Abstract
The market for civilian unmanned aerial vehicles, also known as drones, is expanding rapidly as new applications are emerging to incorporate the use of civilian drones in our daily lives. On one hand, the convenience of offering certain services via drones is attractive. On the other hand, the mere operation of these airborne machines, which rely heavily on their cyber capabilities, poses great threats to people and property. Also, while the Federal Aviation Administration NextGen project aims to integrate civilian drones into the national airspace, the regulation is still a work-in-progress and does not cope with their threats. This article surveys the main security, privacy, and safety aspects associated with the use of civilian drones in the national airspace. In particular, we identify both the physical and cyber threats of such systems and discuss the security properties required by their critical operation environment. We also identify the research challenges and possible future directions in the fields of civilian drone security, safety, and privacy. Based on our investigation, we forecast that security will be a central enabling technology for the next generation of civilian unmanned aerial vehicles.
- Michal Addady. 2015. The number of drones expected to sell during the holiday seasons is caring the government. Retrieved from http://fortune.com/2015/09/29/drones-holiday-sales/.Google Scholar
- Riham AlTawy and Amr M. Youssef. 2016. Security tradeoffs in cyber physical systems: A case study survey on implantable medical devices. IEEE Access 4 (2016), 959--979. Google ScholarCross Ref
- Shankar Sastry Alvaro A. Cardenas, Saurabh Amin. 2008. Secure control: Towards survivable cyber-physical systems. In Proceedings of the 28th International Conference on Distributed Computing Systems Workshops. 495--500. Google ScholarDigital Library
- Amazon. 2015. Amazon revising the airspace model for the safe integration of small Unmanned Aircraft Systems. Retrieved from http://utm.arc.nasa.gov/docs/Amazon_RevisingtheAirspaceModelfortheSafeIntegrationofUAS{6}.pdf.Google Scholar
- Plamen Angelov. 2012. Sense and Avoid in UAS: Research and Applications. John Wiley 8 Sons.Google Scholar
- Ilker Bekmezci, Ozgur Koray Sahingoz, and Şamil Temel. 2013. Flying ad-hoc networks (FANETs): A survey. Ad Hoc Netw. 11, 3 (2013), 1254--1270. Google ScholarDigital Library
- Mihir Bellare and Chanathip Namprempre. 2000. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In Advances in Cryptology-ASIACRYPT, Tatsuaki Okamoto (Ed.), Vol. 1976. Springer, 531--545. Google ScholarDigital Library
- Bench.crypto. 2016. Computers used for benchmarking cryptographic systems. Retrieved from https://bench.cr.yp.to/computers.html.Google Scholar
- Brett Bethke, Mario Valenti, and Jonathan P. How. 2008. UAV task assignment. IEEE Robot. Autom. Mag. 15, 1 (2008), 39--44. Google ScholarCross Ref
- Zachary Birnbaum, Andrey Dolgikh, Victor Skormin, Edward O’Brien, and Dirk Muller. 2014. Unmanned aerial vehicle security using recursive parameter estimation. In Proceedings of the International Conference on Unmanned Aircraft Systems. IEEE, 692--702. Google ScholarCross Ref
- Zachary Birnbaum, Andrey Dolgikh, Victor Skormin, Edward O’Brien, Daniel Muller, and Christina Stracquodaine. 2015. Unmanned aerial vehicle security using behavioral profiling. In Proceedings of the International Conference on Unmanned Aircraft Systems. 1310--1319. Google ScholarCross Ref
- Ioana Boureanu, Aikaterini Mitrokotsa, and Serge Vaudenay. 2014. Towards secure distance bounding. In Fast Software Encryption (Lecture Notes in Computer Science), Shiho Moriai (Ed.), Vol. 8424. Springer, 55--67. Google ScholarCross Ref
- Michael J. Boyle. 2015. The race for drones. Orbis 59, 1 (2015), 76--94. Google ScholarCross Ref
- David A. Brown, Geoffrey Cooper, Ian Gilvarry, Anand Rajan, Alan Tatourian, Ramnath Venugopalan, David Wheeler, and Meiyuan Zhao. 2015. Automotive security best practices. Retrieved from www.mcafee.com/ca/resources/white.../wp-automotive-security.pdf.Google Scholar
- Guowei Cai, Jorge Dias, and Lakmal Seneviratne. 2014. A survey of small-scale unmanned aerial vehicles: Recent advances and future development trends. Unmanned Syst. 2, 02 (2014), 175--199. Google ScholarCross Ref
- Silvia Gil Casals, Philippe Owezarski, and Gilles Descargues. 2013. Generic and autonomous system for airborne networks cyber-threat detection. In Proceedings of the IEEE/AIAA 32nd Digital Avionics Systems Conference. 4A4--1--4A4--14.Google Scholar
- Rohan Chabukswar. 2014. Secure Detection in Cyberphysical Control Systems. PhD thesis, Carnegie Mellon University.Google Scholar
- Laurent Ciarletta, Loïc Fejoz, Adrien Guenard, and Nicolas Navet. 2016. Development of a safe CPS component: The hybrid parachute, a remote termination add-on improving safety of UAS. In Embedded Real-Time Software and Systems. 2016, 1--10. Retrieved from http://hdl.handle.net/10993/23406.Google Scholar
- Roger Clarke. 2014. Understanding the drone epidemic. Comput. Law Secur. Rev. 30, 3 (2014), 230--246. Google ScholarCross Ref
- Chris Constantinides and Paul Parkinson. 2008. Security challenges in UAV development. In Proceedings of the IEEE/AIAA Digital Avionics Systems Conference. IEEE, 1.C.1-1--1.C.1-8. Google ScholarCross Ref
- Carol Cratty. 2013. FBI uses drones for surveillance in U.S. Retrieved from http://www.cnn.com/2013/06/19/politics/fbi-drones/.Google Scholar
- Jordan Crook. 2013. Infamous hacker creates SkyJack to hunt, hack, and control otherdrones. Retrieved from http://techcrunch.com/2013/12/04/infamous-hacker-creates-skyjack-to-hunt-hack-and-control-other-drones/.Google Scholar
- Joan Daemen and Vincent Rijmen. 2013. The Design of Rijndael: AES - The Advanced Encryption Standard. Springer Science 8 Business Media.Google Scholar
- Sacco de Vries. 2005. UAV and Control Delays. Retrieved from http://oai.dtic.mil/oai/oai?verb=getRecord8metadataPrefix=html8identifier=ADA454251.Google Scholar
- Eddy Deligne. 2012. ARDrone corruption. J. Comput. Virol. 8, 1--2 (2012), 15--27. Google ScholarDigital Library
- Dorothy E. Denning and Peter F. MacDoran. 1996. Location-based authentication: Grounding cyberspace for better security. Comput. Fraud Secur. 1996, 2 (1996), 12--16. Google ScholarCross Ref
- Kurt Dietrich and Johannes Winter. 2009. Implementation aspects of mobile and embedded trusted computing. In Proceedings of Trusted Computing, Liqun Chen, Chris J. Mitchell, and Andrew Martin (Eds.). Springer, 29--44. Google ScholarDigital Library
- Donna A. Dulo. 2015. Unmanned aircraft: The rising risk of hostile takeover. IEEE Technol. Soc. Mag. 34, 3 (2015), 17--19. Google ScholarCross Ref
- Noam Eshel. 2015. A mini UAV becomes a suicide drone. Retrieved from http://aviationweek.com/paris-air-show-2015/mini-uav-becomes-suicide-drone-0.Google Scholar
- FAA.gov. 2015. Next Generation Air Transportation System (NextGen). Retrieved from https://www.faa.gov/nextgen/.Google Scholar
- FAA.gov. 2016. FAA special airworthiness certificate. Retrieved from https://www.faa.gov/aircraft/air_cert/airworthiness_certification/sp_awcert/.Google Scholar
- Michelle S. Faughnan, Brian J. Hourican, G. Collins MacDonald, Megha Srivastava, J. A. Wright, Yacov Y. Haimes, Eva Andrijcic, Zhenyu Guo, and James C. White. 2013. Risk analysis of unmanned aerial vehicle hijacking and methods of its detection. In Proceedings of the IEEE Systems and Information Engineering Design Symposium. IEEE, 145--150. Google ScholarCross Ref
- Stephen George. 2015. FAA Unmanned Aircraft Systems (UAS): cyber security initiatives. (2015). Retrieved from http://csrc.nist.gov/groups/SMA/ispab/documents/minutes/2015-02/2015-feb_george-ispab.pdf.Google Scholar
- Kim Gittleson. 2014. Data-stealing Snoopy drone unveiled at Black Hat - BBC News. Retrieved from http://www.bbc.com/news/technology-26762198.Google Scholar
- Song Han, Miao Xie, Hsiao-Hwa Chen, and Yun Ling. 2014. Intrusion detection in cyber-physical systems: Techniques and challenges. IEEE Syst. J. 8, 4 (2014), 1049--1059.Google Scholar
- Klaus Hartmann and Christoph Steup. 2013. The vulnerability of UAVs to cyber attacks-an approach to the risk assessment. In Proceedings of the 5th International Conference on Cyber Conflict. IEEE, 1--23.Google Scholar
- Kelly Hodgkins. 2015. Anti-drone shoulder rifle lets police take control of UAVs with radio pulses. (2015). Retrieved from http://www.digitaltrends.com/cool-tech/battle-innovations-anti-drone-gun/.Google Scholar
- Graeme Horsman. 2016. Unmanned aerial vehicles: A preliminary analysis of forensic challenges. Dig. Invest. 16 (2016), 1--11. Google ScholarDigital Library
- Andrew J. Kerns, Daniel P. Shepard, Jahshan A. Bhatti, and Todd E. Humphreys. 2014. Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31, 4 (2014), 617--636. Google ScholarDigital Library
- Siddhartha Khaitan and James D. McCalley. 2015. Design techniques and applications of cyberphysical systems: A survey. IEEE Syst. J. 9, 2 (June 2015), 350--365. Google ScholarCross Ref
- Dong-Sung Kim, Young Sam Lee, Wook Hyun Kwon, and Hong Seong Park. 2003. Maximum allowable delay bounds of networked control systems. Contr. Eng. Pract. 11, 11 (2003), 1301--1313. Google ScholarCross Ref
- David Kovar. 2015. Forensic analysis of sUAS (aka) drones. In Digital Forensics and Incident Response Summit (1st ed.). Retrieved from https://files.sans.org/summit/Digital_Forensics_and_Incident_Response_Summit_2015/PDFs/ForensicAnalysisofsUASakaDronesDavidKovar.pdf.Google Scholar
- Tomáš Krajník, Vojtěch Vonásek, Daniel Fišer, and Jan Faigl. 2011. AR-drone as a platform for robotic research and education. In Research and Education in Robotics-EUROBOT. Springer, 172--186. Google ScholarCross Ref
- Legal Information Institute. 2016. Fourth Amendment. Retrieved from https://www.law.cornell.edu/wex/fourth_amendment.Google Scholar
- Leszek T. Lilien, Lotfi Ben Othmane, Pelin Angin, Andrew DeCarlo, Raed M. Salih, and Bharat Bhargava. 2014. A simulation study of ad hoc networking of UAVs with opportunistic resource utilization networks. J. Netw. Comput. Appl. 38 (2014), 3--15. Google ScholarDigital Library
- Sharon Lozano. 2016. First steps toward drone traffic management. Retrieved from http://www.nasa.gov/feature/ames/first-steps-toward-drone-traffic-management.Google Scholar
- Katrina Mansfield, Timothy Eveleigh, Thomas H. Holzer, and Shahryar Sarkani. 2013. Unmanned aerial vehicle smart device ground control station cyber security threat model. In Proceedings of the IEEE International Conference on Technologies for Homeland Security. IEEE, 722--728. Google ScholarCross Ref
- Douglas M. Marshall, Richard K. Barnhart, Eric Shappee, and Michael Thomas Most. 2015. Introduction to Unmanned Aircraft Systems. CRC Press.Google Scholar
- Donald McCallie, Jonathan Butts, and Robert Mills. 2011. Security analysis of the ADS-B implementation in the next generation air transportation system. Int. J. Crit. Infrastruct. Protect. 4, 2 (2011), 78--87. Google ScholarCross Ref
- Nils Melzer. 2013. Human Rights Implications of the Usage of Drones and Unmanned Robots in Warfare. European Parliament’s Subcommittee on Human Rights.Google Scholar
- Alfred J. Menezes, Scott A. Vanstone, and Paul C. Van Oorschot. 1996. Handbook of Applied Cryptography (1st ed.). CRC Press, Inc., Boca Raton, FL. Google ScholarDigital Library
- Robert Mitchell and Ray Chen. 2014. Adaptive intrusion detection of malicious unmanned air vehicles using behavior rule specifications. IEEE Trans. Syst. Man Cybernet.: Syst. 44, 5 (2014), 593--604. Google ScholarCross Ref
- Yilin Mo and Bruno Sinopoli. 2010. False data injection attacks in control systems. In Proceedings of the 1st Workshop on Secure Control Systems.Google Scholar
- Fihri Mohammed, Ahmed Idries, Nader Mohamed, Jameela Al-Jaroodi, and Imad Jawhar. 2014. UAVs for smart cities: Opportunities and challenges. In Proceedings of the International Conference on Unmanned Aircraft Systems. IEEE, 267--273. Google ScholarCross Ref
- Dieter Moormann. 2015. DHL parcelcopter research flight campaign 2014 for emergency delivery of medication. In Proceedings of the ICAO RPAS Symposium.Google Scholar
- NASA. 2013. NASA - Helios. Retrieved from http://www.nasa.gov/centers/dryden/news/ResearchUpdate/Helios/.Google Scholar
- BBC News. 2014. Pentagon to use drones to create remote wi-fi hotspots. Retrieved from http://www.bbc.com/news/technology-27019389.Google Scholar
- NoFlyZone. 2016. NoFlyZone.org. Retrieved from https://www.noflyzone.org/about.Google Scholar
- Pierluigi Paganini. 2015a. A hacker developed Maldrone, the first malware for drones. Retrieved from http://securityaffairs.co/wordpress/32767/hacking/maldrone-malware-for-drones.html.Google Scholar
- Pierluigi Paganini. 2015b. ZigBee-sniffing drone used to map online Internet of Things. Retrieved from http://securityaffairs.co/wordpress/39143/security/drone-internet-of-things.html.Google Scholar
- Albert Rango, Andrea Laliberte, Caiti Steele, Jeffrey E. Herrick, Brandon Bestelmeyer, Thomas Schmugge, Abigail Roanhorse, and Vince Jenkins. 2006. Using unmanned aerial vehicles for rangelands: Current applications and future potentials. Environ. Pract. 8, 03 (2006), 159--168. Google ScholarCross Ref
- Theodore Reed, Joseph Geis, and Sven Dietrich. 2011. SkyNET: A 3G-enabled mobile attack drone and stealth botmaster. In Proceedings of the 5th USENIX Conference on Offensive Technologies. 28--36. Google ScholarDigital Library
- J. E. Reich. 2015. Guards are battling contraband-smuggling drones at US prisons. Retrieved from http://www.techtimes.com/articles/104020/20151106/drones-prisons-guards.htm.Google Scholar
- Michael Robinson, Kevin Jones, and Helge Janicke. 2015. Cyber warfare: Issues and challenges. Comput. Secur. 49 (2015), 70--94. Google ScholarDigital Library
- Lea Rosen. 2013. Drones and the digital panopticon. XRDS 19, 3 (March 2013), 10--10. Google ScholarDigital Library
- Krishna Sampigethaya, Radha Poovendran, Sudhakar Shetty, Terry Davis, and Chuck Royalty. 2011. Future e-enabled aircraft communications and security: The next 20 years and beyond. Proc. IEEE 99, 11 (Nov 2011), 2040--2055. Google ScholarCross Ref
- Daniel P. Shepard, Jahshan A. Bhatti, Todd E. Humphreys, and Aaron A. Fansler. 2012. Evaluation of smart grid and civilian UAV vulnerability to GPS spoofing attacks. In Proceedings of the Institute of Navigation GNSS Meeting, Vol. 3.Google Scholar
- Yunmok Son, Hocheol Shin, Dongkwan Kim, Youngseok Park, Juhwan Noh, Kibum Choi, Jungwoo Choi, Yongdae Kim, and others. 2015. Rocking drones with intentional sound noise on gyroscopic sensors. In Proceedings of the 24th USENIX Conference on Security Symposium. USENIX Association, 881--896. Google ScholarDigital Library
- Mohammad Tehranipoor and Farinaz Koushanfar. 2010. A survey of hardware trojan taxonomy and detection. Des. Test Comput. 27, 1 (Jan 2010), 10--25. Google ScholarDigital Library
- T. U. Delft. 2014. TU Delft’s ambulance drone drastically increases chances of survival of cardiac arrest patients. Retrieved from http://www.tudelft.nl/en/current/latest-news/article/detail/ambulance-drone-tu-delft-vergroot-overlevingskans-bij-hartstilstand-drastisch/.Google Scholar
- Tavish Vaidya and Micah Sherr. 2015. Mind your (R,Φ)s: Location-based privacy controls for consumer drones. In Security Protocols XXIII(LNCS), Bruce Christianson, Petr Švenda, Vashek Matyáš, James Malcolm, Frank Stajano, and Jonathan Anderson (Eds.), Vol. 9379. Springer, 80--90. Google ScholarDigital Library
- Nick Valencia and Michael Martinez. 2015. Drone carrying drugs crashes south of U.S. border. (2015). Retrieved from http://www.cnn.com/2015/01/22/world/drug-drone-crashes-us-mexico-border/.Google Scholar
- Peter VAN Blyenburgh. 2003. Furthering the Introduction of UAVs/ROA Into Civil Managed Airspace. Technical Report. DTIC Document.Google Scholar
- John Villasenor. 2014. Drones and the future of domestic aviation {Point of view}. Proc. IEEE 102, 3 (2014), 235--238. Google ScholarCross Ref
- Matthew Waller, Zachary Williams, Jason E. Lueg, and Stephen A. LeMay. 2008. Supply chain security: An overview and research agenda. Int. J. Logist. Manag. 19, 2 (2008), 254--281. Google ScholarCross Ref
- Hengqing Wen, Peter Yih-Ru Huang, John Dyer, Andy Archinal, and John Fagan. 2005. Countermeasures for GPS signal spoofing. In Proceedings of the Institute of Navigation GNSS Meeting. 13--16.Google Scholar
- Kyle Wesson and Todd Humphreys. 2013. Hacking drones. Sci. Am. 309, 5 (2013), 54--59. Google ScholarCross Ref
- Martyn Williams. 2015. NEC’s surveillance system will detect, track drones. (2015). Retrieved from http://www.pcworld.com/article/2990525/necs-surveillance-system-will-detect-track-drones.html.Google Scholar
- Marko Wolf. 2009. Security Engineering for Vehicular IT Systems. Vieweg+Teubner Research. Google ScholarDigital Library
- Jongho Won, Seung-Hyun Seo, and Elisa Bertino. 2015. A secure communication protocol for drones and smart objects. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, 249--260. Google ScholarDigital Library
- Allen D. Wu, Eric N. Johnson, Michael Kaess, Frank Dellaert, and Girish Chowdhary. 2013. Autonomous flight in GPS-denied environments using monocular vision and inertial sensors. J. Aerospace Inform. Syst. 10, 4 (2013), 172--186. Google ScholarCross Ref
- Qiang Xu, Rong Zheng, Walid Saad, and Zhu Han. 2016. Device fingerprinting in wireless networks: Challenges and opportunities. IEEE Commun. Surv. Tutor. 18, 1 (2016), 94--104. Google ScholarCross Ref
- Xiaohua Zhai, Jian’an Liu, Zhengzai Qian, and Gongcai Xin. 2010. Research on UAV degrade control system under sensor fault state. In Proceedings of the 2nd WRI Global Congress on Intelligent Systems, Vol. 2. IEEE, 20--23. Google ScholarDigital Library
Index Terms
- Security, Privacy, and Safety Aspects of Civilian Drones: A Survey
Recommendations
Drones and Privacy
Drones, also referred to as UAV's Unmanned Aerial Vehicle, are an aircraft without a human pilot. Drones have been used by various military organisations for over a decade, but in recent years drones a have been emerging more and more in commercial and ...
A survey on security and privacy issues of UAVs
AbstractIn the 21st century, the industry of drones, also known as Unmanned Aerial Vehicles (UAVs), has witnessed a rapid increase with its large number of airspace users. The tremendous benefits of this technology in civilian applications ...
Automatic Control for Aerobatic Maneuvering of Agile Fixed-Wing UAVs
The use of unmanned aerial vehicles (UAVs) has become ubiquitous in a broadening range of applications, including many civilian uses. UAVs are typically categorized into two categories: conventional fixed-wing aircraft, which are associated with ...
Comments