Researchers Create Way to Protect UAVs from Cyberattacks

OnBoard Security, a Wilmington, Mass.-based provider of Internet of Things security, has announced that a graduate student team at the Johns Hopkins University Information Security Institute (JHUISI) has successfully demonstrated the protection of unmanned aerial vehicles (UAVs) from cyberattacks.

According to JHUISI, the partners implemented a secured type of sense-and-avoid (SAA) technology. SAA systems are used to prevent mid-air collisions but, in their current form, can be vulnerable to hacking. Thus, the team sought to enhance the way drones share their location using automatic dependent surveillance – broadcast (ADS-B) messages.

Hypothetically, says JHUISI, a hacker could alter ADS-B transmissions to confuse another aircraft into believing a collision is imminent – potentially resulting in dangerous evasive maneuvers. To prevent such attacks, the students developed a security-augmented ADS-B system using a cryptographic software library developed by OnBoard.

OnBoard Security says it collaborated with the research effort by providing mentoring, industry insight and the use of the company’s Aerolink communication security libraries. This is the first implementation of Aerolink outside of the automotive industry, the company notes.

Without cryptographic protections, such as those provided by Aerolink security libraries, UAVs can be vulnerable to packet forging, replay, message modification and man-in-the-middle attacks, the researchers say.

However, Aerolink says the newly developed system provides message authentication and integrity-checking to protect against all of these attacks.

“The well-thought-out security schemes designed for connected and autonomous vehicles utilizing high volumes of signed messages in a limited bandwidth environment makes Aerolink ideal for unmanned aircraft,” explains Dr. Jonathan Petit, senior director of research at OnBoard Security. “The team at Johns Hopkins is leading the way to safer and more secure UAV operation through message authentication.”

The Johns Hopkins team was made up of three students seeking a Masters of Science in Security Informatics (MSSI): Ritvik Sachdev, Puru Kulkarni and Praveen Malhan. The project was part of their required capstone for the MSSI degree.

“The impact of having the students work with OnBoard was fantastic,” adds Seth Nielson, director of advanced research projects at JHUISI and the students’ mentor for the project. “Capstones are an important part of the Masters’ program; we offer and require the students to think critically about real-world problems. Working with an industry partner, who can provide technical instruction and, in this case, access to industry-grade software libraries, makes that experience significantly more valuable to them in the short and long term.”

The paper from the researchers can be found here.

LEAVE A REPLY

Please enter your comment!
Please enter your name here