Improving communication security of open source UAVs: Encrypting radio control link

Safety and reliability (also referred to as airworthiness) are well-known factors of Unmanned Aerial Vehicle (UAV) operations, and significant effort has been put into maintaining and improving them for everyday UAV users. Cyber-security, on the other hand, gained attention only recently. Currently, a malicious user can relatively easily disturb operation or even seize control of the most popular open-source UAVs, as a result of their poor communications security (COMSEC). Even though solutions to improve UAV's COMSEC are known, they have not been fully implemented in a user-friendly way. The contribution of the paper is an implementation of an encrypted Radio Control (RC) link that can be used with a number of popular RC transmitters. We use Galois Embedded Crypto library, an ArduinoLibs Crypto library together with openLRSng open- source radio project. We provide some lessons learned during development, implementation, and testing so users wishing to use their own encrypted link can leverage our work.

[1]  G.J. Holzmann,et al.  Using SPIN model checking for flight software verification , 2002, Proceedings, IEEE Aerospace Conference.

[2]  Calvin Coopmans,et al.  Software- and hardware-in-the-loop verification of flight dynamics model and flight control simulation of a fixed-wing unmanned aerial vehicle , 2015, 2015 Workshop on Research, Education and Development of Unmanned Aerial Systems (RED-UAS).

[3]  YangQuan Chen,et al.  Concept of Operations of Small Unmanned Aerial Systems: Basis for Airworthiness towards Personal Remote Sensing , 2014 .

[4]  Steven H. VanderLeest The open source, formally-proven seL4 microkernel: Considerations for use in avionics , 2016, 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC).

[5]  Shahryar Sarkani,et al.  Unmanned aerial vehicle smart device ground control station cyber security threat model , 2013, 2013 IEEE International Conference on Technologies for Homeland Security (HST).

[6]  Weiqing Sun,et al.  Cyber security threat analysis and modeling of an unmanned aerial vehicle system , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[7]  Lee Pike Hints for High-Assurance Cyber-Physical System Design , 2016, 2016 IEEE Cybersecurity Development (SecDev).

[8]  Aiko Pras,et al.  Exploring security vulnerabilities of unmanned aerial vehicles , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.

[9]  Jana Dittmann,et al.  AR.Drone: security threat analysis and exemplary attack to track persons , 2012, Electronic Imaging.

[10]  V. Yu Kovtun,et al.  Commands integrity and authority in control radio link of UAV , 2015, 2015 IEEE International Conference Actual Problems of Unmanned Aerial Vehicles Developments (APUAVD).

[11]  Kim Hartmann,et al.  UAV exploitation: A new domain for cyber power , 2016, 2016 8th International Conference on Cyber Conflict (CyCon).

[12]  Yangquan Chen,et al.  AggieAir — a low-cost autonomous multispectral remote sensing platform: New developments and applications , 2009, IEEE International Geoscience and Remote Sensing Symposium.

[13]  Shinji Kawaguchi,et al.  Trial of Organizing Software Test Strategy via Software Test Perspectives , 2014, 2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops.

[14]  Daniel J. Bernstein,et al.  The Poly1305-AES Message-Authentication Code , 2005, FSE.

[15]  B. Stark,et al.  A payload verification and management framework for small UAV-based personal remote sensing systems , 2012, 2012 5th International Symposium on Resilient Control Systems.

[16]  Kimon P. Valavanis,et al.  Current Status and Future Perspectives for Unmanned Aircraft System Operations in the US , 2008, J. Intell. Robotic Syst..

[17]  Adam Langley,et al.  ChaCha20 and Poly1305 for IETF Protocols , 2018, RFC.

[18]  Mansoor Alam,et al.  UAVSim: A simulation testbed for unmanned aerial vehicle network cyber security analysis , 2013, 2013 IEEE Globecom Workshops (GC Wkshps).

[19]  Kimon P. Valavanis,et al.  On unmanned aircraft systems issues, challenges and operational restrictions preventing integration into the National Airspace System , 2008 .

[20]  Reiner Creutzburg,et al.  Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy , 2014, Electronic Imaging.