The European Air Traffic Management (ATM) system is moving to a net centric operational environment. This transformation increasingly depends on appropriate communication, navigation and surveillance technologies (CNS) to enhance safety, efficiency, and capacity. New aeronautical data link communications systems such as Automatic Dependent Surveillance Broadcast (ADS-B) allows safer operations, denser airspace and cost savings for operators. However, it is a fact that ADS-B provides unauthenticated information over an unencrypted data link. In this paper, the Mode S data link structure and broadcasts are elaborated as basis to provide a comprehensive understanding for the information exchange and cyber security analysis of ADS-B. The information exchange is demonstrated by analyzing interrogated Mode S broadcasts, followed by a cyber security analysis in terms of a threat picture and taxonomy for various possible attacks. Finally, a scenario-based dynamic threat analysis is illustrated to clarify the consequences of ADS-B vulnerabilities.