This is an old revision of the document!
Cybersecurity
[pczekalski]
Drones' cybersecurity covers all aspects of IT security systems, but due to their autonomous operations and the physical presence of potentially dangerous devices, they could have a far greater impact on outcomes, including life-threatening incidents. Below, we briefly describe the most important areas and list domain-specific challenges. UAV applications grow in both well-established and new environments, presenting unforeseen vulnerabilities. A compromise of a single device (e.g., a smart-enabled car on a highway) or multiple devices (e.g., a swarm of drones during a sky show) may have serious, even fatal, consequences not only for their users but also for others.
Autonomous systems vary in size and complexity, and thus differ in vulnerability to hacking and potential environmental harm in the event of compromise. Unauthorised access may have a dual nature and related consequences:
- hacking of an unmanaged system and its intentional use with a different target than formerly planned (e.g. flight plan change) - done usually via professional hackers that study the system and its vulnerabilities,
- hacking of an unmanaged system with unintentional results of disturbance of processed tasks (algorithms) that may result in disruption of operation and even involuntary destruction, usually done by accident during hacking.
Both cases are raising serious dangers to life and property.
Is this danger real?
General concepts of security. Areas to be covered:
- electronics
- firmware
- communication
- control section
- operations safety
Domain-specific cybersecurity challenges and threats.
| Category | Attack / Threat Type | Impact | Mitigation Strategies |
|---|---|---|---|
| Communication & Control Links | Jamming (RF denial) | Loss of command/control, mission abortion | Frequency hopping, spread-spectrum communications, redundancy (LTE/SAT backup) |
| Spoofing (GPS/Command) | UAV hijacking or route deviation | Encrypted control channels, GNSS authentication, sensor fusion for validation | |
| Eavesdropping | Leakage of telemetry or video | End-to-end encryption (AES, TLS), mutual authentication | |
| Man-in-the-Middle (MitM) | Command alteration or injection | Digital signatures, certificate-based identity, integrity verification | |
| Data Security | Unencrypted transmission | Theft of mission data, privacy violation | Use of VPNs or secure links (TLS/DTLS), data minimization |
| Compromised onboard storage | Exposure of sensitive data after capture | Encrypted storage, self-wiping memory, tamper detection | |
| Software & Firmware Integrity | Malicious firmware updates | Persistent compromise, backdoors | Signed updates, secure boot, trusted update servers |
| Outdated software | Exploitable vulnerabilities | Regular patching, vulnerability scanning | |
| Malware infection | Unauthorized control or data theft | Air-gapped maintenance, USB/media controls, antivirus monitoring | |
| Navigation Systems | GPS spoofing | False navigation, crash, or theft | Multi-sensor fusion (INS + GNSS + vision), anomaly detection |
| GPS jamming | Position loss, uncontrolled drift | Anti-jam antennas, inertial backup navigation | |
| Hardware & Supply Chain | Hardware backdoors | Hidden persistent access | Supply chain vetting, component attestation, hardware testing |
| Physical capture | Reverse engineering, key extraction | Encrypted memory, tamper-resistant enclosures, key rotation | |
| Network & Cloud Systems | Ground control compromise | Full UAV fleet takeover | Network segmentation, multi-factor authentication, IDS/IPS |
| Cloud data breach | Exposure of telemetry or missions | Strong access control, encryption at rest/in transit, audit logs | |
| API abuse | Unauthorized remote commands | API authentication, rate limiting, token-based access | |
| AI & Autonomy | Adversarial AI input | Misclassification, unsafe actions | Robust AI training, adversarial testing, sensor redundancy |
| Model poisoning | Manipulated learning behavior | Secure dataset curation, signed models, anomaly detection | |
| System Resilience | Single points of failure | System-wide outage | Distributed control, redundant communication paths |
| Poor fail-safe design | Crashes during disruption | Secure failover modes, autonomous return-to-base logic | |
| Regulatory & Standards | Lack of standards | Inconsistent security posture | Adoption of DO-326A / NIST frameworks, international harmonization |
| Weak certification | Deployment of insecure UAVs | Third-party audits, mandatory penetration testing | |
| Human Factors | Operator credential theft | Unauthorized UAV access | Multi-factor authentication, training, credential hygiene |
| Insider threats | Intentional sabotage or leakage | Role-based access, behavior monitoring, background checks |
Good practices.
