| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| en:safeav:as:cybersec [2025/10/29 07:49] – [Table] pczekalski | en:safeav:as:cybersec [2025/10/29 07:53] (current) – ToDo checked: pczekalski |
|---|
| {{:en:iot-open:czapka_b.png?50| Bachelors (1st level) classification icon }} | {{:en:iot-open:czapka_b.png?50| Bachelors (1st level) classification icon }} |
| |
| <todo @pczekalski></todo> | <todo @pczekalski #pczekalski:2025-10-29></todo> |
| |
| Drones' cybersecurity covers all aspects of IT security systems, but due to their autonomous operations and the physical presence of potentially dangerous devices, they could have a far greater impact on outcomes, including life-threatening incidents. This is related to their physical presence, including commonly relatively high weight (compared to the human body), high operational speeds and thus large impact energy. | Drones' cybersecurity covers all aspects of IT security systems, but due to their autonomous operations and the physical presence of potentially dangerous devices, they could have a far greater impact on outcomes, including life-threatening incidents. This is related to their physical presence, including commonly relatively high weight (compared to the human body), high operational speeds and thus large impact energy. |
| </table> | </table> |
| |
| Domain-specific cybersecurity challenges and threats. | Technically, drones are a blend of robotics and ICT and thus pose domain-specific cybersecurity challenges and threats, which we juxtapose in the table {{ref>table3}} along with estimates of potential impact and mitigation strategies. Many of them are identical or similar to the embedded systems, AI and IoT domains. |
| |
| | <table table3> |
| | <caption> Domain-specific vulnerabilities, threats and their mitigation strategies</caption> |
| ^ **Category** ^ **Attack / Threat Type** ^ **Impact** ^ **Mitigation Strategies** ^ | ^ **Category** ^ **Attack / Threat Type** ^ **Impact** ^ **Mitigation Strategies** ^ |
| | **Communication & Control Links** | Jamming (RF denial) | Loss of command/control, mission abortion | Frequency hopping, spread-spectrum communications, redundancy (LTE/SAT backup) | | | **Communication & Control Links** | Jamming (RF denial) | Loss of command/control, mission abortion | Frequency hopping, spread-spectrum communications, redundancy (LTE/SAT backup) | |
| | ::: | Eavesdropping | Leakage of telemetry or video | End-to-end encryption (AES, TLS), mutual authentication | | | ::: | Eavesdropping | Leakage of telemetry or video | End-to-end encryption (AES, TLS), mutual authentication | |
| | ::: | Man-in-the-Middle (MitM) | Command alteration or injection | Digital signatures, certificate-based identity, integrity verification | | | ::: | Man-in-the-Middle (MitM) | Command alteration or injection | Digital signatures, certificate-based identity, integrity verification | |
| | **Data Security** | Unencrypted transmission | Theft of mission data, privacy violation | Use of VPNs or secure links (TLS/DTLS), data minimization | | | **Data Security** | Unencrypted transmission | Theft of mission data, privacy violation | Use of VPNs or secure links (TLS/DTLS), data minimisation | |
| | ::: | Compromised onboard storage | Exposure of sensitive data after capture | Encrypted storage, self-wiping memory, tamper detection | | | ::: | Compromised onboard storage | Exposure of sensitive data after capture | Encrypted storage, self-wiping memory, tamper detection | |
| | **Software & Firmware Integrity** | Malicious firmware updates | Persistent compromise, backdoors | Signed updates, secure boot, trusted update servers | | | **Software & Firmware Integrity** | Malicious firmware updates | Persistent compromise, backdoors | Signed updates, secure boot, trusted update servers | |
| | **Human Factors** | Operator credential theft | Unauthorized UAV access | Multi-factor authentication, training, credential hygiene | | | **Human Factors** | Operator credential theft | Unauthorized UAV access | Multi-factor authentication, training, credential hygiene | |
| | ::: | Insider threats | Intentional sabotage or leakage | Role-based access, behavior monitoring, background checks | | | ::: | Insider threats | Intentional sabotage or leakage | Role-based access, behavior monitoring, background checks | |
| | </table> |
| | |
| Good practices. | |
| |
