| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| en:safeav:as:cybersec [2025/10/29 07:51] – pczekalski | en:safeav:as:cybersec [2025/10/29 07:53] (current) – ToDo checked: pczekalski |
|---|
| {{:en:iot-open:czapka_b.png?50| Bachelors (1st level) classification icon }} | {{:en:iot-open:czapka_b.png?50| Bachelors (1st level) classification icon }} |
| |
| <todo @pczekalski></todo> | <todo @pczekalski #pczekalski:2025-10-29></todo> |
| |
| Drones' cybersecurity covers all aspects of IT security systems, but due to their autonomous operations and the physical presence of potentially dangerous devices, they could have a far greater impact on outcomes, including life-threatening incidents. This is related to their physical presence, including commonly relatively high weight (compared to the human body), high operational speeds and thus large impact energy. | Drones' cybersecurity covers all aspects of IT security systems, but due to their autonomous operations and the physical presence of potentially dangerous devices, they could have a far greater impact on outcomes, including life-threatening incidents. This is related to their physical presence, including commonly relatively high weight (compared to the human body), high operational speeds and thus large impact energy. |
| </table> | </table> |
| |
| Technically, drones are a blend of robotics and ICT and thus pose domain-specific cybersecurity challenges and threats, which we juxtapose in the table {{ref>table3}} along with estimates of potential impact and mitigation strategies. | Technically, drones are a blend of robotics and ICT and thus pose domain-specific cybersecurity challenges and threats, which we juxtapose in the table {{ref>table3}} along with estimates of potential impact and mitigation strategies. Many of them are identical or similar to the embedded systems, AI and IoT domains. |
| |
| | <table table3> |
| | <caption> Domain-specific vulnerabilities, threats and their mitigation strategies</caption> |
| ^ **Category** ^ **Attack / Threat Type** ^ **Impact** ^ **Mitigation Strategies** ^ | ^ **Category** ^ **Attack / Threat Type** ^ **Impact** ^ **Mitigation Strategies** ^ |
| | **Communication & Control Links** | Jamming (RF denial) | Loss of command/control, mission abortion | Frequency hopping, spread-spectrum communications, redundancy (LTE/SAT backup) | | | **Communication & Control Links** | Jamming (RF denial) | Loss of command/control, mission abortion | Frequency hopping, spread-spectrum communications, redundancy (LTE/SAT backup) | |
| | **Human Factors** | Operator credential theft | Unauthorized UAV access | Multi-factor authentication, training, credential hygiene | | | **Human Factors** | Operator credential theft | Unauthorized UAV access | Multi-factor authentication, training, credential hygiene | |
| | ::: | Insider threats | Intentional sabotage or leakage | Role-based access, behavior monitoring, background checks | | | ::: | Insider threats | Intentional sabotage or leakage | Role-based access, behavior monitoring, background checks | |
| | </table> |
| | |
| Good practices. | |
| |
