
Also very interesting is the data which can be extracted from ADS-B.
There have been several attempts from meterologists to extract wind data from through the actual and target direction values.
Other sites use it to locate GPS-jammed areas because ADS-B can indicate when the reception fails (but still is able to transmit its position due to inertial fallback mechanisms).
jasonjayr
The weather model based on ADS-B data was [very recently] discussed here:
https://news.ycombinator.com/item?id=44734515
The article linked to this book, which is very comprehensive.
willwade
I'll save someone the googling since I just did. You need some hardware to hack: I think this is what you need: https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/
Catbert59
Better also add a SAW bandpass and a properly designed amplification (LNA) stage to this.
The RTL-SDRs are great - but heavily limited in their dynamics (8 Bit ADC). They get deaf quickly if you are located next to strong transmitters like FM/DAB/DVB-T/etc.
Aliexpress has cheap antennas that include all of this.
pests
Hey, mind looking up a link to one of those antennas? Just don’t want to pick the wrong part, so many abbreviations and acronyms.
I picked up an rtl sdr about a year or two ago and haven’t done much outside of listening to local FM stations.
Would be fun to go a bit deeper. Track satellites or listen to boats/ planes / etc.
jjwiseman
Great book that I reference all the time.
(The title is actually "The 1090 Megahertz Riddle".)
tomhow
Fixed, thanks!
toomuchtodo
It appears that was clipped when I submitted. I will email the mods and request they correct the title. Thank you.
DOI: https://doi.org/10.34641/mg.11
Source files/code: https://mode-s.org/
Synopsis:
In the last twenty years, aircraft surveillance has moved from controller-based interrogation to automatic broadcast. The Automatic Dependent Surveillance-Broadcast (ADS-B) is one of the most common methods for aircraft to report their state information like identity, position, and speed. Like other Mode S communications, ADS-B makes use of the 1090 megahertz transponder to transmit data. The protocol for ADS-B is open, and low-cost receivers can easily be used to intercept its signals. Many recent air transportation studies have benefited from this open data source. However, the current literature does not offer a systematic exploration of Mode S and ADS-B data, nor does it explain the decoding process.
This book tackles this missing area in the literature. It offers researchers, engineers, and enthusiasts a clear guide to understanding and making use of open ADS-B and Mode S data. The first part of this book presents the knowledge required to get started with decoding these signals. It includes background information on primary radar, secondary radar, Mode A/C, Mode S, and ADS-B, as well as the hardware and software setups necessary to gather radio signals. After that, the 17 core chapters of the book investigate the details of all types of ADS-B signals and commonly used Mode S signals. Throughout these chapters, examples and sample Python code are used extensively to explain and demonstrate the decoding process. Finally, the last chapter of the book offers a summary and a brief overview of research topics that go beyond the decoding of these signals.
(books is open/freely available for download)