Abstract
This chapter explores the security challenges of the drone ecosystem. Drones raise significant security and safety concerns, both design-time and run-time (e.g., supply-chain, technical design, standardization). Two broad classes of threats are considered, on drones and using drones (e.g., to attack critical infrastructures or vehicles). They involve both professional and non-professional drones and lead to various types of attacks (e.g., IoT-type vulnerabilities, GPS spoofing, spying, kinetic attacks). Trade-offs involving hardware and software solutions to meet efficiency, resource limitations, and real-time constraints are notably hard to find. So far, protection solutions remain elementary compared to the impact of attacks. Advances in technologies, new use cases (e.g., enhancing network connectivity), and a regulatory framework to overcome existing barriers are decisive factors for sustainable drone security market growth.
TopBackground
This section presents some general definitions on drones. It then gives an overview of some key requirements. It also reviews the drone regulatory landscape and its impact on drone networking architectures.
Definitions
Unmanned Aerial Vehicles (UAV) or drones, are airborne devices that have a huge potential in a wide range of applications in both civilian and military domains1. Drones come in different sizes. Early systems were dedicated to single tasks, and formed of a single, usually large aerial node, and of a number of ground nodes. UAVs such as High Altitude Platform Stations (HAPS) may even fly continuously in the stratosphere for extended periods of time above air traffic, providing services such as data gathering or connectivity. Similar to any connected object, UAVs face many threats related to confidentiality, integrity, and availability (Javaid et al., 2012).
The concept of “drone” can be extended to other forms (e.g., climbing drones, maritime drones), collectively referred to as UxV for Unmanned Ground Vehicles (UGV), Unmanned Underwater Vehicles (UUV), etc.
Networks of UAVs, also known as multi-UAV systems or swarms/fleets of drones, are composed of multiple drones flying and coordinating together to complete the same mission. Drones of a fleet may communicate with each other, for instance using wireless communications. Drones may form an ad-hoc network called Flying Ad hoc Network (FANET). Figure 1 shows how UAVs work cooperatively, notably with ground and satellite nodes to achieve their mission(s) more efficiently and reliably (Javaid et al., 2012). Whether drones hover or move across a large area is application-specific (Gupta et al., 2016).
An UAV with its pilot or controller and all the on-board and off-board sub-systems required to safely control the UAV is commonly referred to as an Unmanned Aircraft System (UAS). A simple UAS includes a Ground Control Station (GCS), or dedicated static or portable control center, such as a smart device with applications installed on a mobile phone or on a tablet.
Two types of drone fleets can be considered: static or dynamic (Akram et al., 2017).
- •
Static drone fleets: members are pre-selected before the mission. During flight, no new drones can enroll into the swarm. Secure communications are set up by the owner of the drones.
- •
Dynamic drone fleets: fleets are open to enrollment of new drones. They can be closed dynamic fleets, allowing only enrollment of new drones from the same organization; or open dynamic fleets allowing enrollment of drones from third-party organizations, which may raise isolation issues.
Key Terms in this Chapter
Fleet of Drones: Multiple drones flying together to complete the same mission, usually coordinating through wireless communications. Synonyms: Network of UAVs, swarm of drones.
Drone: An airborne device formed of an aerial node that may cooperate with a number of ground nodes used in civilian and military applications. Synonyms: Unmanned Aerial Vehicle (UAV).
Broadcast Remote Identification: The information identifying a drone that is advertised locally directly by the drone itself.
Supply Chain Attack: A design-time attack against drone software or hardware due to threats against untrustworthy suppliers, often less protected than device vendors.
Secure Tunneling: A security protocol allowing entities in a drone system to exchange application-level messages with confidentiality and authenticity guarantees.
Global Navigation Satellite System Spoofing: An attack where the signal coming from satellite systems such as GPS for long distance guidance of drones is forged.
Network Remote Identification: The information identifying a drone made globally available to any authorized third-party and transmitted on network infrastructures to remote servers.
UAS Traffic Management: The UTM is the minimal set of rules and services to enable safe and efficient low-altitude drone operations for all individuals and businesses. Synonym: U-Space, based upon the UTM but more ambitious.
Attestation: A security protocol enabling to guarantee trustworthiness of the drone internal state, hardware and software, and of the UAV network.